Skip to main content
Glama
CakeRepository

1Password MCP Server

Server Configuration

Describes the environment variables required to run the server.

NameRequiredDescriptionDefault
OP_KEYCHAIN_ACCOUNTNoThe Keychain account name (optional, macOS only)
OP_KEYCHAIN_SERVICENoThe Keychain service name to retrieve the token from (macOS only)
OP_SERVICE_ACCOUNT_TOKENNoYour 1Password Service Account token

Capabilities

Features and capabilities supported by this server

CapabilityDetails
tools
{
  "listChanged": true
}
prompts
{
  "listChanged": true
}
resources
{
  "listChanged": true
}

Tools

Functions exposed to the LLM to take actions

NameDescription
vault_listA

List all 1Password vaults accessible to the service account. Returns vault IDs, names, descriptions, and types.

item_lookupA

Search for items within a 1Password vault by title substring. Returns item IDs, titles, categories, and vault IDs.

item_deleteA

Permanently delete an item from a 1Password vault. This action cannot be undone.

item_getA

Retrieve a full 1Password item — title, category, tags, notes, and all fields (id, title, type, section). Concealed field values are hidden unless reveal is true. Accepts a secret reference (op://vault/item/field) or vault ID + item ID.

item_editA

Edit an existing 1Password item. Update the title, notes (pass an empty string to clear notes), tags, website URL, upsert fields, or remove fields. Only referenced fields are changed; all others are preserved.

item_listA

List all items in a 1Password vault, returning id, title, category, tags, and updatedAt for each. Never returns secret values.

item_archiveA

Archive an item in a 1Password vault. The item is moved to the archive and hidden from regular views, rather than being permanently deleted.

note_createB

Create a Secure Note item in a 1Password vault, with optional tags and custom fields.

password_createA

Create a new password/login item in a 1Password vault with optional username, URL, tags, and notes.

password_readA

Retrieve a secret from 1Password using either a secret reference (op://vault/item/field) or vault ID + item ID. Supports field selection and optional value reveal.

password_updateA

Update (rotate) a password or concealed field on an existing 1Password item. If the target field does not exist, it will be created.

password_generateA

Generate a cryptographically secure random password with configurable length and character types. Uses rejection sampling for unbiased randomness.

password_generate_memorableA

Generate a memorable passphrase from random dictionary words with optional number and symbol suffixes. Uses a ~500-word curated list for good entropy.

Prompts

Interactive templates invoked by user choice

NameDescription
generate-secure-passwordGuide through generating a secure password with specific requirements
credential-rotationStep-by-step workflow for rotating a credential stored in 1Password
vault-auditAudit the contents of a 1Password vault — list all items with categories and metadata
secret-reference-helperHelp construct an op://vault/item/field secret reference from vault and item names

Resources

Contextual data attached and managed by the client

NameDescription
server-configCurrent 1Password MCP server configuration (non-secret values only).
vault-listList of all 1Password vaults accessible to the service account.
vault-itemsList of items within a specific 1Password vault (metadata only, no secrets).

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/CakeRepository/1Password-MCP'

If you have feedback or need assistance with the MCP directory API, please join our Discord server