Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Solved
Service Account can manage the Vault for user permission
We are having 500+ Vaults and it's hard to manage the Users manually to add or remove from Vaults on demand if they change the Projects, Do we have a way programatically to update any user's permission on any vault?
Service accounts seems not managing the vault and we can only read, write or share using service account but not add/remove new user in the vault.
Hi automationgfg ,
Thanks for reaching out. The best way to get this done right now is with a combination of the 1Password CLI and a script (likely Bash/Python) to update the vaults. Here's an article walking you through provisioning for users.
Example
op vault user grant --user wendy.appleseed@agilebits.com --vault Prod --permissions allow_editing,allow_managingTo learn more
https://developer.1password.com/docs/cli/grant-revoke-vault-permissions
Additionally, we have the SCIM bridge that provides a more automated approach, depending on your setup.
https://support.1password.com/scim/
Thanks,
Phil
3 Replies
- 1P_Phil
Moderator
Hi automationgfg (Karan),
I'm just following up on this. Were you able to get make progress on your end? If not it might be helpful to get in touch with one of our solution engineers who'd be able to dig deeper into the problem with you.
Let me know if you were able to get this figured out.
Regards,
Phil
- 1P_Phil
Hi automationgfg ,
Thanks for reaching out. The best way to get this done right now is with a combination of the 1Password CLI and a script (likely Bash/Python) to update the vaults. Here's an article walking you through provisioning for users.
Example
op vault user grant --user wendy.appleseed@agilebits.com --vault Prod --permissions allow_editing,allow_managingTo learn more
https://developer.1password.com/docs/cli/grant-revoke-vault-permissions
Additionally, we have the SCIM bridge that provides a more automated approach, depending on your setup.
https://support.1password.com/scim/
Thanks,
Phil
Hi Phil,
Thanks for replying.
We are not able to grant permissions using service accout and getting the below error
op vault user grant --user andr{REDACTED}@graphitefinancial.com --vault hobtl2z3plh{REDACTED} --permissions view_items,create_items,allow_viewing
[ERROR] 2025/06/28 00:10:21 (403) Forbidden: You aren't authorized to access this resource.
Thanks,
Karan
