Skip to main content

Use 1Password CLI with a Connect server

You can use 1Password CLI with a Connect server to provision secrets and retrieve items on the command line.

Requirements

Before you can use 1Password CLI with a Connect server, you must:

Get started

After you complete the requirement steps, you can use the following 1Password CLI commands with a Connect server:

Vist the command documentation for more information.

Continuous integration (CI) environments

You can also use 1Password CLI with a Connect server in a continuous integration (CI) pipeline. 1Password CLI allows you to use secret references in place of plaintext secrets in code. You can configure a CI environment to pass different sets of secrets for different environments.

Secret references work well within infrastructure as code tools and CI configurations because you can define them alongside other configurations.

GitLab CI example

The following code block shows an example GitLab CI configuration file that implements a MySQL service. See GitLabs .gitlab-ci.yml documentation .

.gitlab-ci.yml

To authenticate 1Password CLI in the CI pipeline, add the OP_CONNECT_HOST and OP_CONNECT_TOKEN environment variables to a CI configuration file. The presence of these environment variables tells 1Password CLI to use the Connect server to fetch secrets.

The following code block expands the GitLab CI example to include the Connect environment variables.

.gitlab-ci.yml

Learn more

Replace plaintext secrets with secret references

Learn how to create and use secret references to avoid putting plaintext secrets in code.

Load secrets into the environment

Learn how to source secrets from the environment into your applications.

Load secrets into config files

Learn how to load secrets automatically into config files without putting any plaintext secrets in code.

Was this page helpful?