Skip to main content

1Password

Overview

This guide provides step-by-step instructions for configuring the 1Password integration with AlphaSOC. Organizations that already capture 1Password audit logs should refer to the Collecting Data section for instructions on how to submit telemetry to AlphaSOC.

For environments without established 1Password monitoring, this document outlines the process for setting up an Events Reporting integration in 1Password and collecting the token required for data collection.

Prerequisites

  • 1Password account with owner or administrator permission.

Create an API Token

Log in to your 1Password account with either owner or administrator permission and navigate to Integrations on the left sidebar. In the Events Reporting section choose Other.

Enter a name for the integration, such as 'AlphaSOC', and click Add Integration.

1password-add-integration

Configure the token by entering a name and expiration date, then enable Sign-in attempts, Item usage events, and Audit events. Click Issue Token to generate the token.

1password-configure-token

Copy the generated token and save it securely, as it will not be displayed again.

1password-retrive-token

Configure Data Transport

After obtaining the token, choose a data transport method for submitting 1Password telemetry to AlphaSOC. You can either configure one of the available transports detailed in the Collecting Data section or provide AlphaSOC with the token value directly.

Further Reading