1Password

Live 23 Actions

1Password Integration for AI Agents

Connect your AI agent to 23 production-ready 1Password actions via MCP, A2A, or SDK — with agent authentication, optimized tool-calling execution, and built-in security.

Start Free Book Demo 1Password MCP Server

1Password AI Agent Actions

23 production-ready actions for your agent to do more on 1Password.

Start Free Book a Demo 1Password MCP server

23 Actions

List API Activity - Retrieve API request activity logs from the Connect server

List Files - Retrieve all files attached to an item

Get File Details - Retrieve metadata and optionally content of a specific file

Download File Content - Download the binary content of a file

Get Heartbeat - Check if the Connect server is alive and responsive

Get Server Health - Retrieve Connect server health status and dependencies

Get Prometheus Metrics - Retrieve Prometheus metrics from the Connect server

Get IAM Credentials (1Password SCIM) - Return connection identity for the current 1Password SCIM bridge integration. The SCIM bridge token is a service-level credential with no named user identity — name is derived from the configured SCIM bridge URL. auth_type is "service_user". Uses the SCIM bearer token and URL.

List IAM Groups (1Password SCIM) - List all groups in the 1Password account via the SCIM bridge, mapped to the IAM unified group schema. Each entry surfaces the group's stable SCIM id and display name. User membership is not mapped in this action — use unified_list_resource_users with resource_type=group. Uses the SCIM bearer token and URL (not the Connect Server credentials).

Get IAM Group (1Password SCIM) - Retrieve a single 1Password group by SCIM ID via the SCIM bridge, mapped to the IAM unified group schema. Returns group name, type, and timestamps. User membership is not mapped — use unified_list_resource_users with resource_type=group. Uses the SCIM bearer token and URL (not the Connect Server credentials).

List Resource Users — 1Password Group Members - List the users who are members of a specific 1Password group. Pass resource_type="group" and resource_id=<SCIM group id>. Returns group members from the SCIM group endpoint; status and email may be unavailable as the members array only includes id and display name. resource_id must be the raw SCIM group ID (remote_id from unified_list_groups), not the StackOne-encoded id.

List IAM Resource Types (1Password) - Return the static list of resource types supported for unified_list_resource_users on this connector. Only "group" is supported — 1Password groups are the access control unit with user membership lists in SCIM.

List IAM Roles (1Password Synthesized) - Return the four stable 1Password IAM roles (owner / administrator / member / guest) synthesized from 1Password's documented role model. 1Password has no native roles API — the role set is static, closed, and matches role IDs used for cross-action referencing. Uses the SCIM bearer token for the auth probe.

Get IAM Role (1Password Synthesized) - Retrieve a single synthesized 1Password IAM role by id (owner, administrator, member, or guest). Returns role name, description, type, and scope. No upstream API call is made for the role data itself — the role catalog is static.

List IAM Users (1Password SCIM) - List all users in the 1Password account via the SCIM bridge, mapped to the StackOne IAM unified user schema. Returns identity, status (enabled/disabled), email, and name fields. Uses 1Password SCIM Bridge at /scim/Users with the SCIM bearer token and URL (not the Connect Server credentials).

Get IAM User (1Password SCIM) - Retrieve a single 1Password user by their SCIM ID via the SCIM bridge, mapped to the IAM unified user schema. Groups are always included when the user belongs to groups — the SCIM user record includes groups[] unconditionally. Uses the SCIM bearer token and URL (not the Connect Server credentials).

List Items - Retrieve all items within a specific vault

Create Item - Create a new item in a vault

Get Item - Retrieve detailed information about a specific item

Replace Item - Replace an existing item with new data

Delete Item - Delete an item from a vault

List Vaults - Retrieve all vaults accessible by the Connect server

Get Vault - Retrieve detailed information about a specific vault

Do More, Build Less

Integration Infrastructure for 1Password AI Agents

Multiple Interfaces

Access integrations via API, AI SDKs, MCP & A2A.

1Password MCP server

Managed Authentication

Pre-built authentication UI.

Agent auth

Falcon Engine

Every 1Password action runs on Falcon.

Agent Execution Engine

StackOne Defender

88.7% prompt injection detection.

Prompt injection defense

"What impressed us most about StackOne is its ambition and clarity. They're creating infrastructure that modern software and the entire AI agent ecosystem can rely on. The depth of secure integrations, the pace of delivery, and the team's foresight into AI's future uniquely position StackOne to redefine this category."

Luna Schmid, Partner at GV

"We've been impressed by how quickly and deeply StackOne integrates with complex enterprise systems -- and now, with their focus on agent-to-agent interoperability, they're unlocking even more powerful use cases for customers. StackOne delivers all of the above in a universal layer -- without compromise."