Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Console flooded with errors when clicking links during 1Password passkey selection dialog
Hi, I’m experiencing an issue with the 1Password browser extension when testing WebAuthn API integration on my own website. Environment macOS Chrome (latest version) 1Password browser extension Issue I’ve successfully implemented WebAuthn API functionality for login on my website. However, the 1Password extension behaves unexpectedly: When the 1Password passkey selection dialog is open, if I click a link on the page, the page transition happens, but the Chrome DevTools console gets flooded with a large number of log, warn, and error messages. This feels like a bug. Steps to Reproduce Register a passkey in 1Password for the test site. Open the login page, which triggers the 1Password passkey selection dialog. While the dialog is open, click any link on the page. The navigation works, but the console outputs a large number of log, warn, and error messages. Expected Behavior Page navigation should happen without producing unnecessary console output. Actual Behavior Console is flooded with log, warn, and error messages. Additional Information I will attach/paste the console output below for reference. background.js:80 📤 Sending <NmLockState> message to native core <740716061> background.js:80 📥 Received message <NmLockState> from native core <740716061>. Duration: 4.8ms background.js:80 DeviceTrust: access denied: [ missing backoffice permission, missing admin permission ] - aborting (anonymous) @ background.js:80 background.js:80 📤 Sending <NmOfflineStatus> message to native core <3907478951> background.js:80 📥 Received message <NmOfflineStatus> from native core <3907478951>. Duration: 1.7ms background.js:80 Could not complete _handleGetCredential: disconnected (anonymous) @ background.js:80 background.js:80 📤 Sending <NmLockState> message to native core <3923595490> background.js:80 📥 Received message <NmLockState> from native core <3923595490>. Duration: 4.1ms background.js:80 📤 Sending <NmLockState> message to native core <2088568031> background.js:80 📥 Received message <NmLockState> from native core <2088568031>. Duration: 4.3ms background.js:80 📤 Sending <NmLockState> message to native core <780253718> background.js:80 📥 Received message <NmLockState> from native core <780253718>. Duration: 4ms background.js:80 📤 Sending <NmLockState> message to native core <3199044829> background.js:80 📥 Received message <NmLockState> from native core <3199044829>. Duration: 3.8ms background.js:80 📤 Sending <NmOfflineStatus> message to native core <469136938> background.js:80 📥 Received message <NmOfflineStatus> from native core <469136938>. Duration: 6ms background.js:80 Loaded page details in 2 ms. background.js:80 Analyzed the page in 0.4000000059604645 ms. background.js:80 📤 Sending <NmOfflineStatus> message to native core <2269321457> background.js:80 📥 Received message <NmOfflineStatus> from native core <2269321457>. Duration: 3.3ms background.js:80 [popup] Not attempting to connect to desktop app: already connected or connecting to desktop app background.js:80 Decided not to attempt reconnection to the desktop app. background.js:80 📤 Sending <NmLockState> message to native core <2789903974> background.js:80 📥 Received message <NmLockState> from native core <2789903974>. Duration: 2.7ms background.js:80 DeviceTrust: access denied: [ missing backoffice permission, missing admin permission ] - aborting (anonymous) @ background.js:80 background.js:80 📤 Sending <NmOfflineStatus> message to native core <3819754395> background.js:80 📥 Received message <NmOfflineStatus> from native core <3819754395>. Duration: 3.6ms background.js:80 📤 Sending <NmLockState> message to native core <1861163921> background.js:80 📥 Received message <NmLockState> from native core <1861163921>. Duration: 3.1ms background.js:80 📤 Sending <NmLockState> message to native core <2199877840> background.js:80 📥 Received message <NmLockState> from native core <2199877840>. Duration: 4ms background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 📥 Sync started for account xxxxxxxx - syncing all background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Managed Apps - Feature flag is NOT enabled background.js:80 ✅ Sync completed for account xxxxxxxx - took 969ms background.js:80 📤 Sending <NmOfflineStatus> message to native core <335039426> background.js:80 📥 Received message <NmOfflineStatus> from native core <335039426>. Duration: 8.1ms background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 📥 Sync started for account xxxxxxxx - syncing all background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 935ms 📤 Sending <NmOfflineStatus> message to native core <228318852> 📥 Received message <NmOfflineStatus> from native core <228318852>. Duration: 1.9ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📤 Sending <NmLockState> message to native core <3763395867> 📥 Received message <NmLockState> from native core <3763395867>. Duration: 3.1ms Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 900ms 📤 Sending <NmOfflineStatus> message to native core <527828929> 📥 Received message <NmOfflineStatus> from native core <527828929>. Duration: 3.3ms Could not complete _handleGetCredential: disconnected (anonymous) @ background.js:80 DeviceTrust: access denied: [ missing backoffice permission, missing admin permission ] - aborting (anonymous) @ background.js:80 📤 Sending <NmOfflineStatus> message to native core <3893879316> 📥 Received message <NmOfflineStatus> from native core <3893879316>. Duration: 1.7ms 📤 Sending <NmLockState> message to native core <2484059834> 📥 Received message <NmLockState> from native core <2484059834>. Duration: 4.3ms 📤 Sending <NmLockState> message to native core <567699292> 📥 Received message <NmLockState> from native core <567699292>. Duration: 3.8ms 📤 Sending <NmLockState> message to native core <2496790293> 📥 Received message <NmLockState> from native core <2496790293>. Duration: 3.6ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 1264ms 📤 Sending <NmOfflineStatus> message to native core <2459928279> 📥 Received message <NmOfflineStatus> from native core <2459928279>. Duration: 3.1ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 891ms 📤 Sending <NmOfflineStatus> message to native core <346739443> 📥 Received message <NmOfflineStatus> from native core <346739443>. Duration: 4.3ms 📤 Sending <NmLockState> message to native core <1926301438> 📥 Received message <NmLockState> from native core <1926301438>. Duration: 3.9ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 974ms 📤 Sending <NmOfflineStatus> message to native core <4246935782> 📥 Received message <NmOfflineStatus> from native core <4246935782>. Duration: 3.7ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 871ms 📤 Sending <NmOfflineStatus> message to native core <969923831> 📥 Received message <NmOfflineStatus> from native core <969923831>. Duration: 3.2ms 📤 Sending <NmLockState> message to native core <2384356258> 📥 Received message <NmLockState> from native core <2384356258>. Duration: 4.1ms Failed to refresh keysets <redacted> (anonymous) @ background.js:80 📥 Sync started for account xxxxxxxx - syncing all Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Failed to refresh keysets <redacted> (anonymous) @ background.js:80 Managed Apps - Feature flag is NOT enabled ✅ Sync completed for account xxxxxxxx - took 865ms 📤 Sending <NmOfflineStatus> message to native core <1380548022> 📥 Received message <NmOfflineStatus> from native core <1380548022>. Duration: 1.7ms 📤 Sending <NmLockState> message to native core <2946571035> 📥 Received message <NmLockState> from native core <2946571035>. Duration: 3.1ms 📤 Sending <NmLockState> message to native core <2259480419> 📥 Received message <NmLockState> from native core <2259480419>. Duration: 2.4ms 📤 Sending <NmLockState> message to native core <2244117207> 📥 Received message <NmLockState> from native core <2244117207>. Duration: 4ms Could not complete _handleGetCredential: disconnected
Reference for Private vault copied from GUI doesn't work in CLI
I use the `op` cli with a personal/family account. When I right click a password/key in the GUI in my Private account and selects "Copy Secret Reference", the reference starts with "op://Private". If I tried to read the reference using `op read` it fails with [ERROR] 2025/08/08 15:24:36 could not read secret op://Private/{Item}/{Field}: could not get item Private/{Item}: "Private" isn't a vault in this account. Specify the vault with its ID or name. So I have to replace the vault segment it with "Personal" or the vault reference hash to make it work with `op`. This is really inconvenient. Why is this happening? Is there anything I can do to fix it? (The "Private" vault can't be renamed.)
Connection reset when `podman login` runs `op`
I've set up a https://linuskarlsson.se/blog/podman-credential-helpers/ which runs `op read 'op://[redacted]'` internally. When I run the helper program in a terminal it works fine, prompts for the password if necessary, and prints the credentials. But when running `podman login` in the same terminal it fails with the following error: [ERROR] 2025/07/23 16:22:20 could not read secret 'op://[redacted]': error initializing client: connecting to desktop app: read: connection reset, make sure 1Password CLI is installed correctly, then open the 1Password app, select 1Password > Settings > Developer and make sure the 'Integrate with 1Password CLI' setting is turned on. If you're still having trouble connecting, visit https://developer.1password.com/docs/cli/app-integration#troubleshooting for more help. I've verified that the setting is turned on (running the helper program directly wouldn't work otherwise). I'm running `op` version 2.31.0.Failed to copy secret reference
When I right-click on a password and choose "Copy Secret Reference" , 1Password complains with "Failed to copy secret reference" at the bottom of the screen This happens on this particular entry, I tried a couple other Logins and I can Copy Secret Reference just fine. So what can cause this "Failed to copy secret reference" ? I'm using 8.11.1 on macOS Sequoia 15.5
Passkey algorithm support
Recently I began a passkey integration and I'm using 1password to test things out. There are a great deal of passkey algorithms that exist: https://www.iana.org/assignments/cose/cose.xhtml#algorithms Unfortunately it seems like if I remove all the "Recommended: No" and "Recommended: Deprecated" ones, I am unable to get 1password to generate a passkey. It gives me a somewhat opaque "1password encountered a problem" in the passkey dialogue after I click Save, and it seems to fall back to the browser which prompts me for a security key. I see this in the console log: PortOpener: passkey-save-prompt/XXXXXX received error: "create-passkey-failed" The algorithms I chose in order to be more secure based on the recommendations on that page and what I'm able to support in my server: PS384 PS512 RS256 RS384 RS512 The "deprecated" algorithm I added to make the error go away, and allow 1password to correctly function: ES256 Is there anywhere to find the full list of passkey algorithms 1password supports so I can try to come up with a good list to use on the server-side? Ideally it wouldn't contain deprecated ones.Issue with using op.exe within WSL for Ansible
Despite using 1Password, 1Password CLI and Ansible successfully in WSL on Windows 11, I've recently run into an issue. The 1Password apps on my work device were not being updated, and I believe I was using version 8.8.8 of the main app and 2.17.0 of the CLI. (Not great, I know). I had created a symbolic link for "/mnt/c/Program\ Files\ \)x86\)/1Password\ CLI/op.exe" to /usr/local/bin/op and everything was running fine. I could run 'op signin' and it would trigger my biometric authentication and 'op account list' would return my account as expected. I could also, use the community.general.onepassword lookup within Ansible just fine. I had a script to retrieve my ansible vault password configured in my ansible.cfg and this worked fine: #!/bin/bash op read "op://Personal/ansible_vault/password" After much cajoling, the support team have updated the 1Password applications on my device, I'm now running 8.11.2 of the Desktop app and 2.31.1 of OP CLI. Most of my environment works as before, 'op account list' triggers my biometrics and then returns the expected values and my ansible vault script above continues to work in the same way... however now the community.general.onepassword plugin is complaining that I'm not passing the required parameters (secret key, username, master_password, subdomain) ... but I shouldn't need to do this, as I am signed into 1Password. Again, this worked fine before upgrading the Windows OP CLI and App. Is this expected? I guess I could add these security items into my Ansible vault but I thought the whole point of OP CLI was to be able to move away from static security info in files (even if it is encrypted) and using password managers?
'op read' mistreats binary content
I wanted to write a command for git crypt unlock <FILE>, but since the command requires file as input and I was figuring out how to get content of attachment, I first tried it with op read 'op://<my-vault>//git-crypt.key' > git-crypt.key. Then, trying to unlock with now stored key, I was met with error "not a valid git-crypt key file". After some investigation, I found out that the stored key is slightly modified. This seem to happen when: The content is at least partially binary The content contains some invalid Unicode sequences or certain control characters The content is directly redirected into a file using > operator It seems that ascii-only content isn't affected. The binary content is also not affected when it's being piped into another process (e.g. op read 'op://<my-vault>/<my-item>/git-crypt.key' | cat > git-crypt.key - extra cat in the pipeline helps op store the contents correctly). What also works correctly is git crypt unlock <(op read -n ...) as it also creates a inter-process pipe. Since there's quite glaring occurrence of ef bf bd, which is a Unicode replacement character (�), and sequence 594f 7f63 is transformed to just 594f 63.. (7f being a DELETE control character), it seems that the content undergoes some UTF-8 decoding/processing. This is bit confusing as it's neither documented, nor is there any -b | --binary option to control this behavior. # Create a binary file and upload it to 1Password > dd if=/dev/urandom of=binary-data bs=1 count=32 # Fetch the attachment from 1Password using CLI > op read -n 'op://<my-vault>/Test/binary-data' > binary-data-redirected-to-file > op read -n 'op://<my-vault>/Test/binary-data' | cat > binary-data-piped-through-cat # Print content > hexxy -n binary-data 0000000: 00c6 773b 1963 95f1 6dc5 1bb6 bdde 4946 ..w;.c..m.....IF 0000010: 9f0e 594f 7f63 b6ed 2392 f9e1 91b3 abfc ..YO.c..#....... > hexxy -n binary-data-redirected-to-file 0000000: efbf bd77 3b63 efbf bdef bfbd 6def bfbd ...w;c......m... 0000010: efbf bdef bfbd efbf bd49 46ef bfbd 594f .........IF...YO 0000020: 63ef bfbd efbf bd23 efbf bdef bfbd e191 c......#........ 0000030: b3ef bfbd efbf bd ....... > hexxy -n binary-data-piped-through-cat 0000000: 00c6 773b 1963 95f1 6dc5 1bb6 bdde 4946 ..w;.c..m.....IF 0000010: 9f0e 594f 7f63 b6ed 2392 f9e1 91b3 abfc ..YO.c..#....... Rant on the side: Not being able to use <code> tag on forum is bit dumb.
