It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Forum Discussion
Help with 1Password SSO Unlock Across Multiple Desktops
Hi, I’m looking for some assistance with 1Password in a small office environment (around 45–50 desktops) that runs Hybrid AD. We’ve enabled Unlock with SSO, and it works fine on a user’s first works...
We have the same problem and 1password does not have a solution.
Perhaps 1password could consider integrating with native operating system tools like OneDrive? That would make the entire process much less painful.
Another option would be to configure something in the 1password portal, allowing devices to auto authenticate for the next "15 minutes" when coming from a known IP address.
1P_Dave
Moderator
ModeratorThanks for the reply. Unlike other services, 1Password's security doesn't just rely on authentication but on encryption. The encryption key needs to be transferred to the device that you're using from an existing device in order for the 1Password app to be able to decrypt your data into a readable and usable form.
Can you tell me a little more about how you deploy 1Password across your organization? Have you considered using roaming profiles like I described in my previous post? I look forward to hearing from you.
-Dave
Hi Dave,
We use Microsoft 365 with Entra joined Windows 10/11 computers, using SSO with Entra ID for 1password authentication.
1password is deployed via Intune via command line MSI install (MANAGED_UPDATE=1 MANAGED_INSTALL=1)Roaming profiles is a legacy technology which assumes one or more local Active Directory environment(s) with access to common file share(s).
Since we have multiple locations and remote workers, so we opted for the more modern approach, all computers are joined to Entra ID (not to Active Directory).
We already utilize "Known Folder Move" which leverages OneDrive/SharePoint to sync "Desktop", "Documents", "Pictures", but that does not capture the AppData folder and its subfolders.
https://learn.microsoft.com/en-us/sharepoint/redirect-known-folders
Instead of roaming profiles, does / could 1password support synchronization of the encryption key(s) using Enterprise State Roaming?
https://learn.microsoft.com/en-us/entra/identity/devices/enterprise-state-roaming-enable- 1P_Dave
Thank you for the reply! Our identity/SSO team would like to explore and discuss this with you further. Would you mind sending an email to support@1Password.com along with a link to your comment:
- https://www.1password.community/discussions/1password-work/help-with-1password-sso-unlock-across-multiple-desktops/161140/replies/162450
After emailing in, you'll receive a reply from BitBot, our friendly robot assistant with a Support ID that looks something like [#ABC-12345-678]. Post that here, and I'll be able to locate your message and make sure it's gotten to the right place.-Dave
