Skip to main content
February 18, 2026
Question

1Password CLI Bug Report: Service Account Cannot Read Environments

  • February 18, 2026
  • 3 replies
  • 237 views

Summary

op environment read and op run --environment return "Environment was not found" when authenticated with a Service Account that has Read access to the Environment. Desktop app authentication works correctly with the same Environment ID.

Environment

  • op CLI version: 2.33.0-beta.02
  • OS: macOS 15.3 (arm64)
  • 1Password Desktop App: 8.12.2
  • Account type: Individual (my.1password.com)

Steps to Reproduce

  1. Create a 1Password Environment "AI Agent" with variables (e.g., BRAVE_API_KEY)
  2. Create a Service Account "Ghossty" with:
  • Vaults: Dev (Read)
  • Environments: AI Agent (Read)
  1. Export the Service Account token:

export OP_SERVICE_ACCOUNT_TOKEN="<token>"

  1. Run:

/usr/local/bin/op environment read <environment-id>

Expected Result

BRAVE_API_KEY=<value>
GITHUB_PAT=<value>

Actual Result

[ERROR] 2026/02/18 18:41:55 bad input passed by the user: Environment was not found

Workaround Confirmation

Desktop app authentication works correctly with the same Environment ID:

OP_SERVICE_ACCOUNT_TOKEN= /usr/local/bin/op environment read <environment-id> # Output: # GITHUB_PAT=[REDACTED:github-fine-grained-pat] # BRAVE_API_KEY=[REDACTED:api-key]

Additional Context

  • op whoami confirms the Service Account is authenticated:

URL: https://my.1password.com
User Type: SERVICE_ACCOUNT

  • The Service Account was created on 2026-02-18 (after Environments beta was available)
  • The SA has confirmed Read access to the Environment in the 1Password app UI
  • op run --environment <id> -- printenv also fails with the same error
  • Vault access works fine with the same SA (op item list --vault Dev succeeds)

Impact

Cannot use the official headless/automated approach for loading Environment variables in shell startup scripts. Forced to use desktop app authentication which requires biometric confirmation on every invocation.

3 replies

March 7, 2026

Any debug command flags we can add to help debug this? Also getting the same error with the same setup.

March 7, 2026

More info after some reverse engineering of the binary:

Here's the complete API call sequence for op environment read with a service account:

  1. POST /api/v3/auth/start (200 OK) -- initiates SRP auth
    {"email":"YYYYYYYYYYYYYYY@1passwordserviceaccounts.com","skFormat":"A3","skid":"ZZZZZZZZZZ","deviceUuid":"BBBBBBBBBBBBBBBBBBBBBBBB","userUuid":""}
  2. POST /api/v1/auth (200 OK) -- completes SRP handshake (sends userA, sessionID)
  3. POST /api/v2/auth/verify (200 OK) -- verifies auth, gets session token
  4. GET /api/v2/account/keysets (200 OK) -- fetches account keysets (x2)
  5. GET /api/v2/overview (200 OK) -- fetches account overview
  6. GET /api/v3/vault/XXXXXXXXXXXXXXXXXXX?attrs=combined-access -- 403 Forbidden!

There's the problem. The CLI treats the environment ID (XXXXXXXXXXXXXXXXXXX) as a vault ID and tries to fetch it via /api/v3/vault/{id}. The server returns 403 because:

- The service account doesn't have access to that "vault" (it's not actually a vault -- it's an environment), or
- The Environments feature uses a different API path that the CLI isn't calling when authenticated as a service account
- The response body (gzip-decoded \xaa\xae\xe5 = {} with a newline) is essentially an empty error body, and the CLI maps it to the generic "An unexpected error occurred while processing the request."

Bottom line: op environment read with a service account authenticates fine but then tries to access the environment as if it were a vault via /api/v3/vault/{environmentId}?attrs=combined-access, and gets a 403. This strongly suggests that Environments aren't supported for service accounts at the API level -- the service account lacks the permissions/role to access the environment vault, or the environment is stored in a way that isn't exposed to service accounts.

March 7, 2026

Ooo! I fixed it! The service account did not have permissions to access the environment. I had to create a new one and while creating it adding the correct environments as read-access.

Key insight from LLM:

Environments ARE vaults under the hood. The SDK's EnvironmentsGetVariables implementation first calls GET /api/v3/vault/{environment_id}?attrs=combined-access to access the environment's backing vault. The environment ID you pass (XXXXXXXXXXX) IS the vault ID of that environment.

The 403 is a permissions issue. Your service account only has access to one vault:

{ "id": "XXXXXXXXXXXXXx", "name": "Infrastructure", "items": 1 }

The environment vault XXXXXXXX is not in that list. The service account hasn't been granted access to it.