DevBits header

AgileCloudSDK: iCloud Sync Gets Its Wings

At the last WWDC, Apple announced some changes to CloudKit, the technology that enables an app to sync with iCloud. As many of you know, it was previously impossible for non-Mac App Store apps to sync with iCloud. The changes that Apple made to CloudKit have opened up some really exciting possibilities, and today, we’re happy to announce that we have been able to implement iCloud sync in the AgileBits Store version of 1Password.

1Password 6 for Mac Sync Preferences (iCloud)

Wait…what?

1Password uses the CloudKit API to sync your data with iCloud. In OS X 10.10 Yosemite, the CloudKit framework provided by Apple did all the heavy lifting by communicating with Apple’s servers for the app, but it was only available for apps that were codesigned by the Mac App Store. This meant that only the Mac App Store version of 1Password could sync with iCloud.

You can read more about this in the post that Roustem wrote last fall.

What’s changed?

CloudKit is still the way that developers access the iCloud database, but Apple has provided a brand new way of accessing their CloudKit servers: CloudKit web services. CloudKit web services allows apps to access CloudKit via a really nice web framework called CloudKit JS. When these changes were announced at WWDC, we were excited to start working with this new framework to see what possibilities it would present. Ultimately, CloudKit JS enabled us to support iCloud sync in our AgileBits Store version of 1Password.

[Update] If you are a Mac app developer, and would like to use AgileCloudSDK so that your app can sync with iCloud, your app must also be in the App Store. Your customers, however, will now be able to choose whichever version they want.

How did we do it?

To make sync as seamless and stable as possible we wanted to make very few changes to the existing sync code in 1Password. We felt the best way to do that was to make a framework that looks and acts like Apple’s native CloudKit framework, but uses the CloudKit web services. This means 1Password can use Apple’s native CloudKit framework in the Mac App Store version, and our new AgileCloudSDK framework in the AgileBits Store version.

There are a lot of internal differences between native CloudKit and CloudKit web services. CloudKit web services relies on JavaScript but native CloudKit uses Cocoa classes for data storage, so we knew that we couldn’t reuse the existing code without something to translate the requests and data back and forth.

In order to talk to Apple’s servers, we needed a mediator. Adam Wulf and I created a class that takes native CloudKit API calls, translates them to web service API calls, and translates the responses back to native Cocoa code. The 1Password sync code is now completely ignorant as to whether it’s connecting to native CloudKit or CloudKit web services. This means that 1Password can find your data in iCloud, whether you’re using the Mac App Store version or the AgileBits Store version. We’re extremely pleased with this outcome!

From our customers’ point of view, iCloud sync in the AgileBits Store version of 1Password will look a little bit different during the initial setup. CloudKit JS does not use the iCloud settings from OS X, so to authenticate with Apple, 1Password will prompt you to log in to your iCloud account by displaying the iCloud login page in your default web browser. Once you have logged in to your iCloud account, CloudKit web services sends an authentication token back to 1Password, which it then stores (securely, of course). This enables 1Password to sync with iCloud without having to reauthenticate each time. Since the iCloud login for CloudKit JS is completely separate from the iCloud settings in OS X System Preferences, you can even use a completely different iCloud account if you like!

1Password 6 for Mac iCloud auth

Share the knowledge

One of the challenges we faced when developing this framework was that no one else seemed to be working on this particular problem yet. We want AgileCloudSDK to continue to grow and improve and we can think of no better way to ensure that than to release it as open source. We are currently busy prepping it for release and plan to have more information (including a release date) soon. If you’re interested in learning more about this framework, reach out to us at support+agilecloudsdk@agilebits.com.

To everyone at Apple who worked hard to make this new functionality possible: thank you. You’re awesome.

67 replies
    • agilekevin
      agilekevin says:

      @Marc Bizer Like native CloudKit, the sync code is largely the same, so the limitation carries over. As to why it is there in the first place, it requires a fair bit more effort to support syncing multiple vaults into a single CloudKit container. We wanted to offer CloudKit syncing to our customers as soon as possible, so we released it with single vault support. If you need multiple vault syncing we suggest using DropBox, or 1Password For Teams, which offers multiple vault support in addition to many other enhancements such as multiple users, permissions, and more.

    • Marc Bizer
      Marc Bizer says:

      “We wanted to offer CloudKit syncing to our customers as soon as possible, so we released it with single vault support.”

      I understand, but how long ago was CloudKit syncing released? 1P for Teams sounds wonderful, but I’m not part of a Team and I’m not eager to pay a monthly subscription fee once it is final 😞

    • brenty
      brenty says:

      Marc Bizer: First and foremost, we are incredibly excited to be able to offer our AgileBits Store 1Password for Mac customers the same iCloud sync option that Mac App Store customers enjoy. I think that’s fair and more important than adding multiple vault support that only Mac App Store customers could use. But now that it could benefit ALL 1Password for Mac customers, a redesign to make it possible to sync multiple vaults through iCloud is certainly something we can consider doing in the future. Thanks for letting us know this is important to you! :)

    • agilekevin
      agilekevin says:

      @festus77 while we have nothing to announce on the Windows front at this time, please let us know if that is something you wish to see.

    • Jouke
      Jouke says:

      +1 for the Windows sync with iCloud. Currently I use 1Password on Windows and Mac. Without iCloud sync on Windows I guess it makes no sense for me to switch from Dropbox to iCloud sync.

    • eva
      eva says:

      Hi Jouke and Martin,

      We love and appreciate feedback and suggestions from our customers. I have added both of your votes for integrating iCloud sync into our Windows app to our feature request list.

      Take care,
      Eva

    • brenty
      brenty says:

      willembeekhuis: Thanks for the feedback! Unfortunately iCloud is only integrated on Apple platforms so it still requires an install (which often rules it out for work computers — in that case, 1Password for Teams is a much better option), but we can certainly consider adding iCloud sync support to other platforms in the future as well.

    • festus77
      festus77 says:

      Yes – this is something I’ve wanted to see for some time. Where I work Dropbox sync is blocked, but iCloud is allowed – so I currently have no option except to copy the keychain and bring it with me to other machines

    • brenty
      brenty says:

      festus77: It seems odd that a workplace would prevent you from installing Dropbox on their equipment but not iCloud, but we can certainly consider adding iCloud support to 1Password on other OSes…just keep in mind that there isn’t an existing codebase to bridge with CloudKitJS, so a lot more work would need to be done there. Definitely not something that could happen in the short term, but thanks for letting us know you’d like us to work on that feature! :)

    • ArkonLabs
      ArkonLabs says:

      Definitely try to add iCloud syncing to the Windows version (along with redesigning the current Windows 1Password app). I have multiple OS X and iOS devices and one Surface Pro 4 for when I travel. I’d love to be able to use iCloud for all of them rather than having to install yet another application (Dropbox) that I don’t really use. I much prefer for the syncing to be independent of an app being installed in the OS like Dropbox.

    • brenty
      brenty says:

      ArkonLabs: Indeed, I would love to be able to use iCloud sync on my non-Apple devices as well!

      Just keep in mind that in the case of Windows (or Android), we don’t have an existing CloudKit sync base to bridge with CloudKitJS, so a lot more work would need to be done there to make the same thing a reality. We can’t simply drop (Objective C) code from the Mac (or iOS) app into the Windows version, since there just isn’t any groundwork there.

      It’s certainly something we’ll consider, but also keep in mind that this has only existed in the AgileBits Store version of 1Password for Mac for a relatively short time, so it’s something that won’t happen overnight even if we choose to tackle that in the future. I hope that helps clarify the situation.

      Also, you do still have to install iCloud on non-Apple devices. It doesn’t come with Windows like it does iOS and OS X, so it that regard it’s no different than Dropbox. ;)

    • Brandon Billingham
      Brandon Billingham says:

      +1 for Windows. The support forum always claimed you wouldn’t be using CloudKit Web Services because it’s not finalised and therefore no Windows support version was possible but this obviously wasn’t true.

      Just signed up for a year of LastPass but would still switch to 1Password if it had iCloud Sync on Windows

    • brenty
      brenty says:

      Brandon Billingham: I’m just going to go ahead and apologize to you myself, since it sounds like something I myself posted months ago somehow gave you the wrong impression.

      To be clear, at the time, CloudKitJS was still noted on Apple’s own developer site as being a pre-release framework. Now, that didn’t stop us from trying secretly to work with it in hopes of bringing the iCloud Sync option our Mac App Store customers enjoy to our AgileBits Store customers as well, but it wasn’t always clear if this would be techinically feasible or acceptible under Apple’s rules…and since it was still at an early stage at that point, we weren’t even able to test it internally.

      The claim wasn’t that we would never use it, but rather that we didn’t have anything to announce, because it may not have even been possble. And just like I’m not going to tell someone to buy a product I don’t use myself, there’s no way I was going to talk about iCloud even in regard to the AgileBits Store version until I’d been able to test it myself.

      Now, we may be able to add support to 1Password for Windows in the future, but it isn’t a plugin or anything. On Windows, CloudKit simply does not exist (either in 1Password or in general), so it’s a complete unknown when it comes to actual implementation. If and when we tackle that, it will require a lot of time to develop and test it before it would ever be something we’d offer to you or the rest of our awesome customers. I hope that helps clarify the situation, and please forgive me if my earlier comments were confusing.

    • Pete
      Pete says:

      Add my vote. I use Mac, Windows, and iOS versions. Rather switch from Dropbox to iCloud, but I can’t until the Windows app has that ability. Excited as I am this in on the Mac, it won’t help me at this point. Please add my vote.

    • brenty
      brenty says:

      Thanks for letting us know, Pete! I too would like to be able to sync 1Password for Windows (and Android!) using iCloud, but given that no code to implement this on either platform exists currently, that would be more of a long term goal if it’s something we decide to tackle. That said, I hope we’ll be able to do so in the future. Cheers! :)

    • eva
      eva says:

      Hi there,

      Yes it would. But unfortunately that is not on on our short term to-do list. But I have added your comment to our feature requests for our developers to review.

      We really appreciate our customers feedback and are always looking for ways to improve 1Password.

      Thanks,
      Eva

    • festus77
      festus77 says:

      Let me start out by saying how much I love 1Password for Mac & iOS. A true 1st class product. What I really need though is the ability to sync 1Password for Windows in an easier fashion. As I mentioned in an earlier reply, Dropbox (and other file drop services) are blacklisted at my work (government). The only thing I can do now is copy the agilekeychain to a thumb drive and update whatever machine needs it after adding or changing a logon. “Some” means of syncing is needed, even if were as dumb as a USB sync with my iPhone. Please, please, please

    • brenty
      brenty says:

      festus77: I’m really sorry that we don’t have a better solution for you right now (apart from sneakernet or other shenanigans). Ultimately, it’s important to keep in mind that any solution we offer in the future could again be blocked by yours or anyone’s workplace (for example, USB). That’s unfortunately out of all of our control.

      That said, we’re working hard to make 1Password for Teams awesome, and also to bring it to all of the platforms we support (and then some, with the help of the web interface). Most importantly, we’ve designed it from the ground up with security compliance in mind, so that businesses (and governments) will be able to use it themselves. You may be able to use 1Password for Teams now (using the web interface) or in the future (once it’s rolled out everywhere) on your own, and also perhaps fully sanctioned as more institutions evaluate it. :)

    • eva
      eva says:

      Hi there,

      Thank you for your feedback. Duly noted and I have added your vote into the feature request list.

      Keep being awesome!
      -Eva

    • sanglad
      sanglad says:

      +1 here for iCloud sync for windows 1Password app. At home, I mostly have Macs, but at work, I mostly have Windows. I would rather not load yet another storage sync app to my devices and computers, just to sync data…

    • eva
      eva says:

      Hi there,

      Consider your +1 added to the vote count! Thanks for chiming in, we appreciate it.

      Best wishes,
      Eva

    • eva
      eva says:

      Hi Ralph,

      Our encryption has not changed so your Master Password remains the one and only way to unencrypt your data.

      Cheers,
      Eva

    • eva
      eva says:

      Hi Daniel,

      Thanks for the suggestion.We love (and appreciate) hearing feature requests from our customers.

      This change is independent of adding other syncing options in the future. We still have lots requests to add Google Drive, OneDrive and Box and we have not ruled any of them out. I have added your voice as an upvote as well.

      Take care,
      Eva

  1. Ronald Lokers
    Ronald Lokers says:

    Cool! I just bought the mac appstore version last month because I couldn’t sync with icloud with the non appstore version. Is it possible to get a refund because now I don’t need it anymore 😅

    Reply
    • agilekevin
      agilekevin says:

      Hi @sysaba,

      If you are already using Dropbox, there’s no reason to switch to iCloud. We plan on continuing to support both.

  2. Johan Coppieters
    Johan Coppieters says:

    Hello, we’re organising jsconf.be in May. We are looking for anyone willing to do a session (or a workshop) on cloudkit.js — should you know anyone, please forward this request. many thanks.

    Reply
    • agilekevin
      agilekevin says:

      Hi @Jim,

      1Password Anywhere requires direct access to the synced file, which CloudKit (the technology behind iCloud sync) does not provide, so it will not work with iCloud sync.

    • eva
      eva says:

      Hi Jim,

      Unfortunately not. 1PasswordAnywhere was build specifically around Dropbox and it is not an option available with iCloud syncing. You may want to check out 1Password for Teams at https//teams.1password.com which is another way to get web access to your vault when away from your own computer.

      Take care,
      Eva

    • roustem
      roustem says:

      Jim,

      If you are using 1PasswordAnywhere then you should look at 1Password for Teams. It includes a fully-featured web client that has search and editing.

      Roustem

    • eva
      eva says:

      Hi there,

      We used to allow multiple syncing sources for a single vault, but we kept ending up with conflicts and that led to a cascade of other issues. So while I will be happy to pass on your feature request, I wouldn’t be too hopeful given our past experiences.

      Thanks for the suggestion though. :-)
      -Eva

  3. Alexander Celeste
    Alexander Celeste says:

    This is great! Very little reason to stay with the MAS version anymore… In fact, is there any feature difference in v6 between the two (aside from the direct version getting more updates quicker than the MAS version)? As a developer I’d definitely be interested in seeing the open source version of AgileCloudSDK. May come in handy (who wouldn’t want their non-MAS apps to have access to iCloud?), but certainly may be worthwhile to look at just for the purposes of continually educating myself on the ever-evolving Apple technologies. Really, though, an awesome achievement and feature for 1Password 6.

    Reply
  4. Michael
    Michael says:

    Hello there,

    the icloud sync is not working on my machine. I installed the latest version on booth mac os and ios. On iOS it is working but on make I get the login page on chrome to login in my icloud account. Then I need to confirm my email address with a number I get. After I enter the number on the page I logged out again. Nothing happend?!

    Please help!

    Reply
    • agilekevin
      agilekevin says:

      Hi Michael,

      I’m sorry that you are having issues logging in. What should happen is that it should change to a spinner, and in a few seconds bring the 1Password app back to the foreground where you can continue to set up sync. Try it again, and after ten or so seconds, check the app again to see if it will let you proceed. Otherwise, please contact our support team at https://support.1password.com and we’ll do our best to get you up and running.

    • Michael
      Michael says:

      Thank you for the response.

      I tried it again but the loader is still there.

      Wrote an email to the support.

      Michael

    • eva
      eva says:

      Hi Michael,

      Thanks for writing into us. One of our support Jedis will respond soon.

      We’ll get you taken care of.

      Thanks,
      Eva

  5. fluffy
    fluffy says:

    Ah, this explains why Logic Pro X now supports some iCloud functionality too – I mean that’s always been an App Store app but Apple’s Pro Apps support has insisted that they’d have to completely rewrite Logic in order to support iCloud. But if CloudKit is now usable as a modular API-style component (as it should have been in the first place), that makes a lot more sense.

    Glad to see Apple actually making a change to a core API to make it less restrictive, for once.

    Reply
    • agilekevin
      agilekevin says:

      Hi fluffy,

      Logic Pro X may be supporting syncing some preferences through iCloud, which is a different, simpler API, but not their data. But I agree, CloudKit Web Services does open up new possibilities for many developers, and it’s a very good thing.

      Cheers,
      Kevin

Leave a Reply

Want to join the discussion?
Feel free to contribute!

What's on your mind?