Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Azure container app provisioning not working
It used to work on 2.9.6 version. But it broke aswell after a couple of months. I read somewhere that the version needs to be up-to-date to have the provisioning work. Now after upgrading to 2.9.9 the SCIM bridge site is all green but no information is being brought in to 1password. I tried to search for a fix but I just cant figure out what the problem is.
Single login in tiled-terminal session
We use 1password-cli to identify when logging into a remote machines through linux bash terminals. We now have multiple remote machines that we want to login simultaneously and perform the same (or similar) commands. Tmux (or other like terminator) are ideal for that since we can create a tiled-window, and synchronize all panes. However, currently the issues is, if we want to login onto multiple machines, I have to type the password into the GUI-pop-up from 1password once per remote machine. Is there a way to create a tiled login from a single-tmux-session with a single login? I guess it would require some persisting of the login state / environment? But it is unclear now how this is handled by the terminal. Thanks in advance. Best, Lukas
1Password CLI Docker Image Update for Vulnerabilities
I've been working on a minified Ubuntu base image with 1Password CLI pre-installed so I can use it as a base for some homelab projects. The only thing is I'm not able to resolve some of the vulnerabilities present in the final image because they are introduced by 1Password CLI's use of older versions of Golang / modules in Golang. Will the CLI be updated? Ideally it would be great for the official 1Password CLI docker image could be auto updated... As detected by Docker Scout, the latest 1Password CLI has these vulnerabilities, all of which are fixable with updates: CVE-2024-45337, CVE-2024-45338, CVE-2024-45341, CVE-2024-45336, CVE-2025-22866
CLI hangs when requesting items
the cli had been working without issues for a while but about a day ago it began to indefinitely hang when fetching an item. When I run: op item get XXX --otp --debug I get: 9:35AM | DEBUG | Session delegation enabled 9:35AM | DEBUG | NM request: NmRequestAccounts 9:35AM | DEBUG | NM response: Success 9:35AM | DEBUG | NM request: NmRequestAccounts 9:35AM | DEBUG | NM response: Success 9:35AM | DEBUG | account not signed in, filter=XXXX latest_signin_user=XXXXXXXXXX 9:35AM | DEBUG | not signed in reason: session file not found 9:35AM | DEBUG | NM request: NmRequestAccounts 9:35AM | DEBUG | NM response: Success 9:35AM | DEBUG | NM request: NmRequestAuthorization 9:35AM | DEBUG | NM response: Success 9:35AM | DEBUG | NM request: NmRequestAccounts 9:35AM | DEBUG | NM response: Success 9:35AM | DEBUG | NM request: NmRequestDelegatedSession and it just hangs there. Any idea of what could be wrong here? 1Password Version: 8.10.3 (81003012) Extension Version: 2.15.0 OS Version: macOS 13.2.1 (22D68) Browser:_ zsh
Forwarding biometric auth?
I have the following use case: I have an SSH connection open from a machine that's running 1Password to a Linux machine where I want to use the 1Password CLI tool. Is there any way to make `op signin` trigger biometric authentication back to the machine I'm initiating the SSH from? Basically I want functionality similar to ssh-agent, but for my 1Password vault. I'd be willing to write some code to enable this if it's something that the API supports.1Password with IntelliJ IDEA and AWS ToolKit
Hi there, I have setup the AWS 1Password cli extension and it works like charm. Thanks for this awesome tool which makes my developer day more productive and more secure! I am using IntelliJ IDEA and the AWS toolkit plugin for it to connect to my instances. However, the plugin seems not to pickup the 1Password extension and fails to load the profiles which are tied to 1Password. Could you elaborate on how to make an integration possible? This could help a lot of users as this plugin is very popular among IntelliJ users. Cheers!Rails integration
Hi, I've been reading today about how you can integrate 1Password with Rails Kamal. Can I integrate 1Password with the regular Rails Credentials file? If so, is there any documentation for this? 1Password Version: Not Provided Extension Version: Not Provided OS Version: Not Provided Browser: Not Provided
'--reveal' what am I missing here
I've got a few helper scripts that fetch details out of my 1Password via the op cli tool and put them into variables and command lines and the like. I have never, until today apparently, been required to use the '--reveal' flag for the contents returned from a get operation on a password field to actually be the password but today the resulting stdout value from any call I make to op item get <item name> --fields password returns this string [use 'op item get <long hash> --reveal' to reveal] which is categorically not my password, much to my surprise I assure you. What is the purpose of being able to "get" the field at all if you're not returning the contents of the field? $ op item get <redacted> --fields password [use 'op item get <redacted hash> --reveal' to reveal] $ echo $? 0 $ op item get <redacted> --fields password --reveal <redacted actual password> $ echo $? 0 If you're going to lean into this particular piece of security theater, then anything requiring the '--reveal' flag that would intuitively AND PREVIOUSLY have produced the actual contents of the field on stdout needs to exit on an error code when you non-intuitively decline to return the actual contents of the field so it's clear there's a problem that needs to be investigated. There was no indication I was being fed a throw away informational string until I debug echo'd the string value and saw with my eyes like a savage, sadly after I had locked myself out of my VPN for an hour, much appreciated for that. Really though, what are we even doing here? I had to authenticate to get access to the field. It's not like you're double verifying my identity when I append --reveal to the command line. I'm authorized to have the contents of the field or I'm not, that's the security model, right? So what, as the title says, am I missing here? 1Password Version: 8.10.40 Extension Version: 2.30.0 OS Version: macOS 14.6.1 Browser: n/a
Can't connect to 1password from Raycast
If I don't have the 1password app open at the same time, the Raycast extension doesn't want to connect an authenticate. It either keeps on trying to Authenticate forever, or it tells me to update the app (which I have), or it tell me something about context window exceded. The cli is also up to date.
Security concern with allowing Terminal complete access to my 1P account via op CLI
I have a shell script that uses 1Password secret reference: export EXAMPLE_API_KEY=$(op read "op://Vault-Name/Example API Token/Specific-Token/Token") But when it's loaded, I have to authorise the terminal/shell to have access to it (see screenshot) My concern is that it's giving the terminal/shell access to my entire account and all vaults within it when I only want to provide it with access to one entry within a single vault. What happens if I had a malicious script installed that scans for 1Password secret references across multiple files? The script might not be able to identify the "account" but it just needs the vault names. Then it can start to build up common names for identifying secrets stored within 1Password and try requesting them, and if I've already authorised the terminal/shell I won't see a popup notification and so the script would be free to access the secrets. Initially, I moved any secrets I use for development work into a separate vault, which I thought would help when it came to the terminal/shell requiring access via a 1Password secret reference because it would only have access to that specific vault (reducing the blast radius) but that's when I noticed it wasn't getting access to just the vault but the entire account. I'm not sure how much of an issue people think this is but it worries me. 1Password Version: 8.10.40 Extension Version: Not Provided OS Version: macOS 15.1 Browser: Chrome
