1Password MCP Server
Connects AI clients to 1Password vaults for secure credential management, enabling tools to list vaults, search, create, read, update, delete items, and generate passwords, with prompts for password generation, credential rotation, and vault auditing.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@1Password MCP Serverlist my vaults"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
1Password MCP Server
A community-built Model Context Protocol (MCP) server that connects MCP-compatible AI clients (Claude Desktop, VS Code Copilot, OpenAI Codex, Gemini, etc.) to 1Password vaults via a Service Account.
Not an official 1Password product. This is a community project.
Features
Tools (8)
Tool | Description |
| List all accessible vaults |
| Search items by title in a vault |
| Delete an item from a vault |
| Create a new password/login item |
| Retrieve a password via secret reference ( |
| Rotate/update an existing password |
| Generate a cryptographically secure random password |
| Generate a memorable passphrase from ~500 dictionary words |
Prompts (4)
Prompt | Description |
| Guided workflow to generate and store a secure password |
| Step-by-step credential rotation: read, generate, update, verify |
| Audit vault contents: list items, categorize, flag concerns |
| Construct |
Resources (3)
Resource URI | Description |
| Current server configuration (non-secret) |
| Browsable list of all accessible vaults |
| Browsable list of items in a vault |
Related MCP server: op-mcp
Quick Start
Prerequisites
Node.js >= 18
Claude Desktop / VS Code / IDEs (JSON)
{
"mcpServers": {
"1password": {
"command": "npx",
"args": ["-y", "@takescake/1password-mcp"],
"env": {
"OP_SERVICE_ACCOUNT_TOKEN": "YOUR_SERVICE_ACCOUNT_TOKEN"
}
}
}
}macOS Keychain (JSON)
If you do not want to store the service account token directly in your MCP config, macOS users can store it in Keychain and configure the server to read it at startup instead:
{
"mcpServers": {
"1password": {
"command": "npx",
"args": ["-y", "@takescake/1password-mcp"],
"env": {
"OP_KEYCHAIN_SERVICE": "op-service-account-claude-automation",
"OP_KEYCHAIN_ACCOUNT": "your-macos-username"
}
}
}
}Precedence is: CLI arguments (--service-account-token / --token) > OP_SERVICE_ACCOUNT_TOKEN > macOS Keychain lookup. OP_KEYCHAIN_ACCOUNT is optional if your Keychain service name is already unique enough.
OpenAI Codex (TOML)
Option A (stores the token in config):
[mcp_servers."1password"]
command = "npx"
args = ["-y", "@takescake/1password-mcp"]
[mcp_servers."1password".env]
OP_SERVICE_ACCOUNT_TOKEN = "YOUR_SERVICE_ACCOUNT_TOKEN"Option B (recommended: does NOT store the token in Codex config):
[mcp_servers."1password"]
command = "npx"
args = ["-y", "@takescake/1password-mcp"]
env_vars = ["OP_SERVICE_ACCOUNT_TOKEN"]Then set OP_SERVICE_ACCOUNT_TOKEN in your shell/session/CI environment.
Note:
codex mcp add ... --env OP_SERVICE_ACCOUNT_TOKEN=...writes the token into Codex config. Useenv_varsif you want the config to reference only the variable name.
On macOS, you can also omit OP_SERVICE_ACCOUNT_TOKEN and set OP_KEYCHAIN_SERVICE (plus optional OP_KEYCHAIN_ACCOUNT) to read the token from Keychain at startup.
CLI Options
--service-account-token <token> 1Password service account token
--log-level <level> Log level: error, warn, info, debug (default: info)
--integration-name <name> Custom integration name for 1Password SDK
--integration-version <version> Custom integration versionSecurity & Privacy
Read this before using.
LLM privacy risk -- Secrets retrieved/created may be sent to your LLM provider and could be retained depending on your provider/account settings.
No E2E encryption in MCP -- Secrets are plaintext inside the MCP workflow and in transit to the model. They are encrypted only once stored in 1Password.
Intended use -- Best for automated/disposable credentials (dev DB creds, bot/service accounts, CI tokens).
Avoid high-stakes secrets -- Do not use for banking, primary personal accounts, or other sensitive credentials. Use dedicated automation vaults.
Token security -- Treat the Service Account Token like a master key. Rotate immediately if exposed.
Config files -- Keep MCP config files out of version control (add to
.gitignore).Secret references -- Prefer
op://...references over copying raw passwords into prompts or files.Least privilege -- Use dedicated vaults and limited-scope service accounts for automation workflows.
Development
# Clone and install
git clone https://github.com/CakeRepository/1Password-MCP.git
cd 1Password-MCP
npm install
# Build
npm run build
# Run tests
npm test
# Type-check
npm run lint
# Watch mode (dev)
npm run devProject Structure
src/
index.ts # Server entrypoint
types.ts # Shared type definitions
logger.ts # Structured logging (stderr)
config.ts # CLI args, env vars, constants
client.ts # 1Password SDK client singleton
utils.ts # Result helpers, password generation
tools/ # MCP tool handlers
index.ts
vault-list.ts
item-lookup.ts
item-delete.ts
password-create.ts
password-read.ts
password-update.ts
password-generate.ts
password-generate-memorable.ts
prompts/ # MCP prompt definitions
index.ts
resources/ # MCP resource definitions
index.tsSee CONTRIBUTING.md for contribution guidelines.
License
Maintenance
Resources
Unclaimed servers have limited discoverability.
Looking for Admin?
If you are the server author, to access and configure the admin panel.
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/CakeRepository/1Password-MCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server