Teams and Businesses

Update the 1Password SCIM bridge

Learn how to get and deploy the latest version of the 1Password SCIM bridge for your environment.

If you receive an email notification about a new version or upcoming deprecation of the SCIM bridge, follow the instructions for your deployment environment to update it.

If you received an email about your SCIM bridge version being deprecated, update the SCIM bridge within 90 days. If you don’t update in that time, your existing accounts will still work, but 1Password will no longer sync with your identity provider.

If you need help updating the SCIM bridge, contact a 1Password Business representative.

Docker or Kubernetes

If you followed the instructions from the scim-examples repository on GitHub to deploy the SCIM bridge, learn how to update the SCIM bridge on Docker or Kubernetes.

Customized deployment

If you customized your SCIM bridge deployment, update the deployment configuration file with the new version and then apply the change:

  1. Visit 1Password SCIM bridge on Docker Hub and note the tag with the most recent version number.

  2. Edit your YAML configuration file and update it with the version number you noted:

    Deployment environment Edit this YAML file
    Docker docker-compose.yml
    Kubernetes op-scim-deployment.yaml
  3. Run one of the following commands to apply the update:

    Deployment environment Run this command
    Docker Compose docker-compose up
    Docker Swarm docker stack deploy
    Kubernetes kubectl apply

Google Cloud Platform

Use the Cloud Shell on Google Cloud Platform to update the SCIM bridge in place:

  1. Visit the list of Clusters on Google Cloud Platform  and click the cluster you use for the SCIM bridge.

  2. Click Connect and choose “Run in Cloud Shell”.

  3. Allow any API permissions, then press Return to connect to the cluster.

  4. Copy this command and paste it into the shell window, then press Return:

     kubectl set image deployment/op-scim-bridge op-scim-bridge=1password/scim:v2.0.0 --record

    Change “v2.0.0” in the command to the latest version.

    The Application page for your SCIM bridge will only reflect the version of the SCIM bridge you initially installed through the Marketplace. You can safely ignore that version mismatch if the ‘kubectl set image’ command was successful.

If you can’t update the SCIM bridge in-place, you can also reinstall it:

  1. Release the app’s static IP address. 
  2. Visit the Google Kubernetes Engine console  , click the “SCIM bridge by 1Password” app instance, then click Delete.
  3. Install the SCIM bridge again  in the same project using the same cluster.
  4. Promote the app’s ephemeral IP address to a static IP address. 
  5. Update the DNS record for the SCIM bridge to point to the new static IP address.
  6. Visit the SCIM bridge domain in your browser and enter your OAuth bearer token to confirm that the upgrade was successful.


Install the updated DigitalOcean Marketplace app over the old one:

  1. Visit 1Password SCIM bridge on DigitalOcean Marketplace  and click Install App.
  2. Choose the cluster where the SCIM bridge is deployed, then click Install.
  3. Visit the SCIM bridge domain in your browser and enter your OAuth bearer token to confirm that the upgrade was successful.

Get help

Get help with the SCIM bridge, like if you lose your bearer token or session file, or if you use two-factor authentication.

For more information about the SCIM bridge, contact your 1Password Business representative. To get help and share feedback, join the discussion with the 1Password Support Community.

Learn more