Manage items using 1Password SDKs
You can use 1Password SDKs to read, write, and update secret values stored in your 1Password items. Before you begin, follow the steps to get started with a 1Password SDK.
When managing items, you must use unique identifiers (IDs) in place of vault, item, section, and field names. You can get IDs by listing vaults and items.
You can perform item management operations on supported field types. Some field types have special constraints.
See the examples folder in the 1Password Go, JavaScript, or Python SDK GitHub repository for example code you can quickly clone and test in your project.
Create an item
Specify the parameters for the item you want to create and pass the defined item to the client.Items.Create function.
- Go
- JavaScript
- Python
The following example creates a Login item with a username, password, one-time password, and a website where 1Password will autofill the credentials.
The value of the one-time password field can be either a one-time password secret or an otpauth:// URI. In this example, the one-time password field is organized beneath a custom section.
The following example creates a Login item with a username, password, one-time password, and a website where 1Password will autofill the credentials.
The value of the one-time password field can be either a one-time password secret or an otpauth:// URI. In this example, the one-time password field is organized beneath a custom section.
The following example creates a Login item with a username, password, one-time password, and a website where 1Password will autofill the credentials.
The value of the one-time password field can be either a one-time password secret or an otpauth:// URI. In this example, the one-time password field is organized beneath a custom section.
Item parameters include:
| Parameter | Definition |
|---|---|
Title | The name of the item. |
Category | The type of item you want to create. Supported categoriesLogin, SecureNote, CreditCard, CryptoWallet, Identity, Password, Document, ApiCredentials, BankAccount, Database, DriverLicense, Email, MedicalRecord, Membership, OutdoorLicense, Passport, Rewards, Router, Server, SshKey, SocialSecurityNumber, SoftwareLicense, Person |
Vault ID | The ID of the vault where you want to create the item. |
Fields | The item fields. |
Sections | The item sections. |
Notes | The item notes. |
Tags | A list of tags to add to the item. |
Websites | An optional list of websites where 1Password will suggest and fill the login. Only available for Login and Password items. |
A section organizes fields in an item under a section title. Section parameters include:
| Parameter | Description |
|---|---|
Section ID | A unique identifier for the section. |
Section Title | The name of the section. |
Field parameters include:
| Parameter | Description |
|---|---|
ID | A unique identifier for the field. For fields that are specific to an item category, like username and password for a Login item, use the appropriate built-in field ids. |
Title | The name of the field. |
Field type | The type of field. Some field types have special constraints.Supported fieldsAddress, Concealed, CreditCardNumber, CreditCardType, Date, Email, Menu, MonthYear, Notes, Phone, Reference, Text, Totp, Url, Reference, SSHKey |
Value | The value stored in the field. |
Field Details | Optional for most field types. Required for Address fields. |
Section ID | Organizes a field under a section. Required for all fields except built-in fields like username and password. If you create a custom field without a section, 1Password will create an empty section and assign the field to it. |
Autofill website parameters include:
| Parameter | Description |
|---|---|
| URL | The URL for the website. |
| Label | The name of the website. |
| Autofill behavior | When 1Password will autofill your credentials on the website. Options include:
|
To manage items that include files, learn how to manage files using 1Password SDKs.
Get an item
To get an item, pass the item ID and vault ID for the item you want to retrieve to the client.Items.Get function.
- Go
- JavaScript
- Python
To get the item created in the first section:
To get the item created in the first section:
To get the item created in the first section:
Get a one-time password
You can use 1Password SDKs to get the value stored in a field, like the six-digit one-time password code from a Totp field.
- Go
- JavaScript
- Python
To retrieve and print a one-time password from the item created in the first section:
To retrieve and print a one-time password from the item created in the first section:
To retrieve and print a one-time password from the item created in the first section:
Update an item
To update an item, fetch the item you want to update, specify the changes you want to make, then pass the updated item to the client.Items.Put function.
- Go
- JavaScript
- Python
Archive an item
To archive an item, pass the item ID and vault ID for the item you want to archive to the client.Items.Delete function.
- Go
- JavaScript
- Python
Delete an item
To delete an item, pass the item ID and vault ID for the item you want to delete to the client.Items.Delete function.
- Go
- JavaScript
- Python
Generate a password
You can generate a PIN code, a random password, or a memorable password.
- Go
- JavaScript
- Python
- PIN
- Random
- Memorable
Generates a PIN code. You can specify the length of the generated code.
Generates a random password. You can choose:
- Whether the password includes digits.
- Whether the password includes symbols.
- The length of the password.
Generates a memorable password. For example, correct-horse-battery-staple. You can choose:
- The separator used between words. Options:
Spaces,Hyphens,Underscores,Periods,Commas - Whether the memorable password is made up of full words or random syllables. Options:
FullWords,Syllables,ThreeLetters - Whether to capitalize one section of the generated password.
- The number of words included in the password.
- PIN
- Random
- Memorable
Generates a PIN code. You can specify the length of the generated code.
Generates a random password. You can choose:
- Whether the password includes digits.
- Whether the password includes symbols.
- The length of the password.
Generates a memorable password. For example, correct-horse-battery-staple. You can choose:
- The separator used between words. Options:
Spaces,Hyphens,Underscores,Periods,Commas - Whether the memorable password is made up of full words or random syllables. Options:
FullWords,Syllables,ThreeLetters - Whether to capitalize one section of the generated password.
- The number of words included in the password.
- PIN
- Random
- Memorable
Generates a PIN code. You can specify the length of the generated code.
Generates a random password. You can choose:
- Whether the password includes digits.
- Whether the password includes symbols.
- The length of the password.
Generates a memorable password. For example, correct-horse-battery-staple. You can choose:
- The separator used between words. Options:
Spaces,Hyphens,Underscores,Periods,Commas - Whether the memorable password is made up of full words or random syllables. Options:
FullWords,Syllables,ThreeLetters - Whether to capitalize one section of the generated password.
- The number of words included in the password.
Appendix: Field type constraints
Some supported field types have special requirements and constraints.
Address
For an Address type item field, the address field's value is built using the address field's details, because address string formats can differ according to the country. You must define which piece of the address each particular string corresponds to so that 1Password can properly create the address string.
To change the value of an Address field, edit the item field details directly, not the field value.
- Go
- JavaScript
- Python
Date
For a Date type item field, the date field's value must be a string formatted as YYYY-MM-DD. For example, 1998-03-15.
- Go
- JavaScript
- Python
MonthYear
For a MonthYear type item field, the value must be a string formatted as MM/YYYY. For example, 10/2000.
- Go
- JavaScript
- Python
Reference
For a Reference type item field, the reference field's value must be the unique identifier (ID) of another item that exists within the same vault. This ID should be a 26 character alphanumeric string. For example, vhn2qfnmizg6rw4iqottczq3fy.
- Go
- JavaScript
- Python
SSH Key
For an SSHKey type item field, the SSH key field's value must be a valid SSH private key – a decrypted, PEM-encoded string. You can use private key strings generated from the source of your choice, or you can generate SSH keys in your SDK language using that language's native support. Currently, if you attempt to pass an encrypted private key, you'll see an error.
SSH key fields can only be added to items with the SSH Key category. You can add one SSH key field per item.
When you create an item with an SSH key field assigned to it, 1Password will generate a public key, fingerprint, and key type which are stored in the SSH key field details.
- Go
- JavaScript
- Python
The following example shows how to generate a valid SSH private key in Go and adds it to a new SSH Key item in 1Password.
The following example shows how to generate a valid SSH private key in JavaScript and adds it to a new SSH Key item in 1Password.
The following example shows how to generate a valid SSH private key in Python and adds it to a new SSH Key item in 1Password.
TOTP
For a Totp type item field, the TOTP field's value must either be a valid one-time password URL (for example, otpauth://totp/rsnjfceadiejs?secret=e4dw4xrdq34wd3qw3&issuer=vfsrfesfes), or a one-time password seed (for example, e4dw4xrdq34wd3qw3).
- Go
- JavaScript
- Python
Troubleshooting
If you aren't able to create, edit, or delete items and see an error that you "don't have the right permissions to execute this argument," check your service account's permissions in the vault where the items are saved:
- Sign in to your account on 1Password.com.
- Select Developer in the sidebar.
- Choose the service account, then confirm that you see
Read & Writenext to the vault in the Vaults table.
If your service account only has read access, you'll need to create a new service account with read and write permissions.
