Allow excluding specific users/groups from Item Sharing restrictions

jutley
jutley
Community Member
in Business and Teams

In the Item Sharing policies, there's a place to limit what email domains you can share to. This is a great option, but we'd also like to have the ability to allow certain users to be excluded from these limitations.

Our use case is pretty simple. We have built an automated API key rotation routine that uses the op CLI and a service account to share the new API key to the person who needs it. The problem is, we often need to share these to people outside our organization. Of course, we could simply add the domains into the list, but that's a manual step prone to be forgotten, and as far as I know, there's no API that can automate adding them. And once you have to add the big domains like GMail into the list, the restrictions become much less useful when applied globally.

Is there a way we can specify specific users to bypass these restrictions, while keeping them in place for others?

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

Comments

  • ag_tommy
    ag_tommy
    edited August 23

    @jutley

    No, there is no option like the one you described. All that comes to in in one of the other options in that section. But they may not meet your needs. I am not aware of any work in this area. I'd be happy to file a feature request on your behalf.

    ref: PB-41827626