Signing back into the Community for the first time? You'll need to reset your password to access your account. Find out more.
Forum Discussion
Former Member
2 years agoAm I correct in the understanding that Secrets Automation sends information in the clear?
I was setting up and messing around with my Connect Server, and I noticed this in the documentation
By default, 1Password Connect Server is configured for use within a trusted network. It's possible to enable TLS for the connection between your application and Connect.
So, is it correct to say, unless you configure TLS or LetsEncrypt, it is sending data in the clear by default?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
- Former Member
I wanted to specify, I'm curious specifically about the communication of the rest API from the connect server to the application. Am I correct in understanding that without TLS configured, its sending the data in the clear from the connect server to the application?
- Jack_P_1P
1Password Team
Hi @SpiceyRicey:
Great question. Yes, that's correct. Communication between your 1Password Connect server and the 1Password service itself is protected by our regular protections, but communication between API clients and the Connect server itself would only be encrypted by TLS if configured and if TLS is not in use, data would be transmitted in the clear.
Jack
- Former Member
Awesome, I appreciate it. I'm trying to have a zero trust environment and wanted to make sure I had all my bases covered 😊
- Former Member
Hi @SpiceyRicey - glad that we could help out and clarify this for you. Please let us know if you have any other questions. Thanks!