Signing back into the Community for the first time? You'll need to reset your password to access your account.  Find out more.

Forum Discussion

Former Member's avatar
Former Member
2 years ago

Remove permissions of all users from all vaults via script

Hello dear Community,

due to an incident at our company, I need to remove the export function of passwords for all users and unfortunately users were mostly assigned to vaults individually and not in groups (this will definitely be changed).
I'm new in 1Password CLI and since a few days I'm trying to create a script that changes permissions of all users in all vaults.

The user that runs the script has Owner permissions and we use 1Password Business.
However, when I run the script, it only removes the permission from the script running user in just the Private vault.

I am stuck at the moment and have no idea what to change. Please, can someone give me a hint what I am doing wrong?

Many thanks and greetings
Sebastian

```

Get list of vaults

vaults=($(op vault list --format=json | jq --raw-output '.[] .id'))

Loop through vaults

for vault in $vaults
do
# Get list of users for the vault
users=$(op users list --vault $vault --format=json | jq --raw-output '.[] .id')

# Loop through users
for user in $users
do
# Grant new permissions to user
op vault user revoke --user $user --vault $vault --permissions export_items,print_items
done
done
```


1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided

No Replies