Ensure you have Administrator privileges within your 1Password account.
If you’ve been directed to StackOne to integrate with 1Password, the following steps will help you understand the process and any necessary actions to configure successful integration.

Introduction

1Password requires account holders to deploy an independent SCIM Bridge to support User data and provisioning via API. Learn more about the setup requirements and deployment process in 1Password Support. An Identity Provider (IDP) is not required to configure this integration, but note that the SCIM Bridge setup may vary for connection with different IDPs. Your SCIM Bridge must be fully configured for this integration. You can check the status of your SCIM bridge at your-scim-bridge-url/app/status.
Google Workspace limitation: 1Password currently does not support IAM API endpoints for SCIM Bridges connected to Google Workspace for User Provisioning.As a workaround, a second 1Password SCIM Bridge can be deployed to service this IAM connection.This second SCIM Bridge must use the same scimsession file, and must not be connected to Google Workspace.

Enable 1Password User Provisioning

1

Log in to your 1Password dashboard

Log in to your 1Password account with your Administrator credentials.
2

Enable User Provisioning

Navigate to Integrations, and select your listed Identity Provider to proceed. If you do not wish to connect to an IDP, select Okta to be used as the default.
User Provisioning
3

Set up User Provisioning

Based on how your SCIM Bridge will be deployed, select the listed deployment method, then click the Next button.
Set Up User Provisioning
4

Save Credentials

Download and save your scimsession file securely, which will be used when deploying your SCIM Bridge to connect with 1Password.Download and store your bearer token securely, which both an IDP and this integration will use to connect to the SCIM Bridge.
Save Credentials
If needed, click the button for your deployment type and follow the instructions to deploy.Press the Next button to proceed.
5

(optional) Set up Health Monitoring

1Password offers an optional alert system to notify you connection issues with your SCIM Bridge.To set up, enable “Turn on health monitoring” and enter the publicly-addressable URL for your SCIM Bridge deployment.Click the Next button to proceed.
Health Monitoring
6

(optional) Connect your IDP to the SCIM Bridge

If you wish to connect an IDP to your SCIM Bridge, click the tile for your IDP to view configuration instructions.Click the “View details” button to open the new User Provisioning configuration profile.
7

User Provisioning Configuration

On this page in 1Password, you can adjust multiple User Provisioning settings, generate new credentials, or delete the setup.
User Provisioning Configuration

Deploy 1Password SCIM Bridge

1

Set up your 1Password SCIM Bridge

See 1Password’s official SCIM Bridge deployment examples repo for specific setup instructions across different deployment options.This will require the scimsession file generated from enabling User Provision in your 1Password account.Note the publicly-addressable URL (example: https://op-scim.mydomain.org) of this deployment, as it is required for establishing this connection.

Connecting with StackOne

1

Enter Credentials

Upon reaching the Link Account page, enter your credentials from the previous steps:
  • SCIM Bridge URL: the publicly-addressable URL of your SCIM Bridge deployment. If you have an IDP connected, this will be the same URL entered in the IDP’s 1Password configuration.
  • SCIM Bearer Token: the bearer token displayed when initially enabling User Provisioning in 1Password
Proceed by clicking the Connect button.
Link Account

Congratulations, you’re all set! If you face any issues with the steps mentioned above, please contact us by emailing integrations@stackone.com. We’re always here to assist you!

Available data

This integration has the following IAM Resources available from the provider:
  • Users
  • Groups