Secure your Codex workflows without exposing secrets 🚀

If you’re using coding agents like Codex to build and ship production code, you’ve probably run into the problem of credentials being copied into  .env files, scripts, or hardcoded in repositories, where they can be easily exfiltrated and are difficult to govern and audit.

That’s why we collaborated with OpenAI to bring the 1Password Environments MCP Server for Codex to life, making 1Password a trusted access layer for Codex. Credentials from 1Password are issued to Codex just-in-time, scoped to the task, while keeping them outside the model’s context window.

With the integration, you can:

• Bootstrap new projects with 1Password-managed environments so you don't have to create or share .env files.
• Allow Codex to create and manage environments so your code runs with the right configuration, while underlying secrets stay in 1Password.
• Stay in control of every access since each Codex interaction with 1Password requires explicit user approval.
• Use Codex to scan repositories for secrets in plain text, then move these secrets into 1Password for secure storage, and replace them with references in code.
• And much more!

Under the hood, your 1Password secrets never leave 1Password and are always secure. They aren’t returned through or read by the MCP, written to disk, or surfaced in the model’s context window. At runtime, 1Password injects the required variables directly into the application process when it runs and only exists in memory for the user authorized process. 

👉 Read our full blog post to see how it works and how to get started with it.