Other Integrations & Connections

Connecting Vanta & 1Password

  • Updated

Connecting Vanta & 1Password

We connect to 1Password through their SCIM API, making read-only calls. To enable the 1Password SCIM feature, you must have a Business Account and set up a SCIM Bridge in your infrastructure. Currently, we don't support Google Workspaces. This is because Google Workspace does not support Vanta's SCIM protocol to connect with 1Password.



The SCIM bridge is a service deployed on your infrastructure that allows 1Password to convert SCIM commands to encryption key-based operations. Here is more information about why a SCIM bridge is necessary.

Before you can set up your SCIM bridge, you'll need the following:

  • Administrator access in your 1Password Business account.
  • A platform to deploy the SCIM bridge on. (Such as Google Cloud Platform, DigitalOcean, or your infrastructure).
  • A public DNS record to point to the location of your SCIM bridge. For example, scim.example.com.

Deploying your SCIM bridge

Once you have all the requirements:

  • Sign in to your account on 1Password.
  • Click Integrations in the sidebar.
  • Choose your identity provider from the User Provisioning section.
  • Follow the onscreen instructions to generate the credentials on your SCIM bridge.
  • Deploy your SCIM bridge.

After you complete the setup process, you'll get a scimsession file and bearer token. Make sure to save them both in 1Password. Here are some helpful examples of SCIM bridge deployment options: https://github.com/1Password/scim-examples/.

Testing your SCIM bridge

You can check if the SCIM bridge was correctly deployed by:

  • Going to your custom SCIM domain (for example, scim.example.com).
  • Login in with your credentials.

  • There, you will see your 1Password SCIM Bridge status page. There you can:
    • Check any problems the SCIM bridge has found.
    • Download logs that contain detailed activity information.

Integrating with 1Password

  • From the left-hand navigation panel, select Integrations.
  • From the Available tab, search for 1Password
  • Select Connect

Screenshot 2024-06-11 at 3.57.56 PM.png

  • Then you can fill out your credentials. Your SCIM bridge URL is where you deploy the bridge (for example, https://scim.example.com), and the SCIM bearer token is the one you saved during your SCIM bridge deployment.