1Password MCP Server
The 1Password MCP Server connects AI clients to 1Password vaults via a Service Account, enabling programmatic management of secrets and credentials.
Vault Management
List vaults – Retrieve all accessible vaults with their IDs, names, descriptions, and types.
Item Management
Search – Look up items by title substring (case-insensitive) with an optional result limit.
List – Browse all items in a vault (ID, title, category, tags, updated date).
Get – Retrieve full item details; secret values are concealed unless explicitly revealed.
Edit – Update an item's title, notes, tags, URL, and fields (upsert or remove).
Delete – Permanently and irreversibly remove an item from a vault.
Archive – Move an item to the archive instead of permanently deleting it.
Create secure note – Create a Secure Note with optional tags and custom fields.
Password & Credential Operations
Create – Store a new password/login item with optional username, URL, tags, notes, and category.
Read – Retrieve a secret via an
op://vault/item/fieldreference or vault/item ID.Update/rotate – Update an existing password or concealed field; creates the field if it doesn't exist.
Generate random password – Cryptographically secure password with configurable length (8–128 chars) and character types.
Generate passphrase – Human-friendly passphrase with configurable word count, separator, capitalization, and optional suffixes.
Guided Workflows (Prompts)
generate-secure-password– Guided flow to generate and store a secure password.credential-rotation– Step-by-step workflow: read → generate → update → verify.vault-audit– List and categorize vault contents, flagging potential concerns.secret-reference-helper– Interactively constructop://vault/item/fieldreferences.
Browsable Resources
1password://config– View current server configuration.1password://vaults– Browse all accessible vaults.1password://vaults/{vaultId}/items– Browse items within a specific vault.
Connects AI clients to 1Password vaults for secure credential management, enabling tools to list vaults, search, create, read, update, delete items, and generate passwords, with prompts for password generation, credential rotation, and vault auditing.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@1Password MCP Serverlist my vaults"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
1Password MCP Server
A community-built Model Context Protocol (MCP) server that connects MCP-compatible AI clients (Claude Desktop, VS Code Copilot, OpenAI Codex, Gemini, etc.) to 1Password vaults via a Service Account.
Not an official 1Password product. This is a community project.
Features
Tools (13)
Tool | Description |
| List all accessible vaults |
| Search items by title in a vault |
| List all items in a vault (id, title, category, tags, updatedAt) |
| Retrieve a full item (title, category, tags, notes, fields); conceals secret values unless |
| Edit an item's title, notes, tags, URL, and fields (upsert/remove); empty |
| Delete an item from a vault |
| Archive an item (move to archive instead of permanently deleting) |
| Create a Secure Note item with optional tags and custom fields |
| Create a new password/login item |
| Retrieve a password via secret reference ( |
| Rotate/update an existing password |
| Generate a cryptographically secure random password |
| Generate a memorable passphrase from ~500 dictionary words |
Prompts (4)
Prompt | Description |
| Guided workflow to generate and store a secure password |
| Step-by-step credential rotation: read, generate, update, verify |
| Audit vault contents: list items, categorize, flag concerns |
| Construct |
Resources (3)
Resource URI | Description |
| Current server configuration (non-secret) |
| Browsable list of all accessible vaults |
| Browsable list of items in a vault |
Related MCP server: mcp-1password
Quick Start
Prerequisites
Node.js >= 18
Claude Desktop / VS Code / IDEs (JSON)
{
"mcpServers": {
"1password": {
"command": "npx",
"args": ["-y", "@takescake/1password-mcp"],
"env": {
"OP_SERVICE_ACCOUNT_TOKEN": "YOUR_SERVICE_ACCOUNT_TOKEN"
}
}
}
}macOS Keychain (JSON)
If you do not want to store the service account token directly in your MCP config, macOS users can store it in Keychain and configure the server to read it at startup instead:
{
"mcpServers": {
"1password": {
"command": "npx",
"args": ["-y", "@takescake/1password-mcp"],
"env": {
"OP_KEYCHAIN_SERVICE": "op-service-account-claude-automation",
"OP_KEYCHAIN_ACCOUNT": "your-macos-username"
}
}
}
}Precedence is: CLI arguments (--service-account-token / --token) > OP_SERVICE_ACCOUNT_TOKEN > macOS Keychain lookup. OP_KEYCHAIN_ACCOUNT is optional if your Keychain service name is already unique enough.
OpenAI Codex (TOML)
Option A (stores the token in config):
[mcp_servers."1password"]
command = "npx"
args = ["-y", "@takescake/1password-mcp"]
[mcp_servers."1password".env]
OP_SERVICE_ACCOUNT_TOKEN = "YOUR_SERVICE_ACCOUNT_TOKEN"Option B (recommended: does NOT store the token in Codex config):
[mcp_servers."1password"]
command = "npx"
args = ["-y", "@takescake/1password-mcp"]
env_vars = ["OP_SERVICE_ACCOUNT_TOKEN"]Then set OP_SERVICE_ACCOUNT_TOKEN in your shell/session/CI environment.
Note:
codex mcp add ... --env OP_SERVICE_ACCOUNT_TOKEN=...writes the token into Codex config. Useenv_varsif you want the config to reference only the variable name.
On macOS, you can also omit OP_SERVICE_ACCOUNT_TOKEN and set OP_KEYCHAIN_SERVICE (plus optional OP_KEYCHAIN_ACCOUNT) to read the token from Keychain at startup.
CLI Options
--service-account-token <token> 1Password service account token
--log-level <level> Log level: error, warn, info, debug (default: info)
--integration-name <name> Custom integration name for 1Password SDK
--integration-version <version> Custom integration versionSecurity & Privacy
Read this before using.
LLM privacy risk -- Secrets retrieved/created may be sent to your LLM provider and could be retained depending on your provider/account settings.
No E2E encryption in MCP -- Secrets are plaintext inside the MCP workflow and in transit to the model. They are encrypted only once stored in 1Password.
Intended use -- Best for automated/disposable credentials (dev DB creds, bot/service accounts, CI tokens).
Avoid high-stakes secrets -- Do not use for banking, primary personal accounts, or other sensitive credentials. Use dedicated automation vaults.
Token security -- Treat the Service Account Token like a master key. Rotate immediately if exposed.
Config files -- Keep MCP config files out of version control (add to
.gitignore).Secret references -- Prefer
op://...references over copying raw passwords into prompts or files.Least privilege -- Use dedicated vaults and limited-scope service accounts for automation workflows.
Development
# Clone and install
git clone https://github.com/CakeRepository/1Password-MCP.git
cd 1Password-MCP
npm install
# Build
npm run build
# Run tests
npm test
# Type-check
npm run lint
# Watch mode (dev)
npm run devProject Structure
src/
index.ts # Server entrypoint
types.ts # Shared type definitions
logger.ts # Structured logging (stderr)
config.ts # CLI args, env vars, constants
client.ts # 1Password SDK client singleton
utils.ts # Result helpers, password generation
tools/ # MCP tool handlers
index.ts
vault-list.ts
item-lookup.ts
item-delete.ts
password-create.ts
password-read.ts
password-update.ts
password-generate.ts
password-generate-memorable.ts
prompts/ # MCP prompt definitions
index.ts
resources/ # MCP resource definitions
index.tsSee CONTRIBUTING.md for contribution guidelines.
License
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
- Your AI Chatbot Just Exposed Your CEO's Salary to an InternBy Om-Shree-0709 on .Agent IdentityMCP SecurityOAuth Delegation
- Why MCP Servers Need Execution Sandboxing (And Why Your Current Stack Isn't Enough)By Om-Shree-0709 on .Agentic AiPrompt InjectionWebAssembly
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/CakeRepository/1Password-MCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server