Feature Request: Optionally allow sharing recipients to edit/update entries
Hi
I love 1Password, cannot live without it in my personal and professional life. But one thing I struggle with is helping my customers maintain a safety first demeanor when it comes to sharing secrets.
With 1Password it is easy enough for me to share secrets with them securely, but the inverse is not true UNLESS they also have 1Password, or similar.
[2025.10.09 - Update] After looking into WHY this doesn't exist I now understand the problem that allowing an external non vault member to write directly into my vault would break the security model as that external non vault member would need my keys to write into my vault. So instead it could be something like this
- You initiate a “Secret Request” from 1Password:
- It generates a unique, signed URL.
- Optionally, you can label it (“Please send me your API key for X”).
- The recipient (your customer):
- Opens that link in their browser.
- Enters their secret (password, API key, etc.).
- Their browser encrypts it locally with a one-time symmetric key before upload.
- The key is only embedded in the returned “Send” link that comes back to you.
- You receive the “return link”:
- You open it once, decrypt locally, and copy the secret into your own vault.
- Optionally, the link auto-expires after one view or a set time.
- 1Password’s servers never see plaintext, they just store encrypted blobs.
Full disclaimer, some AI servant came up with the above summary after I was trying to figure out why it may not be secure to just have people write directly into my vault and what the alternatives were.
[Original not so secure feature request below]
The feature I am looking for and would be willing to pay for, would be to allow sharing an entry, blank or otherwise, and then to optionally indicate that the sharing recipient may update the values or create new ones. Basically I want to allow someone external to be able to populate an entry in my vault as a mechanism for them to securely share secrets with me.
Use case: I need to do an integration project with my customer's ERP system and I need a secret from them. They need to share this secret with me and may not have a great way to do that securely. So if I could securely send them a link to an entry in my vault with edit permissions, then they could easily just drop the secret in there.
From a feature point of view, I guess it doesn't have to be limited to Update only, you could send someone a "Please create a new entry in my vault request", and then the entry would not have to exist prior to them getting the create request.
Let me know what you think
