Deep link search by UUID does not work across vaults

Options
boris2339
boris2339
Community Member
edited April 2021 in Mac

In this support thread it is stated that onepassword://search/uuid should deep link to a particular item.

https://1password.community/discussion/74868/url-scheme-for-specific-items-item-links

Where is the documentation for onepassword:// URL scheme? I could not find it. What are other things I can do with the URL scheme? Can I specify a vault of interest?

When I try using onepassword://search/t3tlbwql5lvctgksrjnamiffvm, it is not working if the last vault I viewed was not the vault in which the item is. Furthermore, clicking on the correct vault clears the search, so I can't find the item.

1Password Version: 7.7
Extension Version: Not Provided
OS Version: OS X 10.15.7
Sync Type: Not Provided
Referrer: forum-search:Deep link search by UUID doesn't work across vaults

Comments

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    Hi @boris2339!

    I am not aware of documentation about this, but I have sent your question to the team in case someone knows something more :) We will post back here as soon as we have an update.

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    @boris2339:

    One of my colleagues suggested to share this documentation page with you:

    Use item links to help others find shared items

    In the thread you linked, this feature was not available back then, but it is now, and it sounds like this might be helpful for what you are trying to do.

  • boris2339
    boris2339
    Community Member
    edited April 2021
    Options

    Thank you, that was helpful. I also observed that this works:

    onepassword://open/i?a=ACCOUNT&v=VAULT&i=ITEM&h=HOST

    These query parameters are exactly the ones returned by "Copy Link" function in the shared documentation. However, the meaning of the parameters I had to guess, because there's no documentation on the specifics.

    Could we please get some explicit documentation on this, so that we don't have to guess?

  • Ben
    Ben
    Options

    I'll certainly pass that suggestion along to the team, @boris2339. :)

    Ben

  • boris2339
    boris2339
    Community Member
    edited April 2021
    Options

    One more thing: navigating to the Shared Link does two things: (a) displays a 1-password login page, and (b) triggers opening of the link by navigating browser to onepassword:// URL. It would be good to have a link-share functionality that only does (b), but not (a). Opening a new browser tab just to view a link, a tab that a user does not intend to use, is a bad UI.

    Also, getting people to login at the web-browser upon clicking a link is a recipe for a fishing attack to steal their master password.

  • Ben
    Ben
    Options

    @boris2339

    I'm not seeing that on my end. When I open a link like onepassword://open/i?a=ACCOUNT&v=VAULT&i=ITEM&h=HOST it opens the 1Password app directly, without any web browser involvement. If instead you're referring to the https:// links — this is necessary to account for folks who do not have the 1Password apps installed.

    Ben

  • boris2339
    boris2339
    Community Member
    Options

    I see. Then I suggest adding a parameter to the https:// link that indicates that user has the 1Password app installed already.

  • boris2339
    boris2339
    Community Member
    Options

    Link sharing of passwords is done only in multi-user corporate environment, where employees have access to the same vault. All the users therefore will have 1Password installed.

  • Ben
    Ben
    Options

    Link sharing of passwords is done only in multi-user corporate environment, where employees have access to the same vault. All the users therefore will have 1Password installed.

    Respectfully this is simply not the case. Not all use-cases for link sharing are in corporate environments, and not all environments utilize the desktop/mobile apps (some use the 1Password.com web app and/or the 1Password browser extension exclusively).

    I see. Then I suggest adding a parameter to the https:// link that indicates that user has the 1Password app installed already.

    There is no way for the app that is creating the link to know if the person who receives the link will have the app installed on any given device.

    Ben

  • boris2339
    boris2339
    Community Member
    edited April 2021
    Options

    I understand. We use JIRA at our company, and we need to include links to passwords in JIRA tickets. We can advise all our staff to manually add a suffix to such URLs. For example, we can tell them to add &app=1 to the end of a URL.

    We could host our own service at 1password.example.com to do the redirect to onepassword:// scheme, however it would be more work for the staff to edit the domain name of the URL from start.1password.com to 1password.example.com. Merely adding a suffix is simpler, in my view.

  • ag_ana
    ag_ana
    1Password Alumni
    Options

    @boris2339:

    Understood, and thank you for the feedback here!

This discussion has been closed.