Load secrets using 1Password SDKs - 1Password Developer Docs

You can use 1Password SDKs to securely load secrets into your code with secret references. Before you begin, follow the steps to get started with a 1Password SDK. You can retrieve secrets from supported field types. You can also retrieve one-time passwords using the otp attribute parameter. A valid secret reference should use the syntax:

op://<vault>/<item>/[section/]<field>

To get a one-time password, append the ?attribute=otp query parameter to a secret reference that points to a one-time password field in 1Password:

op://<vault>/<item>/[section/]one-time password?attribute=otp

See the examples folder in the 1Password Go, JavaScript, or Python SDK GitHub repository for example code you can quickly clone and test in your project.

Load a secret from 1Password

Replace the placeholder secret reference in the example with a secret reference URI that specifies the vault, item, section (if applicable), and field where the secret is saved in your 1Password account. If you have multiple vaults, items, or fields that share the same name, use a unique identifier instead of the name in the secret reference.

Go
JavaScript
Python

// Retrieves a secret from 1Password.
// Takes a secret reference as input and returns the secret to which it points.
secret, err := client.Secrets().Resolve(context.Background(), fmt.Sprintf("op://%s/%s/%s", vaultID, itemID, fieldID))
if err != nil {
	panic(err)
}
fmt.Println(secret)

To retrieve a secret and print its value:

// Fetches a secret.
const secret = await client.secrets.resolve(
  "op://" + item.vaultId + "/" + item.id + "/username",
);
console.log(secret);

To retrieve a secret and print its value:

# Retrieves a secret from 1Password. Takes a secret reference as input and returns the secret to which it points.
value = await client.secrets.resolve(
    f"op://{created_item.vault_id}/{created_item.id}/username"
)
print(value)

The resolve function resolves the secret reference and returns the value of the 1Password field it references. You can then use this value in your code, like to authenticate to another service.

Retrieve multiple secrets

You can use the secrets.resolveAll function to retrieve secrets from 1Password in bulk, improving the performance of the operation. Replace the placeholder secret references in the example with secret reference URIs that specify the vault, item, section (if applicable), and field where the secrets are saved in your 1Password account.

Go
JavaScript
Python

// Retrieves multiple secrets from 1Password.
// Takes multiple secret references as input and returns the secret to which it points.
secret, _ := client.Secrets().ResolveAll(
	context.Background(),
	[]string{
		fmt.Sprintf("op://%s/%s/%s", vaultID, itemID, fieldID),
		fmt.Sprintf("op://%s/%s/%s", vaultID, itemID, fieldID2),
	},
)
for _, s := range secret.IndividualResponses {
	if s.Error != nil {
		panic(string(s.Error.Type))
	}
	fmt.Println(s.Content.Secret)
}

try {
  // Fetch all secrets
  const secrets = await client.secrets.resolveAll([
    "op://7turaasywpymt3jecxoxk5roli/hdvxoumwprditdustkxv7d3dqy/username",
    "op://7turaasywpymt3jecxoxk5roli/hdvxoumwprditdustkxv7d3dqy/password",
  ]);

  for (const [_, response] of Object.entries(secrets.individualResponses)) {
    if (response.error) {
      console.error("Error resolving secret:", response.error);
      continue;
    }

    console.log(response.content.secret);
  }
} catch (error) {
  console.error("An unexpected error occurred:", error);
}

# Retrieves multiple secrets from 1Password.
secrets = await client.secrets.resolve_all(
    [
        f"op://{vault_id}/{item_id}/{field_id}",
        f"op://{vault_id}/{item_id}/{field_id2}",
    ]
)
for secret in secrets.individual_responses.values():
    if secret.error is not None:
        print(str(secret.error))
    else:
        print(secret.content.secret)

Validate a secret reference

You can use the secret reference validation function to make sure that your secret reference is formatted correctly.

Go
JavaScript
Python

// Validate your secret reference
err := onepassword.Secrets.ValidateSecretReference(context.Background(), fmt.Sprintf("op://%s/%s/%s", vaultID, itemID, fieldID))
if err != nil {
	panic(err)
}

// Validate a secret reference
try {
  sdk.Secrets.validateSecretReference("op://vault/item/field");
} catch (error) {
  console.error(error);
}

# Validate secret reference to ensure no syntax errors
try:
    Secrets.validate_secret_reference("op://vault/item/field")
except Exception as error:
    print(error)

If the secret reference is formatted incorrectly, the SDK will return an error that describes the syntax problem. Learn more about secret references.

SDKs

​Load a secret from 1Password

​Retrieve multiple secrets

​Validate a secret reference

​Learn more

Load a secret from 1Password

Retrieve multiple secrets

Validate a secret reference

Learn more