1Password
Overview
This guide provides step-by-step instructions for configuring the 1Password integration with AlphaSOC. Organizations that already capture 1Password audit logs should refer to the Collecting Data section for instructions on how to submit telemetry to AlphaSOC.
For environments without established 1Password monitoring, this document outlines the process for setting up an Events Reporting integration in 1Password and collecting the token required for data collection.
Prerequisites
- 1Password account with owner or administrator permission.
Create an API Token
Log in to your 1Password account with either owner or administrator permission and navigate to Integrations on the left sidebar. In the Events Reporting section choose Other.
Enter a name for the integration, such as 'AlphaSOC', and click Add Integration.
Configure the token by entering a name and expiration date, then enable Sign-in attempts, Item usage events, and Audit events. Click Issue Token to generate the token.
Copy the generated token and save it securely, as it will not be displayed again.
Configure Data Transport
After obtaining the token, choose a data transport method for submitting 1Password telemetry to AlphaSOC. You can either configure one of the available transports detailed in the Collecting Data section or provide AlphaSOC with the token value directly.