How to Give Your AI Agents Secure Access to 1Password

Set up a dedicated 1Password vault so your AI agents can access secrets securely. Works for OpenClaw and ProductiveBot.

PB
ProductiveBot Team· · 12 min read
What This Guide Covers

This guide is for anyone running OpenClaw who wants to give their AI agents secure access to passwords, API keys, and other secrets through 1Password. If you are new to OpenClaw, check out What is AGENTS.md? to understand how agents work. If you are part of the ProductiveBot community, your Mac Mini already ships with OpenClaw and the 1Password skill pre-installed, so you can skip straight to creating your account and vault. About 10 minutes of setup.

Why Use 1Password for Your AI Agents?

When you set up an AI agent, it usually needs credentials. API keys, email passwords, OAuth tokens. You have to put those somewhere.

Most people paste them into a config file or an environment variable. That works, but it comes with real risks. The secret lives in plain text. It might get committed to Git by accident. It could show up in logs. Anyone with file access can read it.

1Password solves this. Instead of scattering secrets across config files, your agent reads them from a vault at runtime. The individual secrets stay in 1Password instead of being copied into config files. Your agent stores only a scoped service-account token locally, and you can revoke that token if anything goes wrong.

What You Will Need

  • A 1Password Teams or Business account (service accounts require a team plan, not an individual plan)
  • A Mac running OpenClaw or the Hermes Agent platform
  • The 1Password desktop app (optional, useful for manually creating and browsing vault items)
ProductiveBot Customers

Your Mac Mini already comes with OpenClaw and the 1Password CLI (op) pre-installed. You do not need to install anything extra. Just make sure you have a 1Password Teams or Business account set up, then jump to Step 2.

Step 1: Set Up Your 1Password Account

Before your agent can access any secrets, you need a 1Password Teams or Business account. If you already have one, skip to Step 2.

  1. Go to 1password.com/business and sign up for a Teams or Business plan. You can read more about 1Password service accounts in their official documentation
  2. Follow the setup wizard to create your account and team
  3. Note your team URL (it looks like yourteam.1password.com). You will need this for several later steps

Individual plans support the 1Password CLI for personal use, but they do not include service accounts, which are required for giving your AI agent its own access. The Teams plan is the minimum.

Already Running OpenClaw Without 1Password?

If you are running OpenClaw on your own hardware (not a ProductiveBot), make sure the 1Password CLI is installed. Open Terminal and run: brew install 1password-cli — then verify with op --version. You should see a version number like 2.32.0. If you get "command not found," make sure Homebrew is installed first.

Step 2 (Optional): Enable Desktop App Integration

This step lets you use op interactively with Touch ID or a password when you are setting up or testing secrets manually. Agents using a service account token for unattended access do not need desktop app integration. You can skip this step and come back to it later if you want.

  1. Open the 1Password desktop app
  2. Go to Settings (Cmd + ,)
  3. Click Developer
  4. Turn on Integrate with 1Password CLI

1Password desktop app Developer section showing Vaults sidebar

After enabling this, any op command in Terminal will trigger a Touch ID or password prompt from the app. You only approve it once per session. This is useful when you want to browse or create vault items from the command line.

Step 3: Create a Dedicated Vault

Each agent should have its own vault. This keeps your personal passwords completely separate from your agents' credentials, and lets you control exactly what each agent can access.

Vaults are created in the 1Password web interface, not the desktop app.

  1. Go to your 1Password account at your team URL (for example, yourteam.1password.com)
  2. Click Vaults in the left sidebar
  3. Click + New vault
  4. Name it after the agent: Hermes, OpenClaw-Automation, or whatever makes sense for your setup
  5. Click Create Vault

1Password web interface Vaults page with New vault button

1Password create vault dialog

Step 4: Create a Service Account

A service account is what allows your agent to authenticate to 1Password without a human approving each request. It generates a token that the agent stores locally, and uses that token to read secrets from the vault you assign.

Service accounts are also created in the web interface.

  1. In your 1Password team account, go to Developer Tools, then Service Accounts
  2. Click New Service Account
  3. Give it a clear name, like Hermes Agent or OpenClaw Automation
  4. Click Next

1Password Service Accounts page

1Password create service account form

Step 5: Set Vault Permissions

On the next screen, 1Password asks which vaults this service account can access. Find the vault you created for this agent. If it is not already listed, search for it or add it to the service account. Then click the gear icon next to that vault to choose permissions.

  1. Click the gear icon next to your agent's vault
  2. A permissions dropdown will appear
  3. Check Read Items
  4. Add Write Items only if the agent needs to create or update credentials (such as saving OAuth tokens during setup)
  5. Leave Share Items unchecked
  6. Leave Allow creation of new vaults unchecked

1Password vault permissions showing Read Items and Write Items checked

Important

Service accounts cannot be modified after they are created. If you need to change permissions later, you will have to delete the service account and create a new one. Double-check that you have the right vault selected and the right permissions checked before moving on.

Step 6: Save the Token

After setting permissions, click through to the final step. 1Password will generate a service account token.

1Password service account token reveal screen

Copy It Now

This is the only time 1Password will show you this token. If you close this screen without copying it, you will need to delete the service account and create a new one. The token looks like ops_eyJj... and it is very long. That is normal.

Step 7: Configure Your Agent

How you store the token depends on which agent platform you are using.

For OpenClaw (including ProductiveBot)

OpenClaw can run tools and skills that call the op CLI. For unattended access, give the OpenClaw process OP_SERVICE_ACCOUNT_TOKEN through its environment:

mkdir -p ~/.openclaw
printf '%s\n' 'OP_SERVICE_ACCOUNT_TOKEN=ops_your_token_here' >> ~/.openclaw/.env
chmod 600 ~/.openclaw/.env
openclaw gateway restart
Why the Restart?

A running OpenClaw process will not pick up new environment variables until it restarts. The openclaw gateway restart command ensures the new token is loaded immediately.

To read a secret inside a skill or config, use:

op read "op://VaultName/ItemName/field"

For example, to read an API key stored as api-key in a vault item called OpenAI:

op read "op://MyAgent/OpenAI/api-key"

Verify everything is connected:

op vault list
op item list --vault YourVaultName

You should see your vault and any items already stored in it.

Terminal showing op vault list and op item list output

For Hermes Agent

Hermes runs on the Hermes Agent platform, not OpenClaw, so the token goes in a different location:

mkdir -p ~/.hermes
printf '%s\n' 'OP_SERVICE_ACCOUNT_TOKEN=ops_your_token_here' >> ~/.hermes/.env
chmod 600 ~/.hermes/.env

Hermes reads this automatically when it starts up. If Hermes is already running, restart it so the new environment variable takes effect. The chmod 600 makes sure only the current user can read that file.

Step 8: Store Your First Secret

Now that your agent has vault access, store something in it. You can do this from the 1Password desktop app or the web interface.

  1. Open the 1Password desktop app (or use the web interface at your team URL)
  2. Select your agent's vault from the left sidebar
  3. Click + New Item
  4. Choose the item type that fits. Password works well for API keys, Login for username and password pairs, Secure Note for anything else
  5. Fill in the fields and save

1Password new item type picker

Your agent can now read that secret by name using op read without the value ever being written to disk.

Best Practices

One vault per agent. Do not share a vault between agents unless they genuinely need the same credentials. Isolation means a compromised token only exposes one agent's secrets.

Rotate tokens after bootstrapping. If you pasted the service account token into Slack, a chat app, or anywhere with message history, create a new service account and replace the token. The old one may still exist in logs or export history. The risk is low if the token is vault-scoped, but rotation is the clean move.

Use op run to inject secrets at startup. Instead of reading secrets inside your code, you can have op inject them as environment variables when your process starts. Create an environment file that contains 1Password secret references, not the actual secret values:

OPENAI_API_KEY=op://MyAgent/OpenAI/api-key
GMAIL_APP_PASSWORD=op://MyAgent/Gmail/app-password

Save that file as .env.1password, then start your agent through 1Password:

op run --env-file=.env.1password -- your-agent-command

Your code does not need to call 1Password directly. It reads normal environment variables. The file is safe to store with your project because it contains op:// references, not real secret values. Note that the secret still exists in the running process environment, so treat process logs and crash dumps carefully.

Review service-account activity. 1Password Teams and Business accounts provide service-account activity and usage reports. Review them periodically. If you see unexpected access, revoke or rotate the token.

Common Questions

Do I need a paid 1Password plan?

Yes. Service accounts require a 1Password Teams or Business plan. Individual plans support the CLI for personal use but do not include service account management.

I'm a ProductiveBot customer. Do I need to install anything?

No. Your ProductiveBot Mac Mini ships with OpenClaw and the 1Password CLI pre-installed. You just need a 1Password Teams or Business account, then follow this guide starting at Step 1.

Can I use this with a Mac Mini that is offline?

Service-account access requires an internet connection to 1Password. If your Mac Mini must run offline, you will need a separate strategy, such as starting the process while online and keeping it running, or writing a local config file with the secrets before going offline. That trades away some of the security benefits of this guide, so weigh the tradeoff for your use case.

What happens if the token leaks?

Delete the service account immediately at your team's 1Password URL under Developer Tools. The token stops working the moment the service account is deleted. Then create a new one and update your agent's config.

Can multiple agents share one service account?

Technically yes, but it is not recommended. If one agent is compromised, the token exposes everything that service account can access. One service account per agent keeps the blast radius small.

Is this different from the 1Password desktop app integration?

Yes. Desktop app integration requires a human to approve the session via Touch ID or password. Service accounts are for unattended automated access, where no human is present to approve the prompt.

How do I revoke my agent's access to 1Password?

Go to your 1Password team account at yourteam.1password.com, navigate to Developer Tools, then Service Accounts. Delete the service account. The token stops working immediately.

Need Help?

If you get stuck at any point, just ask your ProductiveBot's AI assistant. It knows this setup process and can troubleshoot errors in real time. You can also reach our support team at support@productivebot.ai or chat with Scout at support.productivebot.ai.

Reading next

Leave a comment

This site is protected by hCaptcha and the hCaptcha Privacy Policy and Terms of Service apply.