LoadLocalAuthV2 failed to credentialsDataFromBase64

Former Member

3 years ago

Posting my findings in case anyone else stumbles upon the same error.

tl;dr the 1password-credentials.json file needs to be double base64 encoded in the secret data! 🤦🏻‍♂️

Context: I'm using ArgoCD to bootstrap my cluster, so I'm manually creating the secrets before deploying the Connect server. I can't use the --from-file argument since Argo is doing the Helm deployment, not me. The clue was in the https://github.com/1Password/connect-helm-charts/blob/main/charts/connect/templates/connect-credentials.yaml#L14 - specifically that the credentials content was being set as stringData, not data, and was being base64 encoded. From the https://kubernetes.io/docs/concepts/configuration/secret/#restriction-names-data, values from the stringData fields get base64 encoded into the data fields when the secret is created! Jackpot!

I'm struggling to figure out how to clarify this in the docs. I think what's causing the confusion is that the default secret key is 1password-credentials.json, but it's decoded contents are expected to be encoded JSON, not raw JSON. Would that be considered a bug or is that as designed?

Forum Discussion

LoadLocalAuthV2 failed to credentialsDataFromBase64

Featured discussions

September at 1Password: Browser versions, enhanced security, and new integrations

Recent discussions

Desktop Integration Cannot Find App

Env var loading and validation for 1Password (open source!)

AWS Shell plugin is not providing session token

Password generator when exporting ssh keys

[Linux] Use $XDG_RUNTIME_DIR instead of $HOME/.1password?