README
¶
1Password Go SDK
Build integrations that programmatically access your secrets in 1Password.
🚀 Get started
To use the 1Password Go SDK in your project:
-
Create a service account and give it the appropriate permissions in the vaults where the items you want to use with the SDK are saved.
-
Provision your service account token. We recommend provisioning your token from the environment. For example, to export your token to the
OP_SERVICE_ACCOUNT_TOKENenvironment variable:macOS or Linux
export OP_SERVICE_ACCOUNT_TOKEN=<your-service-account-token>Windows
$Env:OP_SERVICE_ACCOUNT_TOKEN = "<your-service-account-token>" -
Install the 1Password Go SDK in your project:
go get github.com/1password/onepassword-sdk-go -
Use the Go SDK in your project:
import (
"context"
"os"
"github.com/1password/onepassword-sdk-go"
)
func main() {
token := os.Getenv("OP_SERVICE_ACCOUNT_TOKEN")
client, err := onepassword.NewClient(
context.TODO(),
onepassword.WithServiceAccountToken(token),
// TODO: Set the following to your own integration name and version.
onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"),
)
if err != nil {
// handle err
}
secret, err := client.Secrets.Resolve(context.TODO(), "op://vault/item/field")
if err != nil {
// handle err
}
// do something with the secret
}
Make sure to use secret reference URIs with the syntax op://vault/item/field to securely load secrets from 1Password into your code.
Supported functionality
1Password SDKs are in active development. We're keen to hear what you'd like to see next. Let us know by upvoting or filing an issue.
Item management
Operations:
- Retrieve secrets
- Retrieve items
- Create items
- Update items
- Delete items
- List items
- Add & update tags on items
Field types:
- API Keys
- Passwords
- Concealed fields
- Text fields
- Notes
- SSH private keys (partially supported: supported in resolving secret references, not yet supported in item create/get/update)
- SSH public keys, fingerprint and key type
- One-time passwords
- URLs
- Websites (used to suggest and autofill logins)
- Phone numbers
- Credit card types
- Files attachments and Document items (#108)
Vault management
- Retrieve vaults
- Create vaults
- Update vaults
- Delete vaults
- List vaults
User & access management
- Provision users
- Retrieve users
- List users
- Suspend users
- Create groups
- Update group membership
- Update vault access & permissions
Compliance & reporting
- Watchtower insights
- Travel mode
- Events (#76). For now, use 1Password Events Reporting API directly.
Authentication
- 1Password Service Accounts
- User authentication
- 1Password Connect. For now, use 1Password/connect-sdk-go.
📖 Learn more
Documentation
¶
Overview ¶
Code generated by typeshare 1.12.0. DO NOT EDIT.
Index ¶
- Constants
- Variables
- type AutofillBehavior
- type Client
- type ClientOption
- type GeneratePasswordResponse
- type Item
- type ItemCategory
- type ItemCreateParams
- type ItemField
- type ItemFieldDetails
- type ItemFieldDetailsTypes
- type ItemFieldType
- type ItemOverview
- type ItemSection
- type ItemsAPI
- type ItemsSource
- func (s ItemsSource) Create(ctx context.Context, params ItemCreateParams) (Item, error)
- func (s ItemsSource) Delete(ctx context.Context, vaultId string, itemId string) error
- func (s ItemsSource) Get(ctx context.Context, vaultId string, itemId string) (Item, error)
- func (s ItemsSource) ListAll(ctx context.Context, vaultId string) (*Iterator[ItemOverview], error)
- func (s ItemsSource) Put(ctx context.Context, item Item) (Item, error)
- type Iterator
- type OTPFieldDetails
- type PasswordRecipe
- type PasswordRecipeMemorableInner
- type PasswordRecipePinInner
- type PasswordRecipeRandomInner
- type PasswordRecipeTypes
- type SecretsAPI
- type SecretsSource
- type SeparatorType
- type VaultOverview
- type VaultsAPI
- type VaultsSource
- type Website
- type WordListType
Constants ¶
View Source
const ( DefaultIntegrationName = "Unknown" DefaultIntegrationVersion = "Unknown" )
Variables ¶
View Source
var (
ErrorIteratorDone = errors.New("end of iterator")
)
View Source
var Secrets = secretsUtil{}
Functions ¶
This section is empty.
Types ¶
type AutofillBehavior ¶ added in v0.1.3
type AutofillBehavior string
Controls the auto-fill behavior of a website.
For more information, visit https://support.1password.com/autofill-behavior/
const ( // Auto-fill any page that’s part of the website, including subdomains AutofillBehaviorAnywhereOnWebsite AutofillBehavior = "AnywhereOnWebsite" // Auto-fill only if the domain (hostname and port) is an exact match. AutofillBehaviorExactDomain AutofillBehavior = "ExactDomain" // Never auto-fill on this website AutofillBehaviorNever AutofillBehavior = "Never" )
type Client ¶
type Client struct {
Secrets SecretsAPI
Items ItemsAPI
Vaults VaultsAPI
// contains filtered or unexported fields
}
Client represents an instance of the 1Password Go SDK client.
type ClientOption ¶
func WithIntegrationInfo ¶
func WithIntegrationInfo(name string, version string) ClientOption
WithIntegrationInfo specifies the name and version of the integration built using the 1Password Go SDK. If you don't know which name and version to use, use `DefaultIntegrationName` and `DefaultIntegrationVersion`, respectively.
func WithServiceAccountToken ¶
func WithServiceAccountToken(token string) ClientOption
WithServiceAccountToken specifies the [1Password Service Account](https://developer.1password.com/docs/service-accounts) token to use to authenticate the SDK client. Read more about how to get started with service accounts: https://developer.1password.com/docs/service-accounts/get-started/#create-a-service-account
type GeneratePasswordResponse ¶ added in v0.1.5
type GeneratePasswordResponse struct {
// The generated password.
Password string `json:"password"`
}
For future use, if we want to return more information about the generated password. Currently, it only returns the password itself.
type Item ¶
type Item struct {
// The item's ID
ID string `json:"id"`
// The item's title
Title string `json:"title"`
// The item's category
Category ItemCategory `json:"category"`
// The ID of the vault where the item is saved
VaultID string `json:"vaultId"`
// The item's fields
Fields []ItemField `json:"fields"`
// The item's sections
Sections []ItemSection `json:"sections"`
// The item's tags
Tags []string `json:"tags"`
// The websites used for autofilling for items of the Login and Password categories.
Websites []Website `json:"websites"`
// The item's version
Version uint32 `json:"version"`
}
Represents a 1Password item.
type ItemCategory ¶
type ItemCategory string
const ( ItemCategoryLogin ItemCategory = "Login" ItemCategorySecureNote ItemCategory = "SecureNote" ItemCategoryCreditCard ItemCategory = "CreditCard" ItemCategoryCryptoWallet ItemCategory = "CryptoWallet" ItemCategoryIdentity ItemCategory = "Identity" ItemCategoryPassword ItemCategory = "Password" ItemCategoryDocument ItemCategory = "Document" ItemCategoryAPICredentials ItemCategory = "ApiCredentials" ItemCategoryBankAccount ItemCategory = "BankAccount" ItemCategoryDatabase ItemCategory = "Database" ItemCategoryDriverLicense ItemCategory = "DriverLicense" ItemCategoryEmail ItemCategory = "Email" ItemCategoryMedicalRecord ItemCategory = "MedicalRecord" ItemCategoryMembership ItemCategory = "Membership" ItemCategoryOutdoorLicense ItemCategory = "OutdoorLicense" ItemCategoryPassport ItemCategory = "Passport" ItemCategoryRewards ItemCategory = "Rewards" ItemCategoryRouter ItemCategory = "Router" ItemCategoryServer ItemCategory = "Server" ItemCategorySSHKey ItemCategory = "SshKey" ItemCategorySocialSecurityNumber ItemCategory = "SocialSecurityNumber" ItemCategorySoftwareLicense ItemCategory = "SoftwareLicense" ItemCategoryPerson ItemCategory = "Person" ItemCategoryUnsupported ItemCategory = "Unsupported" )
type ItemCreateParams ¶
type ItemCreateParams struct {
// The item's category
Category ItemCategory `json:"category"`
// The ID of the vault where the item is saved
VaultID string `json:"vaultId"`
// The item's title
Title string `json:"title"`
// The item's fields
Fields []ItemField `json:"fields,omitempty"`
// The item's sections
Sections []ItemSection `json:"sections,omitempty"`
// The item's tags
Tags []string `json:"tags,omitempty"`
// The websites used for autofilling for items of the Login and Password categories.
Websites []Website `json:"websites,omitempty"`
}
type ItemField ¶
type ItemField struct {
// The field's ID
ID string `json:"id"`
// The field's title
Title string `json:"title"`
// The ID of the section containing the field. Built-in fields such as usernames and passwords don't require a section.
SectionID *string `json:"sectionId,omitempty"`
// The field's type
FieldType ItemFieldType `json:"fieldType"`
// The string representation of the field's value
Value string `json:"value"`
// Field type-specific attributes.
Details *ItemFieldDetails `json:"details,omitempty"`
}
Represents a field within an item.
type ItemFieldDetails ¶
type ItemFieldDetails struct {
Type ItemFieldDetailsTypes `json:"type"`
// contains filtered or unexported fields
}
func NewItemFieldDetailsTypeVariantOTP ¶
func NewItemFieldDetailsTypeVariantOTP(content *OTPFieldDetails) ItemFieldDetails
func (ItemFieldDetails) MarshalJSON ¶
func (i ItemFieldDetails) MarshalJSON() ([]byte, error)
func (ItemFieldDetails) OTP ¶
func (i ItemFieldDetails) OTP() *OTPFieldDetails
func (*ItemFieldDetails) UnmarshalJSON ¶
func (i *ItemFieldDetails) UnmarshalJSON(data []byte) error
type ItemFieldDetailsTypes ¶
type ItemFieldDetailsTypes string
Field type-specific attributes.
const ( // The computed OTP code and other details ItemFieldDetailsTypeVariantOTP ItemFieldDetailsTypes = "Otp" )
type ItemFieldType ¶
type ItemFieldType string
const ( ItemFieldTypeText ItemFieldType = "Text" ItemFieldTypeConcealed ItemFieldType = "Concealed" ItemFieldTypeCreditCardType ItemFieldType = "CreditCardType" ItemFieldTypeCreditCardNumber ItemFieldType = "CreditCardNumber" ItemFieldTypePhone ItemFieldType = "Phone" ItemFieldTypeURL ItemFieldType = "Url" ItemFieldTypeTOTP ItemFieldType = "Totp" ItemFieldTypeUnsupported ItemFieldType = "Unsupported" )
type ItemOverview ¶
type ItemOverview struct {
// The item's ID
ID string `json:"id"`
// The item's title
Title string `json:"title"`
// The item's category
Category ItemCategory `json:"category"`
// The ID of the vault where the item is saved
VaultID string `json:"vaultId"`
// The websites used for autofilling for items of the Login and Password categories.
Websites []Website `json:"websites"`
}
Represents a decrypted 1Password item.
type ItemSection ¶
type ItemSection struct {
// The section's unique ID
ID string `json:"id"`
// The section's title
Title string `json:"title"`
}
A section groups together multiple fields in an item.
type ItemsAPI ¶
type ItemsAPI interface {
// Create a new item
Create(ctx context.Context, params ItemCreateParams) (Item, error)
// Get an item by vault and item ID
Get(ctx context.Context, vaultId string, itemId string) (Item, error)
// Update an existing item.
Put(ctx context.Context, item Item) (Item, error)
// Delete an item.
Delete(ctx context.Context, vaultId string, itemId string) error
// List all items
ListAll(ctx context.Context, vaultId string) (*Iterator[ItemOverview], error)
}
The Items API holds all operations the SDK client can perform on 1Password items.
type ItemsSource ¶
type ItemsSource struct {
internal.InnerClient
}
func NewItemsSource ¶
func NewItemsSource(inner internal.InnerClient) *ItemsSource
func (ItemsSource) Create ¶
func (s ItemsSource) Create(ctx context.Context, params ItemCreateParams) (Item, error)
Create a new item
func (ItemsSource) ListAll ¶
func (s ItemsSource) ListAll(ctx context.Context, vaultId string) (*Iterator[ItemOverview], error)
List all items
type Iterator ¶
type Iterator[T any] struct { // contains filtered or unexported fields }
Iterator defines a generic iterator
func NewIterator ¶
NewIterator creates a new iterator for the given slice
type OTPFieldDetails ¶
type OTPFieldDetails struct {
// The OTP code, if successfully computed
Code *string `json:"code,omitempty"`
// The error message, if the OTP code could not be computed
ErrorMessage *string `json:"errorMessage,omitempty"`
}
Additional attributes for OTP fields.
type PasswordRecipe ¶ added in v0.1.5
type PasswordRecipe struct {
Type PasswordRecipeTypes `json:"type"`
// contains filtered or unexported fields
}
func NewPasswordRecipeTypeVariantMemorable ¶ added in v0.1.5
func NewPasswordRecipeTypeVariantMemorable(content *PasswordRecipeMemorableInner) PasswordRecipe
func NewPasswordRecipeTypeVariantPin ¶ added in v0.1.5
func NewPasswordRecipeTypeVariantPin(content *PasswordRecipePinInner) PasswordRecipe
func NewPasswordRecipeTypeVariantRandom ¶ added in v0.1.5
func NewPasswordRecipeTypeVariantRandom(content *PasswordRecipeRandomInner) PasswordRecipe
func (PasswordRecipe) MarshalJSON ¶ added in v0.1.5
func (p PasswordRecipe) MarshalJSON() ([]byte, error)
func (PasswordRecipe) Memorable ¶ added in v0.1.5
func (p PasswordRecipe) Memorable() *PasswordRecipeMemorableInner
func (PasswordRecipe) Pin ¶ added in v0.1.5
func (p PasswordRecipe) Pin() *PasswordRecipePinInner
func (PasswordRecipe) Random ¶ added in v0.1.5
func (p PasswordRecipe) Random() *PasswordRecipeRandomInner
func (*PasswordRecipe) UnmarshalJSON ¶ added in v0.1.5
func (p *PasswordRecipe) UnmarshalJSON(data []byte) error
type PasswordRecipeMemorableInner ¶ added in v0.1.5
type PasswordRecipeMemorableInner struct {
// The type of separator between chunks.
SeparatorType SeparatorType `json:"separatorType"`
// Uppercase one randomly selected chunk.
Capitalize bool `json:"capitalize"`
// The type of word list used.
WordListType WordListType `json:"wordListType"`
// The number of "words" (words or syllables).
WordCount uint32 `json:"wordCount"`
}
Generated type representing the anonymous struct variant `Memorable` of the `PasswordRecipe` Rust enum
type PasswordRecipePinInner ¶ added in v0.1.5
type PasswordRecipePinInner struct {
// Number of digits in the PIN.
Length uint32 `json:"length"`
}
Generated type representing the anonymous struct variant `Pin` of the `PasswordRecipe` Rust enum
type PasswordRecipeRandomInner ¶ added in v0.1.5
type PasswordRecipeRandomInner struct {
// Include at least one digit in the password.
IncludeDigits bool `json:"includeDigits"`
// Include at least one symbol in the password.
IncludeSymbols bool `json:"includeSymbols"`
// The length of the password.
Length uint32 `json:"length"`
}
Generated type representing the anonymous struct variant `Random` of the `PasswordRecipe` Rust enum
type PasswordRecipeTypes ¶ added in v0.1.5
type PasswordRecipeTypes string
const ( PasswordRecipeTypeVariantMemorable PasswordRecipeTypes = "Memorable" PasswordRecipeTypeVariantPin PasswordRecipeTypes = "Pin" PasswordRecipeTypeVariantRandom PasswordRecipeTypes = "Random" )
type SecretsAPI ¶
type SecretsAPI interface {
// Resolve returns the secret the provided secret reference points to.
Resolve(ctx context.Context, secretReference string) (string, error)
}
The Secrets API includes all operations the SDK client can perform on secrets. Use secret reference URIs to securely load secrets from 1Password: op://<vault-name>/<item-name>[/<section-name>]/<field-name>
type SecretsSource ¶
type SecretsSource struct {
internal.InnerClient
}
func NewSecretsSource ¶
func NewSecretsSource(inner internal.InnerClient) *SecretsSource
type SeparatorType ¶ added in v0.1.5
type SeparatorType string
const ( // Randomly selected digits. // E.g, "`correct4horse0battery1staple`" SeparatorTypeDigits SeparatorType = "digits" // Randomly selected digits and symbols. // This is useful to get word-based passwords to meet complexity requirements // E.g, "`correct4horse-battery1staple`" SeparatorTypeDigitsAndSymbols SeparatorType = "digitsAndSymbols" // Spaces, like the original Diceware. // Great for mobile keyboards, not so great when people can overhear you type the password. // E.g, "`correct horse battery staple`" SeparatorTypeSpaces SeparatorType = "spaces" // Hyphens "`-`". // E.g, "`correct-horse-battery-staple`" SeparatorTypeHyphens SeparatorType = "hyphens" // "`_`". // E.g, "`correct_horse_battery_staple`" SeparatorTypeUnderscores SeparatorType = "underscores" // Period (full stop) "`.`". // E.g, "`correct.horse.battery.staple`" SeparatorTypePeriods SeparatorType = "periods" // Comma "`,`". // E.g, "`correct,horse,battery,staple`" SeparatorTypeCommas SeparatorType = "commas" )
type VaultOverview ¶
type VaultOverview struct {
// The vault's ID
ID string `json:"id"`
// The vault's title
Title string `json:"title"`
}
Represents a decrypted 1Password vault.
type VaultsAPI ¶
type VaultsAPI interface {
// List all vaults
ListAll(ctx context.Context) (*Iterator[VaultOverview], error)
}
The Vaults API holds all the operations the SDK client can perform on 1Password vaults.
type VaultsSource ¶
type VaultsSource struct {
internal.InnerClient
}
func NewVaultsSource ¶
func NewVaultsSource(inner internal.InnerClient) *VaultsSource
func (VaultsSource) ListAll ¶
func (s VaultsSource) ListAll(ctx context.Context) (*Iterator[VaultOverview], error)
List all vaults
type Website ¶ added in v0.1.3
type Website struct {
// The website URL
URL string `json:"url"`
// The label of the website, e.g. 'website', 'sign-in address'
Label string `json:"label"`
// The auto-fill behavior of the website
//
// For more information, visit https://support.1password.com/autofill-behavior/
AutofillBehavior AutofillBehavior `json:"autofillBehavior"`
}
type WordListType ¶ added in v0.1.5
type WordListType string
const ( // Agile wordlist WordListTypeFullWords WordListType = "fullWords" // English-like syllables WordListTypeSyllables WordListType = "syllables" // Three (random) letter "words" WordListTypeThreeLetters WordListType = "threeLetters" )
Source Files
¶
Directories
Click to show internal directories.
Click to hide internal directories.