Skip to main content
The 1Password integration allows you to ingest security-relevant events from your 1Password account, including:
  • Sign-in attempts: Track successful and failed authentication attempts
  • Audit events: Monitor administrative actions and configuration changes
  • Item usages: See when credentials and secrets are accessed

Prerequisites

Before setting up this integration, ensure you have:
  1. A 1Password Business or 1Password Teams account
  2. Owner or administrator privileges in your 1Password account
  3. Access to the 1Password Admin Console

Step 1: Create an Events Reporting Integration

  1. Sign in to your 1Password Admin Console
  2. Navigate to Integrations in the sidebar
  3. Click Directory at the top
  4. Search for Events Reporting, select Other
  5. Click Add Integration
  6. Give your integration a descriptive name (e.g., “Wirespeed Events Integration”)
  7. Click Save

Step 2: Generate a Bearer Token

After creating the integration:
  1. You’ll see a Set up token section
  2. Click Generate token (or Regenerate token if one already exists)
  3. Important: Copy and securely save the token immediately. You won’t be able to see it again.
  4. The token will look like: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Store your bearer token securely. If you lose it, you’ll need to regenerate a new one, which will invalidate the old token.

Step 3: Identify Your Server URL

1Password uses different server URLs based on your account type and region. Use the appropriate URL:
Account TypeServer URL
1Password Business (US)https://events.1password.com
1Password Business (Canada)https://events.1password.ca
1Password Business (EU)https://events.1password.eu
1Password Enterprisehttps://events.ent.1password.com
If you’re unsure which server to use, check your 1Password sign-in URL. If you sign in at my.1password.ca, use the Canada server (events.1password.ca).

Step 4: Add the Integration in Wirespeed

  1. Log in to Wirespeed
  2. Navigate to Integrations > Add Integration
  3. Search for and select 1Password Events API
  4. Enter the following information:
    • Server URL: The appropriate server URL from Step 3
    • API Token: The bearer token you generated in Step 2
  5. Click Integrate to complete the setup

What Events Are Collected?

Sign-In Attempts

These events track authentication attempts to your 1Password account, including:
  • Successful sign-ins
  • Failed authentication attempts
  • MFA challenges
  • Blocked sign-in attempts due to policy

Audit Events

Administrative and configuration events, including:
  • User management (invites, removals, role changes)
  • Vault creation and permissions changes
  • Group management
  • Policy changes
  • Integration setup

Item Usages

Events showing when secrets are accessed:
  • Credential reveals
  • Password copies
  • Autofill usage
  • Item exports

Troubleshooting

Authentication Errors

If you see authentication errors:
  1. Verify your bearer token is correct and hasn’t expired
  2. Ensure you’re using the correct server URL for your account type
  3. Check that your integration is still active in the 1Password Admin Console

No Events Appearing

If events aren’t showing up:
  1. Events may take a few minutes to appear after initial setup
  2. Verify that activity is occurring in your 1Password account
  3. Check that your 1Password account has the Events Reporting feature enabled

Rate Limiting

The 1Password Events API has rate limits. If you encounter rate limiting:
  1. Wirespeed will automatically retry with exponential backoff
  2. Events will be collected on the next sync cycle

Additional Resources