[Feature request] Allow one-off CLI queries

We're trying to integrate 1Password into an internal CLI tool, and we'd like to mitigate the risk against malware accessing 1Password via the 1password-cli after the user unlocks it with our tool. Currently, we signout immediately after reading the password, but there's still a few milliseconds where an attacker could access 1Password before we can relock it.

It would be great to make the CLI authenticate requests as a one-off, without unlocking the whole app. Personally, I'd love for this to be the default, but at least a flag to enable this. With this feature, we could do op item get "Foo Service" --field password --one-off and extract the password from 1Password without other processes being able to run op queries in parallel to access.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided

CLI

Forum Discussion

[Feature request] Allow one-off CLI queries

Recent Discussions

Console flooded with errors when clicking links during 1Password passkey selection dialog

WSL2 Arm Build

`op account add` with `Integrate with 1Password CLI`

1password doesn't seem to remember the key approval for JetBrains IDEA Ultimate

Use op on headless system with glab?