Forum Discussion

New Contributor

17 days ago

1Password CLI Bug Report: Service Account Cannot Read Environments

Summary op environment read and op run --environment return "Environment was not found" when authenticated with a Service Account that has Read access to the Environment. Desktop app authentication ...

New Member

3 hours ago

Ooo! I fixed it! The service account did not have permissions to access the environment. I had to create a new one and while creating it adding the correct environments as read-access.

Key insight from LLM:

Environments ARE vaults under the hood. The SDK's EnvironmentsGetVariables implementation first calls GET /api/v3/vault/{environment_id}?attrs=combined-access to access the environment's backing vault. The environment ID you pass (XXXXXXXXXXX) IS the vault ID of that environment.

The 403 is a permissions issue. Your service account only has access to one vault:

{ "id": "XXXXXXXXXXXXXx", "name": "Infrastructure", "items": 1 }

The environment vault XXXXXXXX is not in that list. The service account hasn't been granted access to it.

Forum Discussion

1Password CLI Bug Report: Service Account Cannot Read Environments

Featured discussions

Meet the 1Password team at KubeCon Europe

Recent discussions

Environments should quote .env values

1Password CLI Bug Report: Service Account Cannot Read Environments

Environments: Feedback

Environments feature request: Add notes to variables & insert them as comments in the final .env

1Password Environments issue with VSCode and Claude Code Extension