Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

Former Member's avatar
Former Member
3 years ago

How to add multiple URLs via CLI?

Hello there,

our test servers all require the same login credentials. In the past, I solved that problem by manually creating a login item in 1password,
export that, have a script add hundreds of IP addresses to that item, and import it back. Problem with that: the item is then too large
to be sync'ed with the server, so it only exists locally on my laptop. 1password 8 will take away that option for me, so I am looking into
a new solution:

  • create a script that creates multiple login items, each one "small enough" so they can be uploaded to the 1password clouds (like: with all IP addresses for a specific /24 subnet, like 42.43.44.*)
  • use the same credentials for all those login items
  • have a second script that updates the password on all these items when needed

But according to some older post, multiple URLs aren't supported on the command line.

Is that still true?
If yes: are there any options to work around that programmatically?
If no: what is the easiest way of handling this?


1Password Version: 7.9.6
Extension Version: Not Provided
OS Version: macOs 12.5.1
Browser:_ chrome and firefox

  • andi_t_1P's avatar
    andi_t_1P
    Icon for 1Password Team rank1Password Team

    Hi @EdGue , thanks for reaching out! First of all, it is now possible to create items with multiple fields/urls with the 1Password CLI. If the size is still a problem then you could create 1 LOGIN type item, let's call it SharedCredentials, in vault Private. Then you can go ahead and create multiple items as planned with various IP addresses (let's call one of them ip1 in vault Private), with the property that each of these items can store the reference to the SharedCredentials in a field called credentials_id & credentials_pass, like such credentials_id=op://Private/SharedCredentials/username and credentials_pass=op://Private/SharedCredentials/password. You could then retrieve the shared credentials by having a file called retrieveCreds.txt with contents username: op://Private/ip1/credentials_id, password: op://Private/ip1/credentials_pass, and then running op inject -i 'retrieveCreds.txt' two times. The first time the secret reference for the actual SharedCredentials will be written in retrieveCreds.txt, and the second time around the actual credentials will be there. This would result into not concerning yourself with updating the credentials to each individual smaller item. Because they all reference the same item, you could just update the credentials in the SharedCredentials.

    Hope this helps,
    Andi

  • Former Member's avatar
    Former Member

    Thanks, that sounds like good approach.

    I solved it differently in the meantime. My code:
    - fetches the Login template as JSON
    - fetches the required credentials from some existing item
    - adds things such as user name and password, and most important: a field "urls" that contains an array of JSON objects { "href": "someip"}
    - and then passes that via stdin to op create

    This way, I can programmatically create the required login items.

    Then there is another script that updates these auto-created items (they all share a specific tag).
    The update is a little bit deficient, as that only works with open item edit password=.... , but that is acceptable
    (albeit I might update the tooling once op item edit supports to pass arguments via STDIN, too)

  • andi_t_1P's avatar
    andi_t_1P
    Icon for 1Password Team rank1Password Team

    Great, glad you got this figured out, and thank you for the feedback!