Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Search for CLI
Hi! I'd like to request a feature: For the 1Password CLI (`op`) to support searching, just like the GUI client does. My use case: I have about 30 or so entries that I would like to add a tag to. All entries belong to the same domain "home.mydomain.com" (many have subdomains on it). In the GUI client I type "home.mydomain.com" and they all come up. I want to use a script using the `op` CLI to edit each, adding a tag to them. Right now the only method I can find is to first list all items and then retrieve each and do the search myself. That's very slow. It would be great if I could send a search them off and get back a list of results. This could be as simple as `op item search "home.mydomain.com" --format=json` and then I could edit each of those items. Thanks!
Environment Feature Request
In addition to sorting which I believe has been mentioned elsewhere, can you add the ability for either custom tags (with filter by tag) or otherwise add the ability to be able mark each variable with a place where it is needed. e.g Vercel, Convex etc. At the minute my services have access to environment variables they don't need and I want to reduce it down so they only have the essentials. It would be nice to be able to view at a glance what service has access to what. It would be particularly handy in the event any service is compromised you would know exactly which variables would need updating and across which services.
1Password Oddities
These have been issues for a while, but re-testing them today, I'm using "1Password for Mac 8.11.22 (81122027)", Google Chrome "144.0.7559.59", and 1Password extension "8.11.27.2". --- Is there a reason why I have to use my mouse and keyboard on web-pages that use XHTML? https://craig.dev/misc/1Password/2023-12-12-xml/ If I select either the username or password field (I'm using autofocus on the username field, but this isn't necessary)... the 1Password icon appears (good), but if I click on it with the mouse, then it just disappears... so now I need to use the [down arrow] button on my keyboard to show the 1Password account selection menu... but, if I press the [down arrow] a second time (i.e. to make a selection), then the 1Password select menu disappears, so I need to go back to using my mouse to select the account I want. This seems to be due to the use of `Content-Type: application/xhtml+xml`, you can change back to normal (error tolerant) HTML with the "change" link on this page. --- Also, because I have a `Permissions-Policy` header on my websites, where I set `ch-ua-high-entropy-values=()` to disable the getHighEntropyValues API, I get this error in the Google Chrome Developer tools: Permissions policy violation: Collection of high-entropy user-agent client hints is disabled for this document https://craig.dev/misc/1Password/2026-01-11-high-entropy/ --- Also, on either of these pages, you can see the scrolling issue... as in, when you try to scroll the page, the 1Password button remains fixed in position relative to the browsers window (not keeping track of the username/password field location): I suspect it's related to the setButtonStyles() function in "injected.js", which is using `button.style.position = "fixed"`... I'm not sure on the details, but if I was looking into this, I'd start by considering the use of position absolute. --- Also, every time I select a username/password field, and then use the down arrow so 1Password opens the select field, I get a warning in the Google Chrome Developer tools: Added non-passive event listener to a scroll-blocking 'wheel' event. Consider marking event handler as 'passive' to make the page more responsive. --- And finally, following on with the SMS verification codes discussion, what HTML should I be using on my SMS one-time-code fields, so I can tell 1Password to ignore this field (i.e. so the browser can offer the value from the SMS message)? I'm currently using: <input name="code" id="sms_code" required="required" autofocus="autofocus" autocomplete="one-time-code" type="text" inputmode="numeric" size="9" maxlength="7" value="">
Edit items (json) without losing passkeys
Just came across this fun notice in the docs: "JSON item templates do not support passkeys. If you use a JSON template to update an item that contains a passkey, the passkey will be overwritten. To fix this, you can restore a previous version of the item." Which mean this method of editing an item is out the window for any items which contain passkeys :( Want to bump this issue, and also say that perhaps a different kind of programmatic update without needing to pass in the entire json blob could be useful.
Provide disk access to SSH public keys?
Would there be interest by the 1P developers to provide easy access to any stored SSH public keys at a simple path (rather than users having to export and save them if they need them outside of the 1P environment)? I use another tool that manages SSH keys (https://github.com/maxgoedjen/secretive, a fantastic macOS app that creates and stores SSH keys in the Secure Enclave), and it provides you with the ability to access the public keys of any stored keys at a simple path, e.g.: /Users/username/Library/Containers/com.maxgoedjen.Secretive.SecretAgent/Data/PublicKeys/d0aa1a9b19b0d0f9ab0c9fcc5de80fa6.pub If 1P had the same ability, then when users needed to provide their public key somewhere (e.g., https://developer.1password.com/docs/ssh/agent/advanced/#match-key-with-host), they wouldn't have to go through the cumbersome process of exporting the public key from 1P, saving it to a file, and then providing the path to that new file. Instead, I'd imagine there would be an option alongside the "Download" option in the 1P entry named something like "Copy Public Key File Path", and it would put the path on the clipboard; then the user just uses that for the IdentityFile, or whatever they needed the path to the public key for. And then the ideal would be if accessing the file at this path didn't require any 1P authentication at all, since it's a known-public-non-secret file... but in the end, at least in my example above, the public file is being accessed as part of a private key read, so there'll ultimately be authentication.
Feature Request: Disable SSH Agent via macOS Menu Bar
It would be great to add an option 'Disable SSH Agent' to the 1Password Menu Bar Item on macOS. There's already an option to 'Disable Snippet Expansion' which is helpful. The 'Disable SSH Agent' would work the same. This would be helpful in scenarios where you are connecting to a system via SSH that doesn't have any of your 1Password-managed SSH keys. When I have the agent enabled, I often get `Too many authentication failures` for those systems. The ability to quickly disable and re-enable afterwards would be helpful. The current solution is to open the app, go to Settings > Developer, and toggle it there - which is cumbersome: To avoid confusing non-developer users with the option, it could only show up when the 1Password Developer experience was activated, or when the SSH Agent was enabled at least once. Thanks!Feature Request: Formatting in titles
I like to use the formatting in the 'notes' section of elements - especially the `monospace/code` text using backticks. It helps distinguish things such as IP addresses, hostnames, etc. from normal descriptive text, and makes everything look more organized: It would be great if these simple text formatting options were displayed for Item Titles as well. Example: The `diskstation` should look like: diskstation Thanks!Environments in Production via 1Password Connect Servers
I love Environments in my local development, it makes things an absolute breeze! Now for the inevitable stretch goal: I'd love to have something similar for my production setup using 1Password Connect Servers. Perhaps a thin client that can be part of a Docker stack, which can reach out to the Connect Server and provision an ephemeral environment file on the production server. Preferably in multiple formats (.env, YAML, TOML, JSON etc.)Feature Request: Linking Address to Multiple Logins
Hello 1Pass Developers, I'm currently in grad school, so my address has been changing a lot lately, and it's been a real pain to track all the accounts that I need to update my address in. I have started a spreadsheet that tells me all the accounts that I regularly use that have a certain address associated so that next time I move, I remember to update the important accounts (bank, medical, etc.) - But I figure it would be way easier to do that if you could link certain addresses (from a profile) to accounts that use it. That way, I could go into the profile with my old address and see all the accounts I need to change (similar to hyperlinking (Wikipedia) or back-linking (Obsidian). Just a suggestion that I would really love to see, but maybe there's already something similar - please let me know if so!Custom aliases and OpenSSH fields for SSH Bookmarks
SSH bookmarks is a great feature - one I was intending on building myself until I found 1Password's docs for it. However, it is missing a couple important features for me to be truly happy with it. I setup aliases for my common SSH hosts, and would like to be able to add these into 1Password. In particular, I want to be able to set custom names for each bookmark. For instance, I SSH to my university's servers typically with `ssh unsw`, not the far longer `ssh zXXXXXXX@loginX.cse.unsw.edu.au`, which is what the bookmark matches on. In addition, some of these bookmarks are for trusted hosts, where I want to enable `ForwardAgent yes` or similar additional OpenSSH options, and being able to use bookmarks to set these across my devices would be extremely helpful. Currently, I have a config file local to each computer that contains something like the following for each host: Host unsw User zXXXXXXX HostName loginX.cse.unsw.edu.au ForwardAgent yes CanonicalizeHostname yes This converts `unsw` to the long form user and host that is matched by the bookmark config. Ideally, these could all be configured via 1Password. A generic syntax for custom OpenSSH options would also solve other missing properties mentioned by others on this forum (e.g. ports).
