Security and privacy

About 1Password SCIM bridge security

Learn how your data is protected when you use the 1Password SCIM bridge.

When you use the 1Password SCIM bridge, you can automate many administrative tasks by connecting 1Password with your identity provider. When you set up and deploy the SCIM bridge on a server in your own environment, the encryption keys for your account are only available to you.

Your company is protected

Communication between the SCIM bridge and 1Password is protected by the same multi-layered approach that secures all 1Password clients: Secure Remote Password (SRP) and Transport Layer Security (TLS).

When you use the 1Password SCIM bridge with your identity provider, user management and group memberships are automated, so the risk of human interference or error is reduced.

Your secure information is not shared

The SCIM bridge is a secure proxy for provisioning. It sends encrypted user and group information between 1Password and your identity provider. It doesn’t send any information from items or vaults.

The SCIM bridge sends the name of your identity provider to 1Password. It also logs provisioning actions by default, but this information is not shared and is only accessible from your server.

Protect yourself when using the SCIM bridge

Follow best security practices for your identity provider. Many identity providers have best practices to follow when using their product:

Azure Active Directory 

Okta 

OneLogin 

Published: