Skip to main content
June 27, 2025
Solved

Service Account can manage the Vault for user permission

  • June 27, 2025
  • 2 replies
  • 218 views

We are having 500+ Vaults and it's hard to manage the Users manually to add or remove from Vaults on demand if they change the Projects, Do we have a way programatically to update any user's permission on any vault?

Service accounts seems not managing the vault and we can only read, write or share using service account but not add/remove new user in the vault.

Best answer by

Hi @automationgfg ,

Thanks for reaching out. The best way to get this done right now is with a combination of the 1Password CLI and a script (likely Bash/Python) to update the vaults. Here's an article walking you through provisioning for users.

Example

op vault user grant --user wendy.appleseed@agilebits.com --vault Prod --permissions allow_editing,allow_managing

To learn more

https://developer.1password.com/docs/cli/grant-revoke-vault-permissions 

Additionally, we have the SCIM bridge that provides a more automated approach, depending on your setup.

https://support.1password.com/scim/ 

Thanks,

Phil

2 replies

Answer
June 27, 2025

Hi @automationgfg ,

Thanks for reaching out. The best way to get this done right now is with a combination of the 1Password CLI and a script (likely Bash/Python) to update the vaults. Here's an article walking you through provisioning for users.

Example

op vault user grant --user wendy.appleseed@agilebits.com --vault Prod --permissions allow_editing,allow_managing

To learn more

https://developer.1password.com/docs/cli/grant-revoke-vault-permissions 

Additionally, we have the SCIM bridge that provides a more automated approach, depending on your setup.

https://support.1password.com/scim/ 

Thanks,

Phil

June 28, 2025

Hi Phil,

Thanks for replying.

We are not able to grant permissions using service accout and getting the below error

op vault user grant --user andr{REDACTED}@graphitefinancial.com --vault hobtl2z3plh{REDACTED} --permissions view_items,create_items,allow_viewing

[ERROR] 2025/06/28 00:10:21 (403) Forbidden: You aren't authorized to access this resource.

Thanks,

Karan

July 3, 2025

Hi @automationgfg (Karan),

I'm just following up on this. Were you able to get make progress on your end?  If not it might be helpful to get in touch with one of our solution engineers who'd be able to dig deeper into the problem with you.

Let me know if you were able to get this figured out.

Regards,

Phil