Download 1Password CLI1Password CLI 2.28.0 is now available. 🎉
This release updates the name of the Private vault for 1Password Business accounts to “Employee vault”, and also improves SSH key support and the macOS package installer.
- You can now authenticate the following CLIs using Touch ID and other unlock options with 1Password Shell Plugins. Thanks to everyone who contributed!
- Axiom CLI, contributed by @rajapri28613 shell-plugins#342
- Binance CLI, contributed by @bala-ceg #shell-plugins#391
- Civo CLI, contributed by @itsCheithanya shell-plugins#296
- Crowdin CLI, contributed by @JoeKarow shell-plugins#359
- HuggingFace, contributed by @bala-ceg shell-plugins#393
- InfluxDB CLI, contributed by @bala-ceg shell-plugins#392
- Flyctl CLI, contributed by @arunsathiya shell-plugins#141
- Kaggle CLI, contributed by @rajapri28613 shell-plugins#341
- LocalStack CLI, contributed by @simonrw shell-plugins#371
- MongoDB Atlas CLI , contributed by @joqim shell-plugins#198
- Pipedream CLI, contributed by @rajapri28613 shell-plugins#338
- Todoist CLI, contributed by @rajapri28613 shell-plugins#340
- Upstash CLI, contributed by @siddhikhapare shell-plugins#316
- Vertica CLI, contributed by @parthiv11 shell-plugins#327
- Yugabyte CLI, contributed by @parthiv11 shell-plugins#322
- Zapier CLI, contributed by @rajapri28613 shell-plugins#337
- We’ve updated help text for many commands to use simpler language. #3676, #3768
op read help text now includes an example of how to use the ssh-format query parameter to get an SSH key’s private key. #3795op run help text now includes an explanation of how to use service accounts with op run. #3804- We’ve updated error messages for
op item create to be more clear. #3766 - We’ve updated error messages when provisioning actions fail to be more clear. #3263
op whoami for service accounts now authenticates automatically instead of asking to authenticate the service account token. #3744- The PostgreSQL shell plugin now supports
pgcli as an alternative to psql. (Thanks, @szymon!) shell-plugins#384 - The Cachix shell plugin now checks for the
~/.config/cachix/cachix.dhall file and attempts to import an auth token using the specified file. (Thanks @dethancosta!) shell-plugins#373 - The Sentry CLI shell plugin now skips authentication when you use the
--auth-token and --api-key flags. (Thanks @roy9495!). shell-plugins#370 - The Homebrew shell plugin now provides authentication for the
upgrade, update, install and reinstall commands. (Thanks @cullenmcdermott!). shell-plugins#369 - The Sentry shell plugin now supports
SENTRY_PROJECT & SENTRY_URL. (Thanks @JoeKarow!) shell-plugins#363 - The PostgreSQL plugin now also supports the
pg_dump and pg_restore CLI utilities. (Thanks @JoeKarow!) shell-plugins#353 - The OpenAI shell plugin now has updated documentation and management URLs. (Thanks @arunsathiya!) shell-plugins#351
- When generating the shell plugin template, you now only need to set the last word of the credential name as the default 1Password field name if the credential name is longer than seven characters. (Thanks @arunsathiya!) shell-plugins#263
- The ngrok shell plugin now specifies the correct credential length. shell-plugins#250
- The ngrok shell plugin now uses environment variables in ngrok version 3.2.1 and later. (Thanks @arunsathiya!) shell-plugins#222
- We’ve restored deprecated JSON keys for
op whoami output for service account for backwards-compatibility. #3754 op whoami now throws the appropriate error if an invalid service account token is set. #3744- When you search for an item by title and vault and the title is 26 characters long, 1Password CLI now returns the item. #3751
op vault list now only returns vaults you have read access to. #3688
op item edit now accepts JSON input via the --template flag. #1849op item edit now supports piping items as JSON via stdin. #1849- If you’re not an owner and try to add the Team Members group to a vault when the
limitedGroupVaultAccess feature flag is turned on, 1Password CLI now returns a helpful error. #3830 - When 1Password CLI can’t connect to the 1Password desktop app, the error message now suggests restarting the app. #3835
- We’ve improved the error message when
op item edit finds duplicate fields to more clearly format field labels that aren’t in a section. #3849 - Creating a vault with
--icon=name now works again, using the updated icons. #3833 - The error message for
op item edit when duplicated fields are found by label no longer prints the field’s value. #3848
- The 1Password CLI Mac installer now allows for custom location selection. #3731
- Help text now uses present tense more consistently where actions in the present are described. #3768
- Help text now refers to the 1Password app consistently. #3626
- Help text now refers to Connect server instances and tokens consistently. #3476
op group user grant and op group user revoke no longer panic when the group doesn’t exist. #3859- Duo MFA is no longer prompted for more often than required. #3907
op vault list --permission now allows you to retrieve a list of vaults for which a user or group has specific permissions. #3879- When setting a non-generated password, 1Password CLI now always correctly updates the password strength. #3787
- We’ve fixed an issue retrieving an SSH Key when using 1Password CLI with a Connect server. #3851
op service-account create command allows you to create a new service account that you can use to automate secrets management.op service-account ratelimit command allows you to fetch information about service account rate limit usage. #3886op user provision now clarifies that users will not be considered for billing until they accept their invitation. #3965--expires-in flags now support days and weeks. #3298- The
item share --expiry flag is now aliased to the standardized --expires-in flag. #3298 - We corrected a typo in the
user suspend error message. #3298
- The CLI build for Darwin now builds with Go 1.21.8. The previous version was built using an older version, which was causing alerts for certain customers.
op read now outputs an error message consistent with the provided secret reference when no matching field or section is found on the item. #3592- The output of SSH private keys now use platform-appropriate line breaks (CR vs CRLF). #3913
- Users who have the
manage_vault permission in a vault can now grant and revoke access to the vault. #3863
- Private vaults have been renamed Employee vaults for 1Password Business accounts. #3810
- 1Password can now retrieve PKCS1-formatted SSH keys using
op read. #3993 - The 1Password CLI package installed for macOS now correctly displays the CLI version in the package receipt. #4027
Developer tools
