1Password security automation integrations let you connect 1Password Enterprise Password Manager (EPM) to your security automation platforms, enabling automated identity remediation. Set up incident response workflows to authenticate and trigger enforcement actions in 1Password EPM with no manual action required, such as automatically suspending a user directly in 1Password EPM when suspicious sign-in events are flagged.
Security automation integrations are built on the OAuth 2.0 framework to securely authorize the applications you delegate to act on your behalf. Use scoped, revocable OAuth credentials to follow the principle of least privilege.
You can set up 1Password security automation integrations if you’re an owner, an administrator, or part of the Security group.
Step 1: Create an OAuth application in 1Password Enterprise Password Manager
To connect your security automation platform to 1Password EPM, you’ll need to create an OAuth application in your 1Password EPM account. This generates the client credentials your platform uses to request an access token.
- Sign in to your 1Password EPM account.
- Select Integrations in the sidebar. If you’ve set up other integrations in your account, you’ll also need to select Directory on the Integrations page.
- Select OAuth Application.
- Configure your OAuth application:
- Application name: Enter a name to help you identify the integration.
- Description: (Optional) Add a description with additional information about your OAuth application.
- Redirect URL: Enter the redirect URL registered with your OAuth provider for your integration. For example:
https://myapp.com/oauth/callback. The URL must use the HTTPS protocol. If you don’t have a redirect URL, you can enter a placeholder URL then update it later. - Scopes: Select one or more of the scopes from the “Select scopes” list: get user, list users, suspend users, and reactivate users. Choose the least-privileged permissions your integration needs.
- Select Generate credentials to generate your client ID and client secret.
- Select Save in 1Password, then select the vault where you want to save your client credentials. The client secret is only shown once, so make sure to save it before you continue.
Step 2: Connect your security automation platform
Security automation applications and services collect information from 1Password through requests to the 1Password Users API for Partners (public preview). Requests are authenticated with an access token generated from your client credentials.
After you create an OAuth application, follow your Security Orchestration, Automation, and Response (SOAR) platform’s setup steps to connect it to 1Password using your client ID and client secret.
If your security automation platform isn’t listed, you can build your own client using the 1Password Users API for Partners (public preview) or contact your platform provider.
Revoke an OAuth application in 1Password Enterprise Password Manager
You can revoke an OAuth application from the Integrations section of your 1Password account.
- Sign in to your 1Password EPM account.
- Select Integrations in the sidebar.
- Select the OAuth application you want to revoke, then select Revoke integration.
Get help
For questions about configuring an integration for your security automation platform, contact the platform provider.
For questions about security automation or the 1Password Users API for Partners (public preview), contact 1Password support.
Learn more
Was this article helpful?
Glad to hear it! If you have anything you'd like to add, feel free to contact us.
Sorry to hear that. Please contact us if you'd like to provide more details.