1Password Go SDK (beta)

❗ The 1Password SDK project is in beta. Future iterations may bring backwards-incompatible changes.

Documentation | Examples

---

The 1Password Go SDK offers programmatic access to your secrets in 1Password with Go. During the beta, you can create, retrieve, update, and delete items and resolve secret references.

🔑 Authentication

1Password SDKs support authentication with 1Password Service Accounts.

Before you get started, create a service account and give it the appropriate permissions in the vaults where the items you want to use with the SDK are saved.

❗ Limitations

1Password SDKs don't yet support using secret references with query parameters, so you can't retrieve file attachments or SSH keys, or get more information about field metadata.

1Password SDKs currently only support operations on text and concealed fields. As a result, you can't edit items that include information saved in other types of fields.

When managing items with 1Password SDKs, you must use unique identifiers (IDs) in place of vault, item, and field names.

🚀 Get started

To use the 1Password Go SDK in your project:

1. Provision your service account token. We recommend provisioning your token from the environment. For example, to export your token to the OP_SERVICE_ACCOUNT_TOKEN environment variable:

   macOS or Linux

   export OP_SERVICE_ACCOUNT_TOKEN=<your-service-account-token>

   Windows

   $Env:OP_SERVICE_ACCOUNT_TOKEN = "<your-service-account-token>"

2. Install the 1Password Go SDK in your project:

   go get github.com/1password/onepassword-sdk-go

3. Use the Go SDK in your project:

import (
    "context"
    "os"

    "github.com/1password/onepassword-sdk-go"
)

func main() {
    token := os.Getenv("OP_SERVICE_ACCOUNT_TOKEN")

    client, err := onepassword.NewClient(
                context.TODO(),
                onepassword.WithServiceAccountToken(token),
                // TODO: Set the following to your own integration name and version.
                onepassword.WithIntegrationInfo("My 1Password Integration", "v1.0.0"),
    )
    if err != nil {
	// handle err
    }
    secret, err := client.Secrets.Resolve(context.TODO(), "op://vault/item/field")
    if err != nil {
        // handle err
    }
    // do something with the secret
}

Make sure to use secret reference URIs with the syntax op://vault/item/field to securely load secrets from 1Password into your code.

📖 Learn more

• Load secrets with 1Password SDKs
• Manage items with 1Password SDKs
• 1Password SDK concepts