It’s Cybersecurity Awareness Month! Join our interactive training session, or learn about security and AI from 1Password experts.
CLI Slow Performance
I have the 1Password desktop app installed and up to date on my macBook Pro, the `op` CLI is also installed, up to date, and working properly. All expected CLI queries work but they are surprisingly slow. After a bunch of trial and error, it seems that it is making a round-trip online as part of every single CLI query. I added the --debug flag and I can see cache hits, but the round trip online is still occurring. Disabling the network interface causes all queries to fail. Is it possible to get the 1Password CLI working fully offline to avoid all of this unnecessary round-trip business? Surely with the desktop app installed and CLI integration turned on, there has to be a way to make efficient (and offline) use of my 1Password vaults. Otherwise automation tasks that require secrets are simply too cumbersome to handle with 1Password, and I will require a secondary solution. And in that case, I may as well give up on 1Password.
Copy secret reference (using ID values)
This applies to all platforms (not just Mac), but I didn't see a community category for "all platforms", so I'm choosing Mac because it seems to have the highest user activity Perhaps I've missed some documentation, but I don't find a way to copy a https://developer.1password.com/docs/cli/secrets-reference-syntax/ using the desktop app. This seems like a basic and essential task during development. What I want is this format: op://vault_id/item_id/section_id/field_id or if the value isn't in a section: op://vault_id/item_id/field_id How can I do that easily — and get a secret reference defined by ID values (which should be immutable — vs. name values which can be modified)? More context: I find some ways to construct the URL manually (but this is not ideal): A URL can be copied which includes the vault and item ID among other query parameters: I get one in a format like this: https://start.1password.com/open/i?v={VAULT_ID}&i={ITEM_ID} However, that's not enough as it doesn't include the section/field, and would need to be manually edited or processed by other tooling as an additional step to get the required output. I can also use "Copy item UUID" and then paste that as an argument to a manually-typed CLI command to get much more than what's needed: % op --format=json item get x5k2wndiih6cmw2rugl7ol442i { "id": "x5k2wndiih6cmw2rugl7ol442i", // --- snip --- "vault": { "id": "{REDACTED_VAULT_ID}", // --- snip --- }, // --- snip --- "fields": [ // --- snip --- { "id": "credential", "type": "CONCEALED", "label": "credential", "value": "abc123", "reference": "op://{REDACTED_VAULT_NAME}/API Credential/credential" }, // --- snip --- ] } However, this still involves either manually copying+pasting IDs or using other tooling to parse and create the required output. The JSON does include a reference value for the target field, but the reference is built using names, which isn't satisfactory for the reasons described previously. For the example above, what I want to copy to the clipboard is the following (where {VAULT_ID} is replaced by the actual vault ID): op://{VAULT_ID}/x5k2wndiih6cmw2rugl7ol442i/credential I think that if the boolean option is enabled at Settings > Advanced > Show debugging tools: then there should be an option to copy a complete ID-based secret reference for every field in its contextual menu: This is a re-posting of previous issue — the 1Password team stopped responding and it was closed without comment: https://1password.community/discussion/139642/copy-secret-reference-using-id-values 1Password Version: 8.10.48 Extension Version: Not Provided OS Version: macOS 15.0.1 Browser: Not Provided
op run messes up the cli text format
I'm using op run to load secrets into the environment. but it messes up the text format of the subsequent cli. See the history below. My "hi" even disappeared after I hit enter. Any solutions? % op run --env-file=.env.local -- aider --model openai/gpt-4o-mini ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Aider v0.81.1 Model: openai/gpt-4o-mini with whole edit format Git repo: .git with 27 files Repo-map: using 4096 tokens, auto refresh ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── > It seems like you want to start a new request. Please let me know what changes you would like to make, and I will assist you accordingly! Tokens: 9.0k sent, 30 received. Cost: $0.0014 message, $0.0014 session. ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── > In comparison, if i run the cli tool without op run. It's well-formated. % aider --model openai/gpt-4o-mini ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── Warning: openai/gpt-4o-mini expects these environment variables - OPENAI_API_KEY: Not set You can skip this check with --no-show-model-warnings https://aider.chat/docs/llms/warnings.html Open documentation url for more info? (Y)es/(N)o/(D)on't ask again [Yes]: n Aider v0.81.1 Model: openai/gpt-4o-mini with whole edit format Git repo: .git with 27 files Repo-map: using 4096 tokens, auto refresh ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── > hi litellm.AuthenticationError: AuthenticationError: OpenAIException - The api_key client option must be set either by passing api_key to the client or by setting the OPENAI_API_KEY environment variable The API provider is not able to authenticate you. Check your API key. ────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────── >
