---
name: 1Password — always use service account token
description: Use the SOPS-vaulted OP_SERVICE_ACCOUNT_TOKEN for all op CLI calls; the desktop-app integration prompts are unacceptable in agent flows
type: feedback
---

For every `op` CLI invocation, source `OP_SERVICE_ACCOUNT_TOKEN` from `infrastructure/1password-service-account.sops.yaml` first. Without it, `op` falls back to the desktop-app integration which interrupts the workflow with "unlock the app" prompts.

**Why:** Mike confirmed 2026-04-30 — "the prompts are infuriating." Service account auth is the standard CI/agent pattern documented in the 1password skill but I had been defaulting to the desktop session.

**How to apply:**
Vault path is per-machine from `.claude/identity.json` `vault_path` — never hardcode it. Reach the entry via the wrapper:

```bash
SVC_TOKEN=$(bash "$CLAUDETOOLS_ROOT/.claude/scripts/vault.sh" get-field infrastructure/1password-service-account.sops.yaml credential 2>/dev/null | head -1)

# Pass through env var to every op call
OP_SERVICE_ACCOUNT_TOKEN="$SVC_TOKEN" op item get ...
# Or export once at the top of a script
export OP_SERVICE_ACCOUNT_TOKEN="$SVC_TOKEN"
```

If the `vault.sh get-field` wrapper fails on this entry (it has historically tripped on a missing PyYAML dependency in the fallback parser), fall back to a direct `sops -d` + grep on the same entry. Resolve the vault root from identity.json rather than hardcoding it, e.g.:

```bash
VAULT_PATH=$(python3 -c "import json;print(json.load(open('$CLAUDETOOLS_ROOT/.claude/identity.json'))['vault_path'])")
SVC_TOKEN=$(sops -d "$VAULT_PATH/infrastructure/1password-service-account.sops.yaml" 2>/dev/null \
  | grep -E '^\s*credential:' | sed -E 's/^\s*credential:\s*//' | head -1)
```

**Vaults the service account can see** (per 2026-04-30 test): Clients, Infrastructure, Internal Sites, Managed Websites, MSP Tools, Projects, Sorting. (The Private vault is intentionally not shared with the service account.)

**When to skip:** Never. If the desktop session also happens to be authed, that's fine, but the service token path must be the one the agent reaches for.