Skip to content

Latest commit

 

History

History
86 lines (56 loc) · 3.47 KB

README.md

File metadata and controls

86 lines (56 loc) · 3.47 KB
Raw

1Password Python SDK (beta)

❗ The 1Password SDK project is in beta. Future iterations may bring backwards-incompatible changes.

Documentation | Examples

The 1Password Python SDK offers programmatic access to your secrets in 1Password with Python. During the beta, you can create, retrieve, update, and delete items and resolve secret references.

🔑 Authentication

1Password SDKs support authentication with 1Password Service Accounts.

Before you get started, create a service account and give it the appropriate permissions in the vaults where the items you want to use with the SDK are saved.

❗ Limitations

1Password SDKs don't yet support using secret references with query parameters, so you can't retrieve file attachments or SSH keys, or get more information about field metadata.

1Password SDKs currently only support operations on text and concealed fields. As a result, you can't edit items that include information saved in other types of fields.

When managing items with 1Password SDKs, you must use unique identifiers (IDs) in place of vault, item, and field names.

🚀 Get started

To use the 1Password Python SDK in your project:

  1. Provision your service account token. We recommend provisioning your token from the environment. For example, to export your token to the OP_SERVICE_ACCOUNT_TOKEN environment variable:

    macOS or Linux

    export OP_SERVICE_ACCOUNT_TOKEN=<your-service-account-token>

    Windows

    $Env:OP_SERVICE_ACCOUNT_TOKEN = "<your-service-account-token>"

  2. Install the 1Password Python SDK in your project:

    pip install git+ssh://[email protected]/1Password/[email protected]

  3. Use the Python SDK in your project:

import asyncio
import os
from onepassword.client import Client

async def main():
    # Gets your service account token from the OP_SERVICE_ACCOUNT_TOKEN environment variable.
    token = os.getenv("OP_SERVICE_ACCOUNT_TOKEN")

    # Connects to 1Password. Fill in your own integration name and version.
    client = await Client.authenticate(auth=token, integration_name="My 1Password Integration", integration_version="v1.0.0")

    # Retrieves a secret from 1Password. Takes a secret reference as input and returns the secret to which it points.
    value = await client.secrets.resolve("op://vault/item/field")
    # use value here

if __name__ == '__main__':
    asyncio.run(main())

Make sure to use secret reference URIs with the syntax op://vault/item/field to securely load secrets from 1Password into your code.

📖 Learn more