How can I create an 'onepassword://' share URL ?

Options
hilario_ortigosa
hilario_ortigosa
Community Member
in Mac

We send created passwords by secure channel (I.e.: encrypted mail). By now we have to copy-and-paste individual data, and we wan to create an URL with the url, username, password (and optionally, some label) data so we can speedup the saving password process

We understand that these URLs aren't encrypted ( that's not a problem as we will use another secure channel for sending them) but we can't find any info about how are they generated.

1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Sync Type: local
Referrer: forum-search:onepassword://share

Comments

  • Ben
    Ben
    Options

    Hi @hilario_ortigosa

    We don't have any public documentation on how these URLs are generated that I'm aware of. The recommended way to share 1Password data is using a 1Password membership (1Password Families, 1Password Teams, or 1Password Business, as appropriate). You can read more about membership here:

    About 1Password membership

    If you're going to continue using the onepassword:// URLs to share data then I'd have to recommend using the 1Password software to generate them. In 1Password for Mac, select the item in question, click Item in the menu bar, drop down to Share, and then select your communications channel (e.g. Mail).

    It sounds like you're already familiar, but for anyone else who might be reading: we refer to this as 'insecure sharing.' The data sent using this method is not encrypted by 1Password. It is not protected by 1Password. If using this feature you should use extreme caution, and be sure the channel you're using is adding encryption to your message. As mentioned above 1Password membership is the supported way of doing this.

    Ben

  • tkeeler
    tkeeler
    Community Member
    Options

    Hi - I want to add in my support to make the onepassword://share publicly documented.

    My use case is this:

    I have an application that is generating data, including credentials. Our team is having to manually copy/paste this data into a 1Password vault entry. This process is time consuming, error-prone, and creates inconsistency in vault entry fields.

    I would love to have my application generate a onepassword://share link that would allow the user to click and create the entry in the appropriate 1Password vault.

    Considering the onepassword://share scheme isn't secure, understanding the encoding would be very beneficial to developers and the community, and allow greater integration/adoption with 1Password.

  • Ben
    Ben
    Options

    I love the idea of having an easy way for 3rd party applications to give users the option to add credentials to 1Password. I'm not sure the currently existing onepassword://share URLs would be the best way to accomplish that. I'll talk to the team and see if we can get some brainstorming going.

    Ben

    ref: dev/projects/customer-feature-requests#80

  • tkeeler
    tkeeler
    Community Member
    Options

    Excellent! Appreciate the quick reply.

    Taking a brief look at the schema, it looks like it's a base64 url-encoded AES 256 CBC encrypted cipher string. Considering it's an 'insecure' message, is it safe to assume it's using a common shared key (or key?)

    Let me know if I'm off track here. Nudges in the right direction would be helpful for my implementation. =)

This discussion has been closed.