1Password Go SDK

Build integrations that programmatically access your secrets in 1Password.

Documentation | Examples

---

🚀 Get started

To use the 1Password Go SDK in your project:

1. Create a service account and give it the appropriate permissions in the vaults where the items you want to use with the SDK are saved.

2. Provision your service account token. We recommend provisioning your token from the environment. For example, to export your token to the OP_SERVICE_ACCOUNT_TOKEN environment variable:

   macOS or Linux

   export OP_SERVICE_ACCOUNT_TOKEN=<your-service-account-token>

   Windows

   $Env:OP_SERVICE_ACCOUNT_TOKEN = "<your-service-account-token>"

3. Install the 1Password Go SDK in your project:

   go get github.com/1password/onepassword-sdk-go

4. Use the Go SDK in your project:

import (
    "context"
    "os"

    "github.com/1password/onepassword-sdk-go"
)

func main() {
    token := os.Getenv("OP_SERVICE_ACCOUNT_TOKEN")

    client, err := onepassword.NewClient(
                context.TODO(),
                onepassword.WithServiceAccountToken(token),
                // TODO: Set the following to your own integration name and version.
                onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"),
    )
    if err != nil {
	// handle err
    }
    secret, err := client.Secrets.Resolve(context.TODO(), "op://vault/item/field")
    if err != nil {
        // handle err
    }
    // do something with the secret
}

Make sure to use secret reference URIs with the syntax op://vault/item/field to securely load secrets from 1Password into your code.

Supported functionality

1Password SDKs are in active development. We're keen to hear what you'd like to see next. Let us know by upvoting or filing an issue.

Item management

Operations:

• Retrieve secrets
• Retrieve items
• Create items
• Update items
• Delete items
• List items
• Add & update tags on items

Field types:

• API Keys
• Passwords
• Concealed fields
• Text fields
• Notes
• SSH private keys (partially supported: supported in resolving secret references, not yet supported in item create/get/update)
• SSH public keys, fingerprint and key type
• One-time passwords
• URLs
• Websites (used to suggest and autofill logins)
• Phone numbers
• Credit card types
• Files attachments and Document items (#108)

Vault management

• Retrieve vaults
• Create vaults
• Update vaults
• Delete vaults
• List vaults

User & access management

• Provision users
• Retrieve users
• List users
• Suspend users
• Create groups
• Update group membership
• Update vault access & permissions

Compliance & reporting

• Watchtower insights
• Travel mode
• Events (#76). For now, use 1Password Events Reporting API directly.

Authentication

• 1Password Service Accounts
• User authentication
• 1Password Connect. For now, use 1Password/connect-sdk-go.

📖 Learn more

• Load secrets with 1Password SDKs
• Manage items with 1Password SDKs
• List vaults and items with 1Password SDKs
• 1Password SDK concepts