For the complete documentation index, see llms.txt. This page is also available as Markdown.

1Password

Turngate ingests audit events, sign-in attempts, and item usage events from your 1Password Business account so you can investigate vault access and administrative activity.

Setting Up

Preparing your 1Password Account

To set up the 1Password integration you need to be an Owner or member of the Team Members Manager group on a 1Password Business account. The Events API used by this integration is not available on 1Password Families, Individual, or Teams plans.

1

Sign in to your 1Password account

Sign in to your 1Password account at https://<your-account>.1password.com.

2

Open Integrations

Click Integrations in the sidebar.

3

Add an integration under Events Reporting

Under Events Reporting, click Other (or the Add Integration button if you have existing integrations).

4

Name the integration

Give the integration a descriptive name (e.g. Turngate) and click Add Integration.

5

Choose the event types

On the next screen, choose which event types you want Turngate to be able to read. We recommend enabling all three:

  • Sign-in attempts

  • Item usage

  • Audit events

6

Set the expiration

Set an Expires value that matches your internal token-rotation policy (the maximum is currently set by 1Password).

7

Issue the token

Click Issue Token and copy the token value. You will not be able to view it again.

You will also need your 1Password account sign-in URL (e.g. https://acme.1password.com) — Turngate uses this to determine the correct regional Events API endpoint.

Setting up the 1Password Data Source in the Turngate App

Once you have your bearer token and account URL, head back to the Turngate App.

1

Open Data Sources

Click Data Sources in the navigation bar on the left.

2

Install 1Password

Click Install on the 1Password selection.

3

Name the Data Source

Give the Data Source a name for your own reference.

4

Add your credentials

Paste in your 1Password account URL and the Bearer Token you generated above.

5

Install

Click Install.

Turngate will validate the credentials and begin pulling events. The Events API supports historical lookback up to the retention window of your 1Password plan; Turngate will backfill what is available at install time.

What Gets Ingested

  • Sign-in attempts — successful and failed sign-ins, including client type, IP address, and country

  • Item usage — which user accessed which item in which vault, and from what client

  • Audit events — administrative actions such as user provisioning, group membership changes, vault permission changes, and policy updates

Turngate does not receive any vault item contents (passwords, secure notes, etc.) — only metadata about access and administration.

Other Resources