--- title: 1Password API Integration on Truto slug: 1password category: Password Manager canonical: "https://truto.one/integrations/detail/1password/" --- # 1Password API Integration on Truto **Category:** Password Manager **Status:** Beta ## Unified APIs ### Unified User Directory API - **Users** — The User object represents a User. ## MCP-ready AI tools Truto exposes 4 tools for 1Password that AI agents can call directly. - **list_all_1_password_users** — List users in a 1Password account. Returns a collection of user objects from the account. Supports an optional filter to narrow results. - **get_single_1_password_user_by_id** — Get a single 1Password user by id. Returns the full user object for the specified account. Required: id. - **1_password_users_suspend** — Suspend a 1Password user by id, preventing them from accessing the account. Required: id. - **1_password_users_reactivate** — Reactivate a previously suspended 1Password user by id, restoring their access to the account. Required: id. ## How it works 1. **Link your customer's 1Password account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach 1Password.** The Proxy API is a 1-to-1 mapping of the 1Password API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Automate Zero-Trust Offboarding** — SaaS Management and IT automation platforms can instantly suspend departing employees' 1Password accounts the moment an offboarding workflow fires, cutting off access to shared vaults before credentials walk out the door. - **Continuous Password Manager Compliance Monitoring** — Compliance automation platforms can pull the full 1Password user roster on a schedule and cross-reference it against the HR directory to prove SOC 2 / ISO 27001 coverage and flag shadow IT in real time. - **Contractor & Leave Lifecycle Management** — HRIS and contractor management platforms can suspend 1Password access when contracts pause or employees go on leave, then reactivate the same account when they return — preserving private vault data without IT re-provisioning. - **Identity Posture Verification** — Identity governance tools can poll the live state of any 1Password user to confirm whether a specific employee is active or suspended, powering access reviews and audit evidence collection. - **Unified Access Reviews Across the Stack** — Access review platforms can include 1Password alongside other systems in a single quarterly review, using a normalized user object so reviewers don't have to context-switch between admin consoles. ## What you can build - **One-Click Offboarding Action** — Ship a button in your offboarding flow that suspends a user's 1Password account instantly without deleting their vault history. - **1Password Coverage Dashboard** — Display a live list of all provisioned 1Password users mapped against your customer's employee directory to surface unlicensed or unenrolled staff. - **Pause & Resume for Contractors** — Let HR admins suspend and reactivate 1Password access tied to contract status changes, preserving the user's identity and private vault between engagements. - **User Status Sync in Employee Profiles** — Embed each employee's real-time 1Password account status (active/suspended) directly inside their profile page in your app. - **Audit-Ready User Export** — Generate a point-in-time export of all 1Password users for SOC 2 / ISO 27001 evidence with a single API call through Truto. - **Automated Suspension Triggers** — Wire 1Password suspension into your existing rules engine so events like 'employee terminated' or 'contract paused' instantly revoke vault access. ## FAQs ### What 1Password operations does Truto support out of the box? Truto currently supports four 1Password operations: list all users, get a single user by ID, suspend a user, and reactivate a user. These cover the core identity lifecycle workflows for offboarding, compliance, and access verification. ### How does authentication work for end customers connecting 1Password? Truto handles the 1Password SCIM bridge / API token exchange on behalf of your users so you don't have to build or maintain the auth flow. Your end users connect their 1Password account through Truto's managed connection experience, and Truto manages token storage and refresh. ### Can I map 1Password users to a unified schema across other identity providers? Yes. 1Password is exposed through Truto's Unified User Directory API, so users from 1Password are normalized into the same schema as users from other connected identity sources, letting you build one integration surface instead of per-vendor logic. ### Does suspending a user delete their vault data? No. The suspend action locks the user out of their vaults but preserves their account state and private vault history, which is why it's safe to use for contractors on pause, employees on leave, or as a reversible offboarding step. ### How fresh is the user data returned by list and get operations? List and get-by-ID calls hit 1Password in real time through Truto, so the state returned reflects the live status of the user account at request time — appropriate for daily compliance scans as well as on-demand access reviews. ### What if I need 1Password capabilities beyond users — like groups, vaults, or events? The current Truto inventory for 1Password focuses on user lifecycle (list, get, suspend, reactivate). Additional resources such as groups, vault permissions, or event logs can be built on request — reach out to the Truto team to scope coverage for your use case. ## Related reading - [Connect 1Password to ChatGPT: Manage and Control User Access](https://truto.one/blog/connect-1password-to-chatgpt-manage-and-control-user-access/) — Learn how to connect 1Password to ChatGPT using a managed MCP server. This step-by-step engineering guide covers dynamic tool generation, rate limit handling, and secure user access workflows. - [Connect 1Password to Claude: Audit and Update Member Status](https://truto.one/blog/connect-1password-to-claude-audit-and-update-member-status/) — Learn how to connect 1Password to Claude using a managed MCP server. Automate user audits, offboarding, and directory syncs without building custom code. - [Connect 1Password to AI Agents: Automate User Account Lifecycle](https://truto.one/blog/connect-1password-to-ai-agents-automate-user-account-lifecycle/) — Learn how to connect 1Password to AI agents using Truto's tools endpoint. Automate user offboarding, auditing, and account lifecycle management with LangChain.