1Password reduces the risk of security incidents by making it easy for your employees to generate, store, and autofill strong passwords. 1Password Business customers can also create security policies and custom rules, monitor sign-in attempts, and generate reports β among many other advanced features.
The 1Password Advanced App is an API-based integration that collects logs from 3 different API endpoints. There are no response actions associated with the app at this time.
The 1Password Advanced App uses the following schedulers:
Collection of Item Usage Log Events
POST {1Password-HostName}/api/v2/itemusages
Collection of Sign-in Attempts Log Events
POST {1Password-HostName}/api/v2/signinattempts
Collection of Audit Log Events
POST {1Password-HostName}/api/v2/auditevents
The app is automatically scheduled to collect data every 15 minutes.
The Events API limits requests to 600 per minute and up to 30,000 per hour. Exceeding these limits will result in an error as 429 - Too many requests.
How to generate API token
Follow the steps described in this doc
In summary:
You need a 1Password business account --> https://1password.com/business-security
Navigate to the Integrations
Create a bearer token on 1Password --> https://support.1password.com/events-reporting/#appendix-issue-or-revoke-bearer-tokens
Choose the Events Reporting integration where you want to issue a token and click Add a token.
Enter a name for the bearer token and choose when it will expire. Select or deselect the event types the token has access to, then click Issue Token.
Click Save in 1Password and choose which vault to save your token to. Then click View Integration Details.
The Bearer token will be provided by the user on the configurations page, which can be updated when a new token is generated.
Note - You need the right permissions on the system to perform those steps.
Configuration
To configure the 1Password Advanced App, we need to add the following details
Host Name
1Password API Token
Your Host name will depend on where your 1Password account was stored. See below.
If your account is hosted on: | Your host name in the app conf is: |
|
|
|
|
|
|
|
|
Click on save button to save the credentials
Once the status is green, the app is configured successfully.
Actions Page
Here is the link for the 1Password API Reference Guide.
These links will redirect to the relative 1Password API Reference Guides.
Scheduler Page
The schedulers to fetch events from each endpoint is set to every 15 minutes by default.
Users can change the scheduler cycle from UI. The User can toggle the enable option and edit the scheduler time to alter the scheduler iterations.
History Page
For every successful run of the scheduler, a success message along with the number of events fetched will be displayed in the schedulers page and if the scheduler fails to fetch the logs, an error message will be displayed.