Secrets Automation Clarification

Matt57
Matt57
Community Member
in Secrets Automation

Hello,

I'm new to developing anything with 1Password so forgive me if this is a question that's been asked a lot. I'm looking for an existing 1Password API that I can connect to and gain access to my vaults and passwords. The flow would be something like this:

  1. Program connects to 1Password API endpoint for authorization. This endpoint would be a REST endpoint that would take a username, password, and maybe some other bits of information and then generate some kind of Access Token.
  2. Once the program has this access token it can then be used to connect to vaults and get passwords. The access token is good for X amount of minutes before it expires.

Is this what Secrets Automation is? I'm very confused by this because the documentation basically says the user would have to manually generate an access token that is only good for 30, 90, or 180 days. Is there some way to automate this?

Thanks

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: Not Provided
Referrer: forum-search:api

Comments

  • David_ag
    David_ag

    Hello! These are great questions. Let me try answering them:

    Accessing 1Password with Connect & Secrets Automation

    You're close! You don't talk directly to 1Password - that's what the Connect server is for. Connect is an intermediary that lives in your infrastructure and takes care of the E2E encryption bits. The Connect Server exposes several REST endpoints that your applications call when you want to access secrets in your vaults.

    You're spot on about how the token is used.

    Token lifetime

    Yes, right now you need to manually generate a new access token if the token you are using has a set expiration. You can choose to create long-lived tokens by not setting any expiration, in which case you'll need to revoke the token to cut off access.

    Automated token refresh is something we're looking at, and we'll make note of your interest.

    Does that answer your question?

  • Matt57
    Matt57
    Community Member

    That answers my question. Thank you very much! :)

  • ag_tommy
    ag_tommy

    :+1: We're here if you have more. :chuffed:

This discussion has been closed.