Protect what matters – even after you're gone. Make a plan for your digital legacy today.
Feature Request: Disable SSH Agent via macOS Menu Bar
It would be great to add an option 'Disable SSH Agent' to the 1Password Menu Bar Item on macOS. There's already an option to 'Disable Snippet Expansion' which is helpful. The 'Disable SSH Agent' would work the same. This would be helpful in scenarios where you are connecting to a system via SSH that doesn't have any of your 1Password-managed SSH keys. When I have the agent enabled, I often get `Too many authentication failures` for those systems. The ability to quickly disable and re-enable afterwards would be helpful. The current solution is to open the app, go to Settings > Developer, and toggle it there - which is cumbersome: To avoid confusing non-developer users with the option, it could only show up when the 1Password Developer experience was activated, or when the SSH Agent was enabled at least once. Thanks!op run fails with "deleted or archived" error when resolving item by name, but op item get works
1Password CLI Version: 2.32.0 OS: macOS (Darwin 25.1.0) Shell: zsh Problem: When using op run with an env file that references items by name, it fails with: [ERROR] could not find item GitLab in vault Employee, because it has been deleted or archived However, the item exists and can be accessed by name with other commands: # This works fine: op item get "GitLab" --vault Employee --fields token # This also confirms the item exists: op item list --vault Employee | grep GitLab # Returns: qf...bq GitLab Employee 3 weeks ago Reproduction: 1. Create secrets.env: GITLAB_TOKEN=op://Employee/GitLab/token 2. Run: op run --env-file=secrets.env -- env | grep GITLAB 3. Error occurs despite the item being accessible via op item get. Workaround: Using the item ID instead of the name works: GITLAB_TOKEN=op://Employee/qf...hq/token Expected: op run should resolve items by name the same way op item get does.
1Password Oddities
These have been issues for a while, but re-testing them today, I'm using "1Password for Mac 8.11.22 (81122027)", Google Chrome "144.0.7559.59", and 1Password extension "8.11.27.2". --- Is there a reason why I have to use my mouse and keyboard on web-pages that use XHTML? https://craig.dev/misc/1Password/2023-12-12-xml/ If I select either the username or password field (I'm using autofocus on the username field, but this isn't necessary)... the 1Password icon appears (good), but if I click on it with the mouse, then it just disappears... so now I need to use the [down arrow] button on my keyboard to show the 1Password account selection menu... but, if I press the [down arrow] a second time (i.e. to make a selection), then the 1Password select menu disappears, so I need to go back to using my mouse to select the account I want. This seems to be due to the use of `Content-Type: application/xhtml+xml`, you can change back to normal (error tolerant) HTML with the "change" link on this page. --- Also, because I have a `Permissions-Policy` header on my websites, where I set `ch-ua-high-entropy-values=()` to disable the getHighEntropyValues API, I get this error in the Google Chrome Developer tools: Permissions policy violation: Collection of high-entropy user-agent client hints is disabled for this document https://craig.dev/misc/1Password/2026-01-11-high-entropy/ --- Also, on either of these pages, you can see the scrolling issue... as in, when you try to scroll the page, the 1Password button remains fixed in position relative to the browsers window (not keeping track of the username/password field location): I suspect it's related to the setButtonStyles() function in "injected.js", which is using `button.style.position = "fixed"`... I'm not sure on the details, but if I was looking into this, I'd start by considering the use of position absolute. --- Also, every time I select a username/password field, and then use the down arrow so 1Password opens the select field, I get a warning in the Google Chrome Developer tools: Added non-passive event listener to a scroll-blocking 'wheel' event. Consider marking event handler as 'passive' to make the page more responsive. --- And finally, following on with the SMS verification codes discussion, what HTML should I be using on my SMS one-time-code fields, so I can tell 1Password to ignore this field (i.e. so the browser can offer the value from the SMS message)? I'm currently using: <input name="code" id="sms_code" required="required" autofocus="autofocus" autocomplete="one-time-code" type="text" inputmode="numeric" size="9" maxlength="7" value="">
CLI Slow Performance
I have the 1Password desktop app installed and up to date on my macBook Pro, the `op` CLI is also installed, up to date, and working properly. All expected CLI queries work but they are surprisingly slow. After a bunch of trial and error, it seems that it is making a round-trip online as part of every single CLI query. I added the --debug flag and I can see cache hits, but the round trip online is still occurring. Disabling the network interface causes all queries to fail. Is it possible to get the 1Password CLI working fully offline to avoid all of this unnecessary round-trip business? Surely with the desktop app installed and CLI integration turned on, there has to be a way to make efficient (and offline) use of my 1Password vaults. Otherwise automation tasks that require secrets are simply too cumbersome to handle with 1Password, and I will require a secondary solution. And in that case, I may as well give up on 1Password.
Safari & Firefox extensions still break <pre>/<code> blocks after page load
Hi 1Password team 👋, I’m opening this discussion specifically for Safari and Firefox. While the original issue appears to be resolved for Chrome, the same behavior is still reproducible in other browsers. For reference, this is the original Chrome-related discussion: 1Password Chrome extension is incorrectly manipulating <code> blocks | 1Password Community Environment Tested on macOS with the following versions: Firefox: 146.0.1 (aarch64) 1Password extension: 8.11.23.2 (Dec 16, 2025) Safari: Version 26.2 (21623.1.14.11.9) 1Password extension: 8.11.22.27 Current status The issue is still present in: Firefox (reliably reproducible) Safari (very noticeable once the extension initializes) Observed behavior <pre><code> blocks render correctly on initial page load (syntax highlighting and line numbers are visible) As soon as the 1Password extension finishes initializing, the DOM is modified Syntax highlighting and line numbers disappear This happens without any user interaction, simply by enabling the extension The behavior matches the previously reported Chrome issue, but remains unresolved in Safari and Firefox. Why this matters Many developer-focused sites rely on client-side syntax highlighting (e.g. Prism, Highlight.js, Shiki). Post-load modification of code blocks breaks documentation and significantly impacts readability. Request The Chrome fix is very much appreciated 👍 It would be great to see the same behavior addressed consistently for Safari and Firefox, so code blocks are handled uniformly across all 1Password browser extensions. Thanks a lot for the continued work — and happy to help with further testing if needed. Wishing you all a happy new year 🎉 Best regardsCLI can't connect
[ERROR] 2025/12/17 14:09:48 connecting to desktop app: 1Password CLI couldn't connect to the 1Password desktop app. To fix this, update the 1Password app to the latest version and restart the app. If you're still having trouble, visit https://developer.1password.com/docs/cli/app-integration#troubleshooting for more help. CLI cant connect to the desktop app anymore. Opening the desktop app I get prompted with this message Your saved data appears to be newer than this version of 1Password can use. Please update 1Password to its latest version. Contact support@1password.com for help. I've since attempted to reinstall the desktop app using the latest release, as well as the beta release, but both versions still give me the error above. this is 8.11.22 and 8.11.22-26 Macbook M3 Pro OS - Sequoia 15.6.1 CLI version - 2.32.0
Unofficial 1Password SDK for Rust
For some small projects I wanted to use a secure way of handling secrets in my backend code, without taking out the big guns and adding a ton of infrastructure overhead (e.g: Azure Key Vault). After some "research" and diving into the op cli options and official Python, Javascript and Go SDKs, I thought I could probably build a simple wrapper around the core SDK library used in the Python SDK. After some trial implementations across multiple rust projects I thought it would be a nice addition to 1passwords ecosystem. If you're interested using the SDK head over to the github page at: https://github.com/Trendium-Labs/corteq-onepassword Curious about the security and inner workings? it's documented at https://github.com/Trendium-Labs/corteq-onepassword/blob/main/docs/ARCHITECTURE.md Please share your feedback, thoughts and use cases to improve this unofficial SDK. Ps:1P_Phil and team have been notified to see if and how to take this unofficial approach forward. Happy holidays! Brian
ssh agent and ansible 12 prompting incessantly
I've been using the SSH Agent in 1Password for a couple of years now, with very little trouble. This includes lots of SSH to individual machines as well as a fair amount of ansible scripting using versions prior to 12 and run directly from Terminal. Recently, I did a `brew upgrade` and ended up with Ansible 12. After that, it has become commonplace that ansible scripts run on my local machine and talking to nearby devices over the network result in 1passwd SSH agent prompting for every...single...command. I rolled back to ansible 10 (11 not available directly in Brew any longer) and the behavior returned to normal: prompting at the outset of my ansible script and not again until the next time I run a script. Running Ansible (as opposed to directly sshing in Terminal) has always prompted at the run, and usually for each individual destination machine, but that has been it. With the change to Ansible 12, the prompting from the SSH agent in 1password is now such that it is not usable. For the time being, I can roll back to ansible 10, but that won't be the case forever. Does anyone else have experience with this? Any recommendations for either diagnostics or solutions other than just disabling 1password's otherwise-highly-useful SSH Agent?
