Here at AgileBits, we’ve been working hard over the last few months to bring power users, developers, and administrators more powerful ways to interact with 1Password. We’re proud to announce that we have something that fits the bill. It’s called the 1Password command-line tool, and we can’t wait to see what you build with it. Let me take this opportunity to walk you through the exciting potential.
1Password apps are available on just about every platform, but they’ve always had the same dependency: a graphical interface. Now all of 1Password is available with just two characters:
The 1Password command-line tool makes your 1Password account accessible entirely from the command line. A simple
op signin will securely authenticate you with the 1Password service and give you access to a wide range of capabilities:
Getting usernames and passwords from items:
> op get item OpenProxy | jq '.details.fields | select(.designation=="password").value'
Creating new items and vaults:
> op create item login $(cat aws.json | op encode) --title="AWS"
> op create vault devops
Working with documents:
> op create document ./devops.pdf --vault=devops --tags=architecture
If you’re a team administrator, you can also manage other users and shared vaults — all without leaving your terminal:
> op suspend firstname.lastname@example.org
One of the most frequent requests we receive from 1Password Teams customers is the ability to export the Activity Log. With the Pro plan,
op list events makes it easy to ingest activity data into the application of your choosing. Be it Splunk, Kibana, Papertrail, or your own tool,
op outputs JSON, so it’s simple to work with.
But we didn’t just build the tool to solve specific requests. It’s flexible enough to handle use cases we haven’t even thought of. The possibilities are endless, and we know you’ll come up with something amazing.
🎶 Rock, robot rock (solid) 🎶
The command structure is similar to tools you already use, providing easy integration with your workflow. Now automated systems can have access to secure credentials without ever storing them in plaintext. Here at AgileBits, for example, we’ve been using
op for the last few months as part of our automated build systems. It’s been super useful for fetching secure keys and tokens required for building and deploying 1Password. After a secure
op signin, we have a script that fetches the appropriate signing key from a shared vault and automatically signs new builds.
The tool was written from the ground up with the battle-tested Go programming language, the very same we used to build the 1Password service itself. As with every 1Password client, all encryption and decryption is done on your machine locally, ensuring the highest level of security best practices you’ve come to expect from the entire family of 1Password apps.
Get yo’ *NIX on
Our dreams of late have been filled with penguins. Two weeks ago we shared a treat with Linux users, and this week it becomes a feast. You might have already tried 1Password for Linux and Chrome OS, but we know what really makes developers salivate: a CLI. You can download
op for macOS, Linux, FreeBSD, OpenBSD, and NetBSD on i386, ARM, and AMD64 architectures. Oh, and our Windows friends can play too!
If you’re as excited as we are about this, here’s everything you need to get started:
- Download the 1Password command-line tool
- Discover all the amazing things you can do with the tool
- Stop by the 1Password Support forum to post your ideas, scripts, and feedback
We highly value the thoughts of people using the beta in the real world, so we can continue improving the tool for you. As we work toward a stable release and eventually open source, please bear in mind that there may be breaking changes down the line, but we’re more than happy to work with you to resolve any issues. We look forward to working together to create some truly useful and powerful tools, and we can’t do it without you.
Now let’s get ready to 🎶
sed it 🎶