Feature Request: x-callback-url support

spkersten
spkersten
Community Member
edited April 2013 in iOS

The current 'trend' of apps including a button that opens 1Password with the right search term is nice, but wouldn't it be possible to send data in the other direction? A button in 1Password that opens the app that corresponds to a login entry with the right url that tells the app to login with the username and password that 1Password just copied to the clipboard. (Or possibly, the username and password can be put in the url.)

Ideally, this would be combined with the button in other apps: in, say, the instagram app the user taps on the "login with 1Password" button, which opens 1Password; 1Passwords asks for the master password and whether you want to login to instagram; if the users taps "yes", the username and password are copied to the clipboard and instagram is opened; instagram subsequently logs in with the username and password that where copied to the clipboard; like currently, 1Password can clear the clipboard after sometime.

Comments

  • tatchley
    tatchley
    Community Member

    So you'd like to be able to launch the app and login the same way you launch a website and login from 1P? Sounds good, but I can't see this happening without the other developer's help.

  • spkersten
    spkersten
    Community Member

    I agree, but the presence of 1P buttons in other apps (see agilebits' blog) shows that (at least some) developer's are willing to integrate with 1P.

  • khad
    khad
    1Password Alumni

    There are some limitations to what can be done [securely] in iOS, but x-callback-url support is on our list. There is always room for improvement. I'll pass your feedback along to the developers. :)

  • Alex/C
    Alex/C
    Community Member

    I've asked for this years ago (but without success...), and finally this might be possible :-)

    I'd immediately implement 1Password support in iCab Mobile (a web browser for iOS), when I can transfer passwords to 1Password and when I can also receive passwords from 1Password. Users are asking for this for years, the want to mange their passwords in 1Password, but they also want to use a comfortable full featured browser (like iCab Mobile) and not the (soemhow limited) built-in browser of 1Password. So it would be great if you could add a way to request passwords from 1Password and to pass passwords to 1Password. x-callback-url should work fine for this. iCab Mobile does support this already for many tasks and I would like to add a new task for password transfer.

  • khad
    khad
    1Password Alumni

    Thanks so much for following up on this, Alex. I'm not one of the developers, so I'll have to leave the security implications of such an endeavor to them, but I will definitely make sure they receive your feedback.

    Please let me know if there is anything else I can help with.

  • Alex/C
    Alex/C
    Community Member

    I guess the security is not an issue here. In all cases it's always the user who has to explicitly tell 1Password which passwords needs to be send to which App. So according to the security this is not different to the current situation, where the user needs to copy & paste name and login data from 1Password to another App (like iCab Mobile or other browsers). But instead of manually switching between the Apps multiple times (one time for copy & pasting the name, another time for the password), this could be done with a simple tap of the finger more or less automatically.

    An example:
    The user wants to login at ebay.com in iCab Mobile (an alternative web browser for the iOS) and taps on a button "login with 1Password". iCab will then use the x-callback-url protocol to launch 1Password and request the password for ebay.com. 1Password will then ask the user for its master password (as usual) and then gets the long information for ebay and asks the user if it is OK to send this to iCab Mobile. If the user confirms this, 1Password will then use the information from the x-callback-url to pass back the login data to iCab Mobile, which will then fill out the login form and the user can then buy or sell items in iCab Mobile. No need to copy & paste, no need to manually switch Apps, no need to manually type in more than necessary.

    Also if the user wants to save passwords from web sites in 1Passwords, this can be done as well very easy. iCab Mobile can provide a button to save the login data in 1Password instead of saving it in it's own password storage (like it is done now), iCab would then also use x-callback-url to pass the name/password to 1password, which can then store these (asking for its own mast password as usual) and afterwards would automatically return to iCab Mobile again. Again no manual app switching or copy and pasting necessary. And because 1Password would still ask for its master password nothing can be done without letting the user know about what is happening, and so this does not introduce any new security issues. Only all the copy & paste and app switching stuff can be done by the Apps automatically so the user doesn't have to do this manually anymore.

    This feature would be really great. And I'd be the first to implement this. If you need a test implementation in a real-world App, don't hesitate to contact me. I'd be happy to send you a beta version of iCab Mobile with some additional x-callback-url actions for the passwords. I'm waiting for this for years, so hopefully you agree that this would be great for you as well ;-)

  • khad
    khad
    1Password Alumni

    If you need a test implementation in a real-world App, don't hesitate to contact me.

    I can't make any promises, but I've mentioned this to the developers. :)

  • Alex Argo
    Alex Argo
    Community Member

    +1 for x-callback-url support for password generation / password login / password saving / password changing. I've got 17 apps that I would love to integrate x-callback-url support with for one of the country's largest retailers. I might try to beat iCab in it's implementation :)

  • :)

    The guys are excited about being able to expand the URL schemes, there's so much power that can be given there but we do have to be careful with it. At the moment, we just want to get the 1Password 4 for OS X out first, so it might be awhile before we'll start to see some movement on this but hopefully, we can do some magic with it down the line and also that Apple might expand it in iOS 7. :)

This discussion has been closed.