> ## Documentation Index > Fetch the complete documentation index at: https://www.1password.dev/llms.txt > Use this file to discover all available pages before exploring further. # 1Password SDKs export const CodeResult = ({children, resultLang, wrap, expandable}) => { const parseChildren = () => { let language = "text"; let codeContent = ""; const extractText = node => { if (typeof node === "string") { return node; } if (Array.isArray(node)) { return node.map(extractText).join(""); } if (node?.props?.children) { return extractText(node.props.children); } return ""; }; const extractLanguage = node => { if (!node) return null; if (node.props?.className) { const className = node.props.className; const langMatch = className.match(/language-(\w+)/); if (langMatch) { return langMatch[1]; } } if (node.props?.["data-language"]) { return node.props["data-language"]; } if (node.props?.language) { return node.props.language; } return null; }; if (typeof children === "string") { codeContent = children; } else if (Array.isArray(children)) { codeContent = extractText(children); for (const child of children) { const detectedLang = extractLanguage(child); if (detectedLang) { language = detectedLang; break; } } } else if (children?.props) { const detectedLang = extractLanguage(children); if (detectedLang) { language = detectedLang; } codeContent = extractText(children); } const parts = codeContent.split("#code-result"); if (parts.length < 2) { return { command: codeContent.trim(), result: null, language, defaultOpen: false }; } const resultText = parts[1].trim(); const defaultOpen = resultText.startsWith("open"); const cleanResult = defaultOpen ? resultText.slice(4).trim() : resultText; return { command: parts[0].trim(), result: cleanResult, language, defaultOpen }; }; const {command, result, language, defaultOpen} = parseChildren(); const [isOpen, setIsOpen] = useState(defaultOpen); if (!result) { return children; } return

{}

{isOpen &&

}

; }; export const ImageButton = ({src, darkSrc, url, text, height, alt}) =>

{darkSrc ? <> : } {text}

; export const Image = ({src, darkSrc, alt, width, border, height, round}) => { const classNames = ["mint-mx-4"]; if (border) { classNames.push("mint-rounded-sm"); } if (round) { classNames.push("mint-rounded-lg"); } const style = {}; if (width) style.width = typeof width === "number" ? `${width}px` : width; if (height) style.height = typeof height === "number" ? `${height}px` : height; return darkSrc ? <> {alt}

0 ? style : undefined} /> {alt}

0 ? style : undefined} onError={e => { e.target.src = src; }} /> : {alt}

0 ? style : undefined} />; }; export const HighlightCard = ({title, preheader, link, src, darkSrc, children, useButton = true}) => { return

{preheader &&

{preheader}

}

{src && <> {darkSrc ? <> : } } {title}

{children}

{link &&

{useButton ? {link.text || "Learn more"} : {link.text || "Learn more"} }

}

; }; 1Password SDKs allow you to build integrations that programmatically interact with 1Password using Go, JavaScript, or Python. With 1Password SDKs, you can: * **Secure your applications**: Load secrets into your code with [secret references](/sdks/load-secrets) or read [environment variables](/sdks/environments/) from 1Password Environments. * **Automate item management**: Programmatically [manage items](/sdks/manage-items) in your 1Password account. * **Securely share items**: [Share items](/sdks/share-items) with anyone, whether or not they have a 1Password account. * **Manage vaults and access**: [Manage your team's vaults](/sdks/vaults) and the [permissions groups have](/sdks/vault-permissions) in them. * **Support biometric authorization**: Build local integrations that users authorize with prompts from the [1Password desktop app](/sdks/concepts#1password-desktop-app) for human-in-the-loop approval and minimal setup for end users. * **Support automated access**: Build integrations that authenticate with [service account tokens](/sdks/concepts#1password-service-account) for least-privilege access and automated environments. See a full list of [supported functionality](/sdks/functionality). ## Supported languages ## Example integrations See examples of how our partners have used SDKs to build integrations with 1Password:

Securely load API keys and other secrets stored in 1Password into Postman without exposing any secrets in plaintext.

Dynamically import secrets from 1Password into your environment. The provider will return a map of names to Secrets.

## About the current version 1Password SDKs are currently in version 0, which means they can meet the stability and scalability requirements of production use cases. During version 0, expect more frequent releases as we add additional features and languages. * There is a possibility of breaking changes when you upgrade from one version 0 release to another, for example 0.1.X to 0.2.0. Minor releases (0.1.X to 0.1.Y) will not include breaking changes. * Integration authors may need to update their code when updating the SDK version. Existing code and integrations won’t be affected, as these will have the SDK pinned at a specific version via package.json (JS), requirements.txt (Python), or go.mod (Go). * We will provide three months of support and security patches for version 0, so you can upgrade when it makes sense for your workflows and teams. You can find information about the latest releases in the [1Password SDK release notes](https://releases.1password.com/developers/sdks/). ## Get started Before you get started, you'll need to [sign up for a 1Password account](https://1password.com/pricing/password-manager). ### Step 1: Decide how you want to authenticate You can choose between two [authentication methods](/sdks/concepts#authentication) for 1Password SDKs: local authorization prompts from the [1Password desktop app](/sdks/concepts#1password-desktop-app) or automated authentication with a [1Password Service Account](/sdks/concepts#1password-service-account). * **1Password desktop app**: Best for integrations that run locally on a user's machine. Use desktop app authentication if you want minimal setup for end users, human-in-the-loop approval for sensitive workflows, user-specific auditing, if you need access to your full account, or if you need to perform vault management operations. * **Service account**: Best for automated access. Use a service account if you want a token-based authentication method that isn't associated with an individual account to automate access, limit your integration to least privilege access, or for shared building. Service accounts can't access your built-in [Personal](https://support.1password.com/1password-glossary#personal-vault), [Private](https://support.1password.com/1password-glossary#private-vault), or [Employee](https://support.1password.com/1password-glossary#employee-vault) vault.

1. Install 1Password for [Mac](https://1password.com/downloads/mac), [Windows](https://1password.com/downloads/windows), or [Linux](https://1password.com/downloads/linux). 2. Sign in to the account you want to use with your integration. 3. Select your account or collection at the top of the sidebar, then navigate to **Settings** > **[Developer](onepassword://settings/developers)**. 4. Under Integrate with the 1Password SDKs, select **Integrate with other apps**. 5. If you want to authenticate with biometrics, navigate to **Settings** > **[Security](onepassword://settings/security)**, then turn on the option to unlock using [Touch ID](https://support.1password.com/touch-id-mac/), [Windows Hello](https://support.1password.com/windows-hello/), or [system authentication](https://support.1password.com/system-authentication-linux/).

Create a service account

Create a [1Password Service Account](https://start.1password.com/developer-tools/infrastructure-secrets/serviceaccount/?source=dev-portal) and give it access to the vaults and [Environments](/environments) you want your integration to be able to access. To allow your integration to update items, make sure to give the service account **both read and write permissions** in the appropriate vaults. To allow your integration to share items, also add the **share permission**.

Provision your service account token

We recommend provisioning your token from the environment. Use the following example to provision your token to an environment variable named `OP_SERVICE_ACCOUNT_TOKEN`. You can also provision your token in other ways, like by reading it from a file. ```shell theme={null} export OP_SERVICE_ACCOUNT_TOKEN= ``` ```shell theme={null} set -x OP_SERVICE_ACCOUNT_TOKEN ``` ```shell theme={null} $Env:OP_SERVICE_ACCOUNT_TOKEN = "" ``` ### Step 2: Install the SDK Install the SDK in your project. ```go theme={null} go get github.com/1password/onepassword-sdk-go ``` ```shell theme={null} npm install @1password/sdk ``` ```python theme={null} pip install onepassword-sdk ``` ### Step 3: Import the SDK Import the SDK into your project. ```go theme={null} import "github.com/1password/onepassword-sdk-go" ```

CommonJS

```js theme={null} const sdk = require("@1password/sdk"); ```

ES Modules

```js theme={null} import sdk from "@1password/sdk"; ``` ```py theme={null} from onepassword import * ``` ### Step 4: Initialize the SDK When you initialize the SDK, you create a client instance that contains your configuration parameters. For desktop app integrations, you'll need to provide your 1Password account name. For service account authentication, you'll need to provide your service account token. Replace `your-account-name` in the code below with your 1Password account name as it appears at the top of the left sidebar in the 1Password app. The 1Password desktop app with the account name shown at the top of the left sidebar.

The 1Password desktop app with the account name shown at the top of the left sidebar.

You can also use the account ID that [1Password CLI](/cli/get-started) returns with [`op account list --format json`](/cli/reference/management-commands/account#account-list). Use the value in the `account_uuid` field. Make sure to specify a name and version for your application in place of `My 1Password Integration` and `v1.0.0`. This example prints an error message and exits if initialization fails. Because it writes the error to standard error, it uses Go’s `os` package, which you’ll need to import in your project. See the [complete example in Step 5](#step-5-start-building) for more context. ```go highlight={[4]} theme={null} // Connects to the 1Password desktop app. client, err := onepassword.NewClient(context.Background(), // TODO: Set to your 1Password account name. onepassword.WithDesktopAppIntegration("your-account-name"), // TODO: Set to your own integration name and version. onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"), ) if err != nil { fmt.Fprintln(os.Stderr, "Initialization error:", err) os.Exit(1) } ``` The 1Password JavaScript SDK is asynchronous and returns Promises. To make sure your code waits for 1Password to respond before moving to the next line, we recommend using the `await` keyword inside an `async` function. See the [complete example in Step 5](#step-5-start-building) for the full structure. ```js highlight={[4]} theme={null} // Connects to the 1Password desktop app. const client = await sdk.createClient({ // TODO: Set to your 1Password account name. auth: new sdk.DesktopAuth("your-account-name"), // TODO: Set to your own integration name and version. integrationName: "My 1Password Integration", integrationVersion: "v1.0.0", }); ``` The Python SDK is asynchronous. To wait for a response from 1Password, use the `await` keyword inside an `async` function in your code. See the [complete example in Step 5](#step-5-start-building) for the full structure. ```python highlight={[7]} theme={null} from onepassword import Client, DesktopAuth # Connects to the 1Password desktop app. client = await Client.authenticate( auth=DesktopAuth( # TODO: Set to your 1Password account name. account_name="your-account-name" ), # TODO: Set to your own integration name and version. integration_name="My 1Password Integration", integration_version="v1.0.0", ) ``` In the following example, the SDK gets the service account token string from the `OP_SERVICE_ACCOUNT_TOKEN` environment variable. Make sure to specify a name and version for your application in place of `My 1Password Integration` and `v1.0.0`. ```go theme={null} // Gets your service account token from the OP_SERVICE_ACCOUNT_TOKEN environment variable. token := os.Getenv("OP_SERVICE_ACCOUNT_TOKEN") // Authenticates with your service account token and connects to 1Password. client, err := onepassword.NewClient(context.Background(), onepassword.WithServiceAccountToken(token), // TODO: Set the following to your own integration name and version. onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"), ) if err != nil { panic(err) } ``` ```js theme={null} // Creates an authenticated client. const client = await sdk.createClient({ auth: process.env.OP_SERVICE_ACCOUNT_TOKEN, // Set the following to your own integration name and version. integrationName: "My 1Password Integration", integrationVersion: "v1.0.0", }); ``` ```python theme={null} import os from onepassword import Client # Get your service account token from the OP_SERVICE_ACCOUNT_TOKEN environment variable token = os.getenv("OP_SERVICE_ACCOUNT_TOKEN") # Create an authenticated client client = await Client.authenticate( auth=token, # Set to your own integration name and version integration_name="My 1Password Integration", integration_version="v1.0.0", ) ``` ### Step 5: Start building You can test your setup by building a simple integration that lists all the titles of all the vaults you or the service account has access to. ```go title="main.go" theme={null} package main import ( "context" "fmt" "os" "github.com/1password/onepassword-sdk-go" ) func main() { // Connects to the 1Password desktop app. client, err := onepassword.NewClient(context.Background(), // TODO: Set to your 1Password account name. onepassword.WithDesktopAppIntegration("your-account-name"), // TODO: Set to your own integration name and version. onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"), ) if err != nil { fmt.Fprintln(os.Stderr, "Initialization error:", err) os.Exit(1) } // Lists vault titles vaults, err := client.Vaults().List(context.Background()) if err != nil { panic(err) } for _, vault := range vaults { fmt.Println(vault.Title) } } ``` ```shell theme={null} go run main.go #code-result Development Production Private ``` ```js title="example.js" theme={null} import sdk from "@1password/sdk"; async function main() { // Connects to the 1Password desktop app. const client = await sdk.createClient({ // TODO: Set to your 1Password account name. auth: new sdk.DesktopAuth("your-account-name"), // TODO: Set to your own integration name and version. integrationName: "My 1Password Integration", integrationVersion: "v1.0.0", }); // Lists vault titles const vaults = await client.vaults.list({ decryptDetails: true }); for (const vault of vaults) { console.log(vault.title); } } main(); ``` ```shell theme={null} node index.js #code-result Development Production Private ``` ```python title="example.py" theme={null} import asyncio from onepassword import Client, DesktopAuth async def main(): # Connects to the 1Password desktop app. client = await Client.authenticate( auth=DesktopAuth( # TODO: Set to your 1Password account name. account_name="your-account-name" ), # TODO: Set to your own integration name and version. integration_name="My 1Password Integration", integration_version="v1.0.0", ) # Lists vault titles vaults = await client.vaults.list() for vault in vaults: print(vault.title) if __name__ == "__main__": asyncio.run(main()) ``` ```shell theme={null} python3 example.py #code-result Development Production Private ``` In the following example, the service account is scoped to a vault titled `Development`. ```go title="main.go" theme={null} package main import ( "context" "fmt" "os" "github.com/1password/onepassword-sdk-go" ) func main() { // Gets your service account token from the environment. token := os.Getenv("OP_SERVICE_ACCOUNT_TOKEN") client, err := onepassword.NewClient(context.Background(), onepassword.WithServiceAccountToken(token), // TODO: Set to your own integration name and version. onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"), ) if err != nil { fmt.Fprintln(os.Stderr, "Initialization error:", err) os.Exit(1) } // Lists vault titles vaults, err := client.Vaults().List(context.Background()) if err != nil { panic(err) } for _, vault := range vaults { fmt.Println(vault.Title) } } ``` ```shell theme={null} go run main.go #code-result Development ``` ```js title="index.js" theme={null} import sdk from "@1password/sdk"; async function main() { const client = await sdk.createClient({ // Gets your service account token from the environment. auth: process.env.OP_SERVICE_ACCOUNT_TOKEN, // TODO: Set to your own integration name and version. integrationName: "My 1Password Integration", integrationVersion: "v1.0.0", }); // Lists vault titles const vaults = await client.vaults.list({ decryptDetails: true }); for (const vault of vaults) { console.log(vault.title); } } main(); ``` ```shell theme={null} node index.js #code-result Development ``` ```python title="example.py" theme={null} import asyncio import os from onepassword import Client async def main(): # Gets your service account token from the environment. token = os.getenv("OP_SERVICE_ACCOUNT_TOKEN") client = await Client.authenticate( auth=token, # TODO: Set to your own integration name and version. integration_name="My 1Password Integration", integration_version="v1.0.0", ) # Lists vault titles vaults = await client.vaults.list() for vault in vaults: print(vault.title) if __name__ == "__main__": asyncio.run(main()) ``` ```shell theme={null} python3 example.py #code-result Development ``` Visit the [Go](https://github.com/1Password/onepassword-sdk-go/tree/main/example), [JavaScript](https://github.com/1Password/onepassword-sdk-js/tree/main/examples), or [Python](https://github.com/1Password/onepassword-sdk-python/blob/main/example/example.py) SDK GitHub repositories for more examples. ## Get help To get help with 1Password SDKs, join our [Developer Slack workspace](/joinslack) and ask a question in the `#sdk` channel. To request a new feature or report a bug, file an issue in the appropriate GitHub repo: * [Go](https://github.com/1Password/onepassword-sdk-go/issues/new/choose) * [JavaScript](https://github.com/1Password/onepassword-sdk-js/issues/new/choose) * [Python](https://github.com/1Password/onepassword-sdk-python/issues/new/choose)