With 1Password Business, you can integrate 1Password with Okta to automate many common administrative tasks:
Bereitstellung
- Create users: Assigned users and groups will be provisioned to 1Password.
To sync groups from your directory to 1Password, use Push Groups.
- Update user attributes: Changing user attributes in your directory will change the mapped attributes in 1Password.
- Deactivate users: Deactivating a user or disabling the user’s access to 1Password in Okta will suspend the user in 1Password.
Import
- Import users and groups: Existing 1Password users and groups will be imported and can be linked to existing Okta objects.
Gruppen verwalten
- Push Groups: Use Push Groups to sync groups from your directory to 1Password or manage existing 1Password groups in Okta.
To provision users to 1Password, use Okta group assignments.
To get started, sign in to your account on Okta.com , select Admin in the top right, and follow these steps.
Before you begin
Before you can integrate 1Password with Okta, you’ll need to:
- Set up and deploy 1Password SCIM Bridge.
- Have the lifecycle management feature in your Okta account.
- Make sure Provisioning users & groups is turned on in the Automated User Provisioning page of your 1Password account.
Schritt 1: Füge die 1Password Business-Anwendung zu Okta hinzu
These steps were recorded in June 2025 and may have changed since. Refer to the Okta documentation for the most up-to-date steps.
To add the 1Password Business application to Okta:
- Select Applications, then select Browse App Catalog.
- Search for 1Password Business and select it, then select Add Integration.
- Choose the region for your 1Password account, then enter the beginning of your sign-in address (for example:
acme) and select Next. - From the sign on methods, select Bookmark-only > Done.
You’ll see the details of the application you just created.
Schritt 2: Konfiguriere die Anwendung
On the 1Password Business application details page, select Provisioning. Then follow these steps.
2.1: API-Integration einrichten
Select Configure API Integration, then turn on Enable API Integration.
Enter your Base URL and API Token.
Base URL: the URL of your SCIM bridge (not your 1Password account sign-in address). Do not include a trailing slash. For example:
https://scim.example.comIf you don’t know your URL, make sure you’ve set up and deployed the SCIM bridge.
API Token: the bearer token for your SCIM bridgeLearn what to do if you don’t have your bearer token.
Select Save.
If you see "Error authenticating" when you set up the integration, open your Integrations page on 1Password.com and make sure provisioning is turned on.
2.2: Richte die Bereitstellung für 1Password ein
Select Assignments and assign the users and groups you want to provision to 1Password. Then follow these steps:
- Select Provisioning, then select To App in the sidebar.
- Select Edit and turn on these options:
- Benutzer erstellen
- Benutzerattribute aktualisieren
- Benutzer deaktivieren
- If you want to customize the attribute mappings, refer to the default mappings below.
- Select Save.
Next steps
When you turn on provisioning, existing 1Password users will be linked to Okta users if their email address matches. If their email address is different, they’ll be invited to 1Password again, so make sure any affected team members update their email address before you turn on provisioning.
Wenn du bestehende Gruppen in 1Password hast, die du mit Okta synchronisieren möchtest, füge sie den Gruppen hinzu, die durch Bereitstellung verwaltet werden:
- Sign in to your account on 1Password.com.
- Choose Integrations in the sidebar and choose Automated User Provisioning.
- Choose Manage in the Managed Groups section, then select the groups to sync.
If you’ve previously used 1Password SCIM Bridge, make sure to select any groups that were already synced with Okta. This will prevent problems syncing with your identity provider, including duplicate groups.
Verwalte deine Einstellungen
To turn off synchronization, select Active > Deactivate.
To change the region to match your 1Password account, select General, then change Region Type.
Learn more on the Okta Help Center.
Get help
Falls Benutzer und Gruppen nicht bereitgestellt werden, stelle sicher, dass die Bereitstellung in deinem 1Password-Konto aktiviert ist:
- Sign in to your account on 1Password.com.
- Choose Integrations in the sidebar.
- Choose Automated User Provisioning.
- Make sure Provisioning users & groups is turned on.
Anhang: Attributzuordnungen
Im Folgenden sind die Standard-Attributzuordnungen für die 1Password Business-Anwendung in Okta aufgeführt:
| 1Password-Attribut | Okta-Attribut | Description |
|---|---|---|
| userName | Okta-Benutzername | The team member’s username and email address. |
| givenName | firstName | Their first name. |
| Familienname | lastName | Their surname. |
Learn how to map Okta attributes to app attributes in the Profile Editor.
Was this article helpful?
Glad to hear it! If you have anything you'd like to add, feel free to contact us.
Sorry to hear that. Please contact us if you'd like to provide more details.