Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

Former Member's avatar
Former Member
2 years ago

Am I correct in the understanding that Secrets Automation sends information in the clear?

I was setting up and messing around with my Connect Server, and I noticed this in the documentation

By default, 1Password Connect Server is configured for use within a trusted network. It's possible to enable TLS for the connection between your application and Connect.

So, is it correct to say, unless you configure TLS or LetsEncrypt, it is sending data in the clear by default?


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

  • Former Member's avatar
    Former Member

    I wanted to specify, I'm curious specifically about the communication of the rest API from the connect server to the application. Am I correct in understanding that without TLS configured, its sending the data in the clear from the connect server to the application?

  • Jack_P_1P's avatar
    Jack_P_1P
    Icon for 1Password Team rank1Password Team

    Hi @SpiceyRicey:

    Great question. Yes, that's correct. Communication between your 1Password Connect server and the 1Password service itself is protected by our regular protections, but communication between API clients and the Connect server itself would only be encrypted by TLS if configured and if TLS is not in use, data would be transmitted in the clear.

    Jack

  • Former Member's avatar
    Former Member

    Jack_P_1P

    Awesome, I appreciate it. I'm trying to have a zero trust environment and wanted to make sure I had all my bases covered 😊

  • Former Member's avatar
    Former Member

    Hi @SpiceyRicey - glad that we could help out and clarify this for you. Please let us know if you have any other questions. Thanks!