It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
Forum Discussion
Solved
`op account add` with `Integrate with 1Password CLI`
We have a significant amount of automation around `op`, we use a shared service account (not a service account token, a real 1password account with an email and a secret key) to do perform this autom...
> There does not appear to be any way for our automation to override or bypass the 1password app integration from the CLI.
I believe you're looking for https://developer.1password.com/docs/cli/app-integration/#optional-set-the-biometric-unlock-environment-variable
You can add this to your script
```
export OP_BIOMETRIC_UNLOCK_ENABLED=false
```that will overwrite the user setting.
Hi 1P_Phil,
We have thousands of vaults managed by this automation.
At the moment it is just the effort of migrating from our service user (which predates service account tokens) to a service account token is too great for too little benefit.
Specifically since we can't give the service account tokens access to vaults after they are created we have a bit of a migration problem, my understanding is that we'll have to stop allowing vaults to be created for a while when we create the service account token giving it access to all existing vaults, and then turn vault creation back on with the new service account token.
We also need to be able to automatically delete these previously created vaults, so we have to maintain the automation that uses the service user to delete the vaults (since it seems like from the docs a service account token can't delete vaults it didn't create).
The carrot for that migration for us is the python SDK (instead of shelling out to `op`) but that doesn't support vault creation yet.
