1Password Connect Token Permissions Don't Appear to be Granular

I have a 1PW token that Terraform uses. Up until now, I only wanted Terraform to be able to read from this vault. But now I have a use case for using some items in Terraform to create a 1PW entry. However, I don't seem to be able to assign only the "create" and "edit" permissions without also granting the archive & delete permissions, which I don't want Terraform to be capable of (accidentally) doing.

Reproduction Steps

Open 1PW connect entry
Go to access token with read only permission
Attempt to grant that access token additional "create" and "edit" permissions.

Expected Behavior

Check off the Create and Edit items, and have those permissions take effect.

Actual Behavior

Checking create or edit also appears to check off "Archive" and "Delete"

Screen capture below demonstrating the behavior

integrations

troubleshooting

Forum Discussion

1Password Connect Token Permissions Don't Appear to be Granular

Reproduction Steps

Expected Behavior

Actual Behavior

Featured discussions

December 2025 at 1Password: More browser options, easier sign-in, and safer saving and filling

Recent discussions

[BUG REPORT] Two issues when editing multiple password fields

1Password Connect Doesn't Appear to Sync Permissions

1Password Connect Token Permissions Don't Appear to be Granular

Feature Request: GeneratorRecipe for Memorable Passwords

Password generator when exporting ssh keys