Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Request for feedback: DMNO 1Password integration - env var/configuration tooling
Hello! TL;DR - If you've ever wanted to use secrets from 1Password in your JavaScript/TypeScript project without the hassle of writing custom scripts then check out our 1Password Plugin. We launched DMNO early this year and we've been continuously expanding our list of plugins and integrations. We're particularly proud of the 1Password plugin because it makes it very easy to retrieve secrets stored in 1Password and use them in your applications with minimal code. In addition to using values stored in 1Password, our plugin gives you: Coercion and validation Leak detection and prevention Log redaction and domain allow/deny lists for individual items Flexible storage in 1Password, from a single .env style blob to individual items Full TypeScript features including detailed IntelliSense docs and autocomplete Drop-in integrations for Remix, Next.js, Astro, Vite, and Node.js Best of all, it's completely free and open source. We'd love for other 1Password users to try it out. If there's a feature you want, we can probably add it for you and your team.
Feature request - general encryption utilities
As a builder of dev tools dealing with sensitive data (see https://dmno.dev), sometimes I need to encrypt/decrypt arbitrary data in a local cache. Currently I have to store a key somewhere, which is usually a file sitting somewhere else on disk - obviously not that secure... It would be really cool if I could rely on the user's local 1Password app for that instead. I would imagine this would look like the CLI and SDK (eventually) providing arbitrary `encrypt` and `decrypt` methods, which interact with the user's local 1password application. The existing biometric auth and locl/unlock mechanisms would mean I'd get encryption without storing a key locally and so the user would have to periodically re-prove their identity.[new tool] varlock: schema-driven env vars
TL;DR: We've launched something new, it's called varlock. It's like DMNO but simpler and easier to get started. It's built on top of the .env files you're already using. It makes them safer to use and share. We'd love your feedback. >> 🧙♂️https://varlock.dev --- We've been heads down working on the next evolution of secrets and configuration tooling building on what we've learned so far creating DMNO. If you've used DMNO, varlock will feel familiar. But instead of writing schemas in TypeScript, we've created a lightweight DSL that sits on top of your .env files. We think this allows for much simpler onboarding (and offboarding!). And because it's all based on decorators in comments, it should play nice with your existing tools. For any tools that would like to make use of this new syntax, we've also created an open specification, we call it @env-spec, and there's an active RFC if you would like to get involved. >> RFC: https://github.com/dmno-dev/varlock/discussions/17 —- So why varlock? Varlock is a suite of tools built to improve the experience of working with environment variables, both in terms of security and developer experience. It provides: Validation - catch errors in development instead of production Type-safety - improved DX via detailed IntelliSense Security - secret redaction in stdout and global console methods Environments - Compose defaults, environment-specific .env files, and local git-ignored overrides Secrets - use any third party provider that has a CLI to load values What next? We're just getting started and we have big plans to expand the feature set of varlock. Coming soon you'll see: Local override encryption via a desktop app using biometrics Shared team vaults with trustless cloud storage GitHub App to track config changes with audit trails Deeper integration with providers like 1Password If you've read this far, thank you. Please check out varlock and let us know what you think by replying to this post, or joining us on Discord. Tools like this are only as good as the community that shapes them. >> 🧙♂️https://varlock.dev Thanks ✌️
SCIM Bridge
Why is the SCIM Bridge needed? If I already have to create an Enterprise Application in Azure, then the SCIM bridge really becomes an unnecessary and overcomplicated step. I should not have to register a new domain or spin up a separate VM just to get an integration to pull accounts automatically. As an MSP and reselling this to potentially 50 different organizations, this step becomes very time-consuming and wasteful.
Passkey algorithm support
Recently I began a passkey integration and I'm using 1password to test things out. There are a great deal of passkey algorithms that exist: https://www.iana.org/assignments/cose/cose.xhtml#algorithms Unfortunately it seems like if I remove all the "Recommended: No" and "Recommended: Deprecated" ones, I am unable to get 1password to generate a passkey. It gives me a somewhat opaque "1password encountered a problem" in the passkey dialogue after I click Save, and it seems to fall back to the browser which prompts me for a security key. I see this in the console log: PortOpener: passkey-save-prompt/XXXXXX received error: "create-passkey-failed" The algorithms I chose in order to be more secure based on the recommendations on that page and what I'm able to support in my server: PS384 PS512 RS256 RS384 RS512 The "deprecated" algorithm I added to make the error go away, and allow 1password to correctly function: ES256 Is there anywhere to find the full list of passkey algorithms 1password supports so I can try to come up with a good list to use on the server-side? Ideally it wouldn't contain deprecated ones.
