Skip to main content
January 22, 2026
Question

Feature Request: Proactive Expiry Events for Service Account Tokens in Events API

  • January 22, 2026
  • 0 replies
  • 23 views

Hi 1Password Team,

 

I am managing 1Password integrations in a Kubernetes environment. We currently use the Events API to stream logs into our centralized observability platform (VictoriaLogs).

 

The Problem: The current Events API is action-based. For Service Account Tokens, there is no proactive event (like "Token Expiring Soon") via the API. We only discover a token has expired when our controllers log a 401 error: "status 401: Authentication: (Invalid bearer token), go-jose/go-jose/jwt: validation failed, token is expired (exp)"

 

Feature Requests:

 

Status-based Events: Does 1Password plan to support proactive events such as "service_account.token.expiring_soon"?

 

Webhook Support: Are there plans for Webhooks to alert on critical auth failures or lifecycle changes?

 

Audit Log Coverage: Can "System-triggered Expiry" be added as an action in the Audit Log?

 

Our goal is to prevent production incidents caused by expired credentials. Looking forward to your insights.