regarding the syntax of secret references, would it be possible to support more special characters?

usergp
usergp
Community Member
edited July 2022 in CLI

I don't know about others, but I like to use a naming scheme to name the items in my vault, and that naming scheme uses some special characters. the special characters give some semantic meaning to the name (e.g. role:professional[manager].account:mycompany[myteam], or prsn:my.role:personal.account:gpg.item:key[0xjf9089hf4f43]). this helps with organization and lookup.

the problem is: I'm a developer and use the op cli, and would like to be able to reference vault items by name using 1Password's secret references syntax in my configurations and other places, and be able to inject the real values at run time using op read, op inject and op run, but I find myself unable to do so and have to resort to using their ID instead.

I think the reason I cannot reference the items by name is that, currently, only the following special characters are supported by the secret reference syntax:

  • dash -
  • underscore _
  • period .
  • whitespace

(https://developer.1password.com/docs/cli/secrets-template-syntax/#secret-references)

Is that true ? Is there currently a way around this ? Else, my question is: would it be possible to have any of the following other special characters supported ?

  • one bracket pair supported (e.g. [ and ], or < and >, or { and }, or all of them)
  • colons : or semi-colons ;
  • question marks ?

Or maybe would it be possible to give us some way of escaping them or encoding them (like for url encodings: %5Bword%5D for [word], etc.) ?

thank you for this great application :)


1Password Version: 8.8.0
Extension Version: Not Provided
OS Version: macOS 12.3.1
Browser:_ Chrome
Referrer: forum-search:regarding the syntax of 1password secret references, would it be possible to support some special characters other than dash -, underscore _, and period . ?

Comments

  • Hi @usergp, thanks for your feedback! Indeed we do not support a vast range of characters in our secret references. I have a filed an internal issue for being able to escape these proposed characters in secret references. Do keep up to date!

    All the best,
    Andi

  • binarynomad
    binarynomad
    Community Member
    edited August 2022

    @andi.t_1P I VERY MUCH want to +1 this, I extensively use ( ) in my 1Password Vault items (in both the TITLE, and in FIELD NAMES) to give context. for example, I keep getting errors on this like this message:

    [ERROR] 2022/08/17 10:46:01 invalid secret reference 'op://Personal/Digitalocean (jdoe@email)/laptop-cli (2015-05-25)': invalid character in secret reference: '('

    The support of additional characters would be very beneficial. Currently my only work arounds are to either:
    1. Edit ALL my entries in 1Password (of which I have 1000's) and remove the ( ) on the ones I want to access from the CLI
    2. Create a separate vault and duplicate all the entries I wish to access via the CLI with the modified TITLE and FIELD_NAMES

  • Thanks for the input! We will take this into account. We'd like for the secret reference syntax to allow for all these characters as long as they are escaped by quotes, which was historically used only for escaping a few characters, e.g. whitespace.

    All the best,
    Andi

  • unrob
    unrob
    Community Member

    Would also like to see additional characters allowed into the ecosystem (for example, in the vault-1password-connect-plugin: https://github.com/unRob/vault-plugin-secrets-onepassword/pull/1/files#diff-d474735ae3f89625e3e23b487f97fc5b878853a513a6b30122edc6f3a51f353eR19).

  • Hi @unrob:

    Thanks for your feedback (and your PR) on this!

    Jack

This discussion has been closed.