Skip to main content
1P_Community
1Password Employee
May 28, 2026

Developer newsletter: May 2026

  • May 28, 2026
  • 0 replies
  • 305 views

Hi, friends 👋

In this month’s 1Password Developer news, you’ll learn:

  • How to identify and secure exposed secrets in your codebases using the new 1Password Environments MCP Server for Codex.
  • Why your AI agents need more security boundaries and how to get started in Zero-Shot Learning – a new podcast from 1Password featuring interviews with the industry’s top builders in AI security.
  • How two community developers went from reading the 1Password Developer docs to launching their own 1Password integration.
  • New ways to build faster with our redesigned 1Password Developer docs, including new getting started guides, LLM-optimized docs, and more. 🎉
  • Inspiring ways that developers are building with 1Password Developer tools in our recent company blog posts and community highlights.

Enjoy!

Want to get 1Password developer updates straight to your inbox? 📥
Sign up for the developer newsletter.

Featured

Secure your Codex workflows without exposing secrets

Coding agents like Codex are now writing and shipping code, but the credentials they depend on are often stored insecurely in scripts, repos, and .env files. The 1Password Environments MCP Server for Codex issues just-in-time credentials to the agent, scoped to each task, and only provides access for a limited time.

The integration helps developers detect hardcoded secrets in existing code, move them into 1Password, and replace them with secure vaulted references without disrupting developer workflows.

See how you can reduce secret sprawl, streamline workflows, and bring more control to Codex-powered development.

Read the announcement 👉

Get expert advice on improving agent security in Zero-Shot Learning – A new 1Password podcast

Learn from the AI industry’s top builders in 1Password’s newest podcast, Zero-Shot Learning. 

In the first episode, Fotis Chantzis, Agent Security Lead at OpenAI, joins Nancy Wang, CTO at 1Password, and Jeff Malnick, VP of Engineering for Developer and AI at 1Password, to discuss AI agent security.

They cover where authentication starts to strain under the actions of agent identities, why secrets handling can get risky fast, and how teams should think about dynamic access controls.

Watch now  👉

Developer spotlight

This plugin lets you ask Microsoft Security Copilot questions about your 1Password event logs

Community developers Rogier Dijkman and Stefan Smit recently released the Microsoft Security Copilot plugin for 1Password. This project enables security teams to ask Microsoft Security Copilot questions about their 1Password Business account event data via Microsoft Sentinel. Get actionable SIEM insights faster about how your team is using 1Password.

Read more 👉

Community highlights

Psst... Share your 1Password blog posts and tutorials in 1Password Community or the 1Password subreddit to get featured in this newsletter.

Explore 1Password’s new developer docs

Build faster with 1Password Developer tools using our newly redesigned developer docs, including improved documentation structure, new getting started guides, LLM-optimized pages, and AI-powered search. Read the docs

“Claude Code API Key Security: A Guide to Token Hygiene”

Richard Baxter discusses the risks of exposing your developer secrets to AI tools, and how to use 1Password CLI in your dev workflow to keep your secrets out of plaintext. Read the tutorial

“Why your SSH keys vanish when 1Password is your agent”

After moving his SSH keys into 1Password, Attila Györffy received an unexpected message and set out to find a solution. Learn why this happened and how Attila quickly fixed it in this tutorial. Read the tutorial

From the 1Password blogs

What we learned using AI agents to refactor a monolith

1Password’s Developer & AI team used agentic refactoring to plan structural updates to a multi-million-line Go monolith. Read this article to learn the importance of finding the right human-to-agent ratio:

“When the work is fully specified and bounded, agents are both fast and accurate. When they encounter something outside the specification, the system is designed to surface that rather than attempting to resolve it implicitly.”

Learn more

How to protect against OAuth-based supply chain breaches and credential sprawl

Learn immediate and long-term solutions for protecting your team from an OAuth-based attack, including how 1Password can help and what to do if a third-party AI tool you use has been compromised.

Read the post

Beyond patching: Building a Mythos-ready security program

What does the latest Anthropic model mean for cybersecurity? Dave Lewis, 1Password’s Global Advisory CISO, shares his insights from contributing to The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program.

Keeping reading

Enhance your team’s security with 1Password Academy

Improve your team’s onboarding experience and become a certified 1Password Business Administrator through 1Password Academy – 1Password’s complimentary product courses.

Keep this conversation going on 1Password Community

That's it for this month. If you want to chat about anything covered in this newsletter, join the 1Password Developer Slack or start a new discussion thread here in 1Password Community!

– 1Password’s Developer & AI team

Previous editions

Missed our last newsletter or just started subscribing? Read our recent editions on 1Password Community:

April 2026

February 2026

December 2025