Level up your business security with free, on-demand training and certification. Explore 1Password Academy today →
Show the requested credential
I'm heavily using 1password now for agentic usage. All of my business is set up on it now, and all of my credentials are locally using op://, or service accounts. I've put in a lot of effort to try and isolate systems using least privilege, but one problem is that when agents (or applications) request a credential from the system, it doesn't say WHAT credential is being requested. Half the time it doesn't even say the correct name for the application making the request, either. This is a big problem, because I'm starting to get into the habit of just spamming "Accept" blindly. But the whole reason I have set up this whole pipeline is so I can catch malicious programs trying to gain access - for example, supply chain attack infections. Without seeing what credential is being requested, and the process information that is requesting it, I'm finding it's not actually adding much protection at all, because it's putting me into a false sense of security and promoting bad habits. If I'm running multiple agents in parallel, which is often the case, it might just say "Terminal requests access to your vault" or something similar. Which terminal is that? What is the underlying entity being requested? What credential? What is the process ID or terminal title, so I can isolate it to a terminal/agent? Etc. I think this is something that urgently needs to be added. Otherwise, as it stands, it's not really offering much protection because users will just go "oh, it's probably just that agent running - I'm sure it's fine" and accept everything. If that agent happened to have installed a malicious npm package, you'd probably catch it too late.
Can't share a vault with a Guest
Hi everyone, I'm hoping someone in the community has run into this before, because I've exhausted what I can try on my side and I'm still waiting on a reply from Support and Success. The situation: I invited a client to my Business account as a Guest. He accepted the invitation, created his account, and I confirmed his access. His status is now Active and he is not assigned to any vault. However, every time I try to add him to a vault, I get this error: Failed to add person to vault. An unexpected error occurred. Error Code: 400 What I've already checked / tried: I'm the only team member on the account and I hold owner/administrator permissions, so I have full rights to manage vaults and people. The guest is not assigned to any other vault. Tried adding him from the vault side (Manage Access) and from the person side (People → user profile → Vaults). Both fail with the same error. Deleted the user entirely and re-invited him from scratch. He accepted again, I confirmed him again, and the error persists. Tried a different browser and an incognito window — same result. Has anyone seen this before? Is there something I might be missing, or a workaround that's worked for you? Thanks in advance for any pointers.
How to customize the suggested item name in the auto-save prompt?
Hello. When a user saves a new login on our site (e.g. app.acme.io), the "Save in 1Password" prompt defaults to a name derived from the domain so we get "Acme" instead of "acme.io". It doesn't match our brand. We've already done what compatible-website-design recommends: brand-name <title>, application-name, apple-mobile-web-app-title, og:site_name, manifest.webmanifest (name / short_name), correct autocomplete attributes. None of these influence the suggested name. Questions: Is there a client-side mechanism (meta tag, well-known endpoint, JSON-LD…) we're missing to declare our brand name for the auto-save prompt? If not, what's the official process to submit a domain + brand name + logo to 1password Rich Icons / website database? Thanks.
Domain Migration/Merge
I am not sure if there was an option, may of the settings became unavailable once 1P was connected to an IDP(Rippling). 1- We are rebranding and migrating from domain W to domain A, is there a way to rename users from user @ w.com to user @ a.org while keeping their access and accounts? 2-I've also seen a few users having both a.org and w.com accounts, is there a way to merge the two under a.org? 3-When a user is offboarded they may have passwords not saved in a shared vault, I would manually login as the user to access those. Is there an admin tool/function to transfer those vault items to their manager? Thanks!
