Teams and business

If you’re having trouble unlocking 1Password with SSO

Get help when you’re having trouble using your identity provider to sign in to 1Password.

If you can’t sign in to your account

If you’re trying to sign in with SSO, be sure that you’re signing in with an email address associated with both your identity provider and 1Password accounts.

If you’re using my.1password.com as a sign-in address, use your team’s unique web address on 1Password.com instead. Learn how to find yours.

If you experience issues when you try to sign in to the 1Password app with SSO, try the following:

If you still can’t sign in, contact your 1Password administrator. They’ll be able to recover your account.

You’ll get an email from 1Password. When you click Recover my account in the email, a page will open in your browser. After you recover your account:

If you’re asked for an account password and Secret Key

If you’re switching to Unlock with SSO, you’ll need to sign in to 1Password with your account password and Secret Key first. If you don’t have your sign-in details, ask an administrator to recover your account. You’ll be prompted to sign-in with SSO during the recovery process.

If you’re asked to enter an account password and Secret Key when you accept the invitation to join your team, wait 30 minutes and try again.

If you still can’t sign in, contact your 1Password administrator.

If you see the “User unable to sign in because grace period is expired” message

If you don’t switch to unlock with SSO before the grace period set by your 1Password administrator expires, you’ll see this message. Contact your administrator for help recovering your account.

If you can’t sign in to 1Password CLI with SSO

Make sure that you’ve connected 1Password CLI with the 1Password app.

If you’re signed out of your account after you close your browser

If you’re signed out of your account after you close your browser, your IT team may have a policy that clears browsing data when a browser is closed. You can ask them to exclude your team’s sign-in address from that policy to make sure team members won’t lose access to their linked browsers.

You should also link other apps and browsers, like the 1Password desktop app, to your account after you sign up or switch to unlock with SSO.

If you can’t find which browser is your linked browser

If you can’t find which browser is your linked browser:

  • Switch to a different browser profile in each browser you use.
  • Go to your email app, such as Outlook, and open a link from any email message to see which browser opens. This may be your linked browser because it’s where you first opened the email link to set up unlock with SSO.

If you’re using 1Password 7 or earlier

1Password 8 or later is required to sign in with SSO. Earlier versions of 1Password aren’t compatible with this feature.

If you’re using 1Password 7 or earlier, you’ll need to upgrade to 1Password 8 or later for Mac, Windows, iOS, or Android.

Then, to use Unlock with SSO, make sure you have the following releases installed on your computer and mobile device:

If your device is lost or stolen

If you lose possession of a device that signs in to 1Password with SSO and aren’t able to find it:

  1. Reset your identity provider password.
  2. Contact your 1Password administrator immediately to start account recovery.

    This will remove the device keys for all devices, including the one that was lost or stolen.

  3. You or your administrator should deauthorize the lost or stolen device.
  4. Once account recovery is complete, you will need to re-enroll your devices.

If you still need help

If you’re still having trouble unlocking 1Password with SSO, contact 1Password Support with a description of the problem.

Learn more


Published: