Details about 1Password integration

đź’¬answered

#1

Hello Station Devs - Thank you so much for this wonderful application!

Just noticed that in the latest 1.7.0 release, the 1Password integration is now active. However, I am unable to find any details about how this integration is implemented and the level of security in place when details are entered into this form and transmitted to 1Password.com.

Any light you can shed on the functioning of this plugin would be much appreciated!

Thanks!


#2

From this discussion (https://discussions.agilebits.com/discussion/84852/agilebits-developers) on the Agilebits Forum, it seems that you might be bootstrapping the 1Password CLI interface to communicate with 1Password.com to retrieve the user credentials. Can you talk about this a bit further?

Without more details, I am (and would advice other Station users to be) reluctant to make use of this functionality, until we can all be certain that the information entered into the “Connect 1Password” form is not being stored somewhere or transmitted?

Looking forward to your clarification.

Thank you!


(Alexandre Lacheze) #3

@vivekkrish thanks for your question!

We designed the feature so that no sensitive information are stored or transmitted to our server.
We wrote a few more details in this article.

Happy to share more details!


(Jim) #4

Love the idea of 1Password integration but still need more info then is in your article to feel comfortable about security.

When I add 1Password integration to Station, do you transmit my secret key and master password to your server at any time? Are you storing the secret key and master password anywhere on my computer or on your server?

It would be really helpful if Agile Bits commented on the implementation.