Skip to main content

Overview

By the end of this guide, you’ll have an authenticated Intuned project that uses credentials stored securely in 1Password. You’ll learn how to:
  1. Set up a 1Password account and create a vault for Intuned to access.
  2. Set up a 1Password Service Account to access your vault programmatically.
  3. Enable and configure 1Password integration in your Intuned project.
  4. Create AuthSessions using credentials from 1Password.

Prerequisites

Before you begin, ensure you have the following:
  • An active Intuned account.
  • A 1Password account with permissions to create vaults and service accounts.
This guide assumes you have a basic understanding of Intuned Projects and AuthSessions. If you’re new to Intuned, start with the getting started guide.

When to use 1Password integration

When you create an AuthSession, you provide credentials for logging into the target website. Intuned stores these credentials securely to renew the AuthSession when it expires. However:
  • You may prefer not to store sensitive credentials directly in Intuned.
  • If credentials change frequently, you need to update them manually through Intuned APIs.
  • Sharing credentials across Projects or AuthSessions requires duplicating them.
With 1Password integration, you can:
  • Keep credentials in 1Password instead of Intuned.
  • Fetch the latest credentials automatically when needed.
  • Share credentials across Projects and AuthSessions without duplication.
1Password integration only works in deployed environments. During local development (IDE or CLI), use test credentials instead.

Guide

1. Create a 1Password Vault with credentials

  1. Open the 1Password app and sign in to your account.
  2. Under Vaults, select +.
  3. Enter name: intuned-automation-credentials and optionally a description.
  4. Select Create.
  5. Add a new item:
You now have two 1Password items: op://intuned-automation-credentials/example-login/username and op://intuned-automation-credentials/example-login/password. You’ll use these paths later to reference the credentials in Intuned.
For more details, refer to the official 1Password documentation on creating vaults.

2. Create a 1Password Service Account

Creating a service account requires admin access to your 1Password account.
  1. Open the 1Password service account creation wizard.
  2. Follow the instructions:
    1. Enter a name for your service account.
    2. Choose the vault you created earlier.
    3. Make sure you give read access to the vault.
    4. Select Create Account.
    5. (Optional) Select Save in 1Password to save the service account token in your 1Password account.
You can later access your service account under Developer from your 1Password account home screen.
Copy the service account token and store it securely (preferably in 1Password). You won’t be able to view it again.
For more details, refer to the official 1Password documentation on creating service accounts.
1Password Service Accounts have rate limits. Intuned reads from the vault only when creating or renewing AuthSessions. Check out 1Password service account rate limits for more details.

3. Set up 1Password Service Account Token on Intuned

Set up your 1Password Service Account token as a Workspace Environment Variable:
  1. Go to Workspace Settings > Environment Variables.
  2. Create a new variable with:
    • Key: OP_SERVICE_ACCOUNT_TOKEN
    • Value: Your 1Password Service Account token from step 2.
    • Environments: Deployed only.
Set up 1Password Service Account token as Environment Variable
You can set up the token as a Project Environment Variable if you do not want to share the 1Password Service Account across Projects. Check out Project-level environment variables for more details.
For security reasons, OP_SERVICE_ACCOUNT_TOKEN will not be exposed to your automation code. If you want to use the 1Password SDK in your code, use a different environment variable key at your own risk.

4. Create a Project with AuthSessions and 1Password integration enabled

For this guide, we use the Book consultations authenticated quickstart project. Follow the quickstart guide to create it. You should now have a project named book-consultations-authenticated-quickstart. Let’s enable 1Password integration for the Project and deploy it.
Open your project in the IDE. From Files, select Intuned.json, then enable 1Password integration. Optionally add an integration name and version.Enable 1Password in the Online IDE
The integrationName and integrationVersion fields are optional identifiers used by the 1Password SDK for tracking.
Deploy your project for the changes to take effect.

5. Create an AuthSession using 1Password credentials

await intuned.project.authSessions.create.start(
  "book-consultations-authenticated-quickstart",
  {
    id: "1password-example",
    parameters: {
      "username": "op://intuned-automation-credentials/example-login/username",
      "password": "op://intuned-automation-credentials/example-login/password"
    }
  },
);

6. Use the AuthSession in your API

await intuned.project.run.start(
  projectName,
  {
    api: "book-consultations",
    parameters: {
      name: "Foo Bar",
      email: "[email protected]",
      phone: "1234567890",
      date: "2026-11-19",
      time: "10:00 AM",
      topic: "other"
    },
    authSession: {
      id: "1password-example",
    },
  }
);

Deploy your first authenticated RPA

Step-by-step guide to creating your first authenticated RPA project

AuthSessions

Learn more about AuthSessions in Intuned