Thirdy-Party 1Password Integration

gottadoit2004
gottadoit2004
Community Member
in Mac

I saw the read entitled "1Password for Mac API" and the thread is closed so I could not post there.

I trust 1Password deeply. I originally thought the product was overpriced but have since seen it as a tremendous value and it is.

1Password has very good multi-platform web browser integration, I use macOS Sierra and it works with Firefox; Chrome; Safari; and Opera, perhaps others, but extremely impressive. I use it for secure notes, software license information and my web passwords.

Apple is doing strange things with The Cloud in it's last few OS versions. I don't even know if my Apple keychain is also stored in the Cloud. I DO NOT WISH IT TO BE.

Fact is, I no longer trust Apple with my passwords though I am forced to for it's applications (Apple Mail for example) and in some other third party software that use their keychain framework.

While you are a small company with a user driven priority list for development I ** REALLY ** wish you would provide a third-party API for integration with other non-Apple Mac applications.

As a former developer of long standing I do not see much technical difficulties or complexities involved in providing such an API. You could open a socket to the helper app and have the third-party API prompt for and provide the master password to a separate vault owned by the app vendor (but stored by you) and if successful, have it return the indicated information as an XML or JSON message down the socket. You could issue specific strong passwords needed by the third party APP that would give access to that APP vendor's vault, backing off between successive retries so no brute force attacks are possible.

Please tell me what I fail to understand. I think it would be an additional selling point for your software for other products to be integrated with 1Password just as you (and other software vendors) integrate with Dropbox by I assume an API. I also believe other end-users of Apple products are leary of Apple's keychain (those that are aware of it).

Thanks for your time and consideration.

1Password Version: 6.5.2 (652003)
Extension Version: Not Provided
OS Version: macOS Sierra 10.12.1
Sync Type: Not Provided

Comments

  • pervel
    pervel
    Community Member

    Just a note on the Apple Keychain in the cloud. You can control that yourself under System Preferences > iCloud. Untick the box next to Keychain.

  • gottadoit2004
    gottadoit2004
    Community Member

    Thank you very much, I appreciate it.

  • Drew_AG
    Drew_AG
    1Password Alumni

    Hi @gottadoit2004,

    Thank you for taking the time to send us your request & thoughts about a 1Password API for interacting with other Mac apps!

    We would also like to make it easier to use 1Password with other Mac apps, and we've been hoping Apple would provide an API similar to the extension system they have on iOS which allows third party apps to communicate with each other in a secure manner. That would make things much simpler for us! ;) Unfortunately that hasn't happened yet.

    It's not impossible for us to come up with a way to do that on our own, but it's not as easy as it might seem. It would require significant resources over a period of time, which means less resources & time being put into other areas that our developers are currently working on. So although I can't make any promises one way or the other about if/when we might be able to provide such an API, I can certainly let our developers know you'd be very interested in that.

    Thanks again for sharing your thoughts about that, we truly appreciate it! If you need anything else, don't hesitate to let us know - we're here for you. :)

  • zero_shane
    zero_shane
    Community Member

    +1

    We subscribe to the philosophy of CI/CD, Automated "Infrastructure as Code", and heavily use APIs to manage and orchestrate complex changes. Part of that process requires creating "secrets" and information that needs to be shared with humans, but we are currently manually managing this. In larger complex and automated QA build environments - this simply isn't possible with manual intervention.

    We are seeking another solution that provides all of the great capabilities that 1password currently has - but add the ability to create "service accounts" ("actors") that can manipulate specific vaults. Then these Service Accounts/Actors can dynamically add/update/delete credentials as automation creates secrets that should be recorded.

    I realize that part of the fundamental design architecture of 1password with private and public key pairs makes this tricky to approach - but I suspect it's a feature that would catapult your feature set well ahead of many of the other solutions out there.

  • Drew_AG
    Drew_AG
    1Password Alumni

    Thanks for your feedback! I noticed you posted this same message in another thread, and I just responded to it there: https://discussions.agilebits.com/discussion/comment/348008/#Comment_348008

    If you need anything else, we're here for you! :)

This discussion has been closed.