> ## Documentation Index
> Fetch the complete documentation index at: https://docs.optexity.com/llms.txt
> Use this file to discover all available pages before exploring further.

# 1Password Integration

> Store and retrieve secrets securely using 1Password

Use 1Password to store sensitive data like passwords and API keys. Values are retrieved at runtime without exposing secrets in your workflow.

## Setup

### Create an Item in 1Password

1. Go to [my.1password.com](https://my.1password.com/home)
2. Open an existing vault or click **New Vault** to create one
3. Click **New Item** and choose a category (e.g. **Login** or **Password**)
4. Fill in the fields you want to retrieve (e.g. a field named `password`)
5. Save the item and note the **vault name**, **item name**, and **field name** — you'll use these in `secure_parameters`

### Get Service Account Token

1. Go to [my.1password.com](https://my.1password.com/home)
2. Create a service account
3. Copy the token

<iframe width="100%" height="400" src="https://www.youtube.com/embed/5LHseHgkPs4" frameborder="0" allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture" allowfullscreen />

### Configure Environment

Add it directly on the **Integrations** page of the dashboard, or if you are running locally, add to your `.env` file:

```bash theme={null}
OP_SERVICE_ACCOUNT_TOKEN=your_service_account_token
```

***

## Usage

Move parameters from `input_parameters` to `secure_parameters`:

**Before:**

```json theme={null}
{
  "input_parameters": {
    "password": ["password_value"]
  }
}
```

**After:**

```json theme={null}
{
  "secure_parameters": {
    "password": [{
      "onepassword": {
        "vault_name": "my_vault",
        "item_name": "my_login",
        "field_name": "password"
      }
    }]
  }
}
```

***

## Properties

| Property     | Description                                         |
| ------------ | --------------------------------------------------- |
| `vault_name` | 1Password vault name                                |
| `item_name`  | Item name in vault                                  |
| `field_name` | Field to retrieve                                   |
| `type`       | Set to `"totp_secret"` to generate TOTP codes       |
| `digits`     | Required when `type` is `"totp_secret"` (e.g., `6`) |

***

## TOTP from 1Password

Retrieve TOTP secret and generate codes:

```json theme={null}
{
  "secure_parameters": {
    "auth_code": [{
      "onepassword": {
        "type": "totp_secret",
        "vault_name": "vault",
        "item_name": "login",
        "field_name": "totp_secret",
        "digits": 6
      }
    }]
  }
}
```

<Tip>
  See [TOTP Integration](/docs/advanced/totp-integration) for more 2FA options.
</Tip>

***

## Revoking Access

Revoke the service account token anytime from the 1Password dashboard.
