Documentation Index
Fetch the complete documentation index at: https://www.1password.dev/llms.txt
Use this file to discover all available pages before exploring further.
Manage permissions and perform CRUD operations on your 1Password vaults.
Subcommands
vault create
Create a new vault
op vault create <name> [flags]
Flags
--allow-admins-to-manage true|false Set whether administrators can manage the vault.
If not provided, the default policy for the account applies.
--description description Set the vault's description.
--icon string Set the vault icon.
vault delete
Remove a vault. Specify the vault to delete by name or ID.
op vault delete [{ <vaultName> | <vaultID> | - }] [flags]
vault edit
Edit a vault’s name, description, icon, or Travel Mode status. Specify the vault by name or ID.
op vault edit [{ <vaultName> | <vaultID> | - }] [flags]
Flags
--description description Change the vault's description.
--icon icon Change the vault's icon.
--name name Change the vault's name.
--travel-mode on|off Turn Travel Mode on or off for the vault. Only vaults
with Travel Mode enabled are accessible while a user has Travel Mode turned on. (default off)
vault get
Get details about a vault. Specify the vault by name or ID.
op vault get [{ <vaultName> | <vaultID> | - }] [flags]
-) instead of a single object for this command,
the tool will read object specifiers from standard input (stdin).
Separate each specifier with a new line. For more information about how
to specify objects, run op help.
You can also pass the command a list or array of JSON objects. The tool
will get an item for any object that has an ID, ignoring line
breaks. This is useful for passing information from one op command
to another.
Examples
Get details for all vaults:
op vault list --format=json | op vault get -
op vault list --group security --format=json | op vault get -
vault group
Subcommands
vault group grant
Grant a group permissions in a vault.
op vault group grant [flags]
Flags
--group group The group to receive access.
--no-input input Do not prompt for input on interactive terminal.
--permissions permissions The permissions to grant to the group.
--vault vault The vault to grant group permissions to.
view_items,view_and_copy_passwords,edit_items
allow_viewing, allow_editing, allow_managing
view_items, view_and_copy_passwords, view_item_history
create_items, edit_items, archive_items, delete_items, import_items,
export_items, copy_and_share_items, print_items
Examples
Grant a group certain permissions in a vault with a business account:
op vault group grant --vault VAULT --group GROUP \
--permissions view_items,create_items,allow_viewing
op vault group grant --vault VAULT --group GROUP \
--permissions allow_viewing,export_items
op vault group grant --vault VAULT --group GROUP \
--permissions allow_viewing,allow_editing
vault group list
List all the groups that have access to the given vault.
op vault group list [{ <vault> | - }] [flags]
vault group revoke
Revoke a group’s permissions in a vault, in part or in full.
op vault group revoke [flags]
Flags
--group group The group to revoke access from.
--no-input input Do not prompt for input on interactive terminal.
--permissions permissions The permissions to revoke from the group.
--vault vault The vault to revoke access to.
view_items,view_and_copy_passwords,edit_items
allow_viewing, allow_editing, allow_managing
view_items, view_and_copy_passwords, view_item_history
create_items, edit_items, archive_items, delete_items, import_items,
export_items, copy_and_share_items, print_items
Examples
Remove a group from a vault:
op vault group revoke --vault VAULT --group GROUP
op vault group revoke --vault VAULT --group GROUP \
--permissions view_items,create_items,allow_editing
op vault group revoke --vault VAULT --group GROUP \
--permissions allow_viewing,allow_editing
vault list
List vaults.
Flags
--group string List vaults a group has access to.
--permission permissions List only vaults that the specified user/group has this permission for.
--user string List vaults that a given user has access to.
Examples
Get details for all vaults:
op vault list --format=json | op vault get -
op vault list --group Security --format=json | op vault get -
op vault list --user wendy_appleseed@1password.com --format=json | op vault get -
op vault list --user wendy_appleseed@1password.com --permission manage_vault
vault user
Subcommands
vault user grant
Grant a user permissions in a vault.
op vault user grant [flags]
Flags
--no-input input Do not prompt for input on interactive terminal.
--permissions permissions The permissions to grant to the user.
--user user The user to receive access.
--vault vault The vault to grant access to.
view_items,view_and_copy_passwords,edit_items
allow_viewing, allow_editing, allow_managing
view_items, view_and_copy_passwords, view_item_history
create_items, edit_items, archive_items, delete_items, import_items,
export_items, copy_and_share_items, print_items
Examples
Grant a user certain permissions in a vault with a business account:
op vault user grant --vault VAULT --user USER \
--permissions view_items,create_items,allow_viewing
op vault user grant --vault VAULT --user USER \
--permissions allow_viewing,export_items
op vault user grant --vault VAULT --user USER \
--permissions allow_viewing,allow_editing
vault user list
List all users with access to the vault and their permissions.
op vault user list <vault> [flags]
vault user revoke
Revoke a user’s permissions in a vault, in part or in full.
op vault user revoke [flags]
Flags
--no-input input Do not prompt for input on interactive terminal.
--permissions permissions The permissions to revoke from the user.
--user user The user to revoke access from.
--vault vault The vault to revoke access to.
view_items,view_and_copy_passwords,edit_items
allow_viewing, allow_editing, allow_managing
view_items, view_and_copy_passwords, view_item_history
create_items, edit_items, archive_items, delete_items, import_items,
export_items, copy_and_share_items, print_items
Examples
Remove a user from a vault:
op vault user revoke --vault VAULT --user USER
op vault user revoke --vault VAULT --user USER \
--permissions view_items,create_items,allow_editing
op vault user revoke --vault VAULT --user USER \
--permissions allow_viewing,allow_editing
