1Password for Mac API
I am interested in the possibility of a 1Password API. Even though it seems like this would pose a threat to the users' security, remember that not only do you already have an iOS SDK, but also your keychain format is open-source so any application with the password could still access the keychain, anyways. This API could be in the form of AppleScript, Automator actions, a CLI, etc. This would encourage developers (like me) to make Mac apps using 1Password in addition to iOS apps. I believe that I am not alone in this. I have found threads about this since 1Password 3. Please consider this.
1Password Version: 5.4 Mac App Store
Extension Version: N/A
OS Version: OS X 10.11.2
Sync Type: N/A
Referrer: forum-search:1Password for Mac API
Comments
-
remember that not only do you already have an iOS SDK, but also your keychain format is open-source so any application with the password could still access the keychain, anyways.
@Coder256: I think that's a bit of a mischaracterization. While the format is open, the Master Password is needed to decrypt the encryption keys and, in turn, the database itself.
Additionally, iOS is heavily sandboxed, so even while an app can call the 1Password extension, it can't see either user input or the data itself. This is similar to how apps can call Touch ID, but none have access to the fingerprint data stored in the secure element: it leaves neither the dedicated internal hardware nor the device itself...which of course is why I have to setup Touch ID and Apple Pay from scratch every time I do a restore (ugh, lol).
I won't say "never", but with the move to OPVault it isn't possible to share even overview data (title, URL, etc.) as all data is encrypted...and I can't imagine that people would want to have their decrypted data handed over to other apps.
Now, you haven't actually said what you're trying to do in the first place, so that might make a difference. And who knows? Maybe Apple will make a robust extension API that 1Password can use on OS X to allow apps to integrate it. :)
0 -
While the format is open, the Master Password is needed to decrypt the encryption keys and, in turn, the database itself.
@brenty: Yes, applications do need the master password to access the keychain, but so does 1Password itself. If you would like, any API requests could require authorization (for example, a dialog pops up prompting the user for confirmation).
I would like to use said possible API to automate some of my work (maybe using passwords with workflows, etc.).And who knows? Maybe Apple will make a robust extension API that 1Password can use on OS X to allow apps to integrate it. :)
In my opinion, they already have. Check out the Automator and especially AppleScript APIs.
0 -
Greetings @Coder256,
We do consider every request but I don't want to give you any false hope, such a feature will likely not be high up the list given the potentially limited audience of said feature. I have no doubt those people would love it but one of the factors we account for when having to make the tough decisions of where to focus our time is how many would benefit.
For example, I know from many discussions I've personally had with users that I'd like to see some time dedicated to 1Password to help users who struggle visually, maybe relying on VoiceOver. I'm sure it would be disappointing to hear but I'd argue for better accessibility over an API if it were to come down between the two for example. That isn't to say that you wouldn't like to see 1Password being more accessible for others too of course.
It's a small team who do some wonderful work but it does mean tough choices are sometimes needed as to where to focus their efforts. Being developers I'm sure they like the idea of APIs in general which is why there's somebody to keep them focussed on what will benefit the majority of our users.
This isn't a no, just that it probably won't be in the near future.
0 -
@littlebobbytables, I see what you are saying and I would totally agree that improving accessibility is a higher priority than this. I just wanted to suggest this feature. Take your time implementing it.
0
