Documentation Index
Fetch the complete documentation index at: https://docs.iru.com/llms.txt
Use this file to discover all available pages before exploring further.
About 1Password Business
The 1Password connector reads audit and access events from your 1Password Business account and surfaces them in Iru Compliance as artifacts you can attach to actions and controls. The integration uses 1Password’s Events Reporting API and is read-only. Iru does not change vaults, items, or users in 1Password.How it works
Iru authenticates with a bearer token (JWT-SA) that you issue in the 1Password admin experience. Events are read from the events hostname that matches your account region (US, EU, CA, Enterprise, and so on). Sign-in attempts, item usage, and audit events can all feed compliance evidence when your token includes those event types.| Detail | Value |
|---|---|
| Category | Security |
| Authentication | Bearer token (JWT-SA) |
| 1Password plan | Business (Events Reporting requires Business; Teams and individual plans do not include the Events API) |
Prerequisites
- A 1Password Business subscription.
- A user who is an Owner, Administrator, or a member of a group with View Administrative Sidebar.
- A few minutes to create the integration, issue a token, and complete the Iru connector.
Connect 1Password to Iru
Configure Events Reporting and the token in 1Password Business, then use Complete the connector in Iru for Iru Compliance.Create an Events Reporting integration
Open Integrations
Sign in at 1Password.com. In the sidebar, select Integrations.
Issue the bearer token
Set token name and expiration
Enter a token name you will recognize (for example Iru production). Set expiration up to 180 days (the maximum allowed).
Enable required event types
Enable Sign-in attempts, Item usages, and Audit events. All three are needed for full coverage in Iru.
Complete the connector in Iru
Turn on 1Password
Find 1Password (set Category to Security or use Search by name or description). On that card, turn on the toggle. A new browser tab opens the connector approval flow (
connect/approve?link=…).Select your events server
Pick the host that matches where your 1Password account sends Events API traffic:
Select Confirm server. You should see confirmation that the server was saved.
| Option | URL |
|---|---|
| 1Password Enterprise | https://events.ent.1password.com |
| 1Password (default) | https://events.1password.com |
| 1Password CA | https://events.1password.ca |
| 1Password EU | https://events.1password.eu |
Paste the bearer token
In the connector wizard (opened from Iru), paste the JWT into the Token field when prompted and submit.
Troubleshooting
Nothing opens when you turn the source on
Nothing opens when you turn the source on
Check pop-up blocker settings for the Iru site and try again.
401 Unauthorized
401 Unauthorized
No events after activation
No events after activation
Confirm the token includes all three event types. A token limited to sign-ins only will not return item-usage or audit evidence.
Wrong region / server
Wrong region / server
Turn the source off on Sources, turn it on again, and select the correct events host before submitting the token.
Plan or API errors
Plan or API errors
Events Reporting requires 1Password Business. Other plans do not expose this API.
Considerations
Tokens expire on a schedule (up to 180 days)
Tokens expire on a schedule (up to 180 days). Plan rotation before expiry to avoid gaps in evidence collection.
Connectivity is outbound HTTPS from Iru to your…
Connectivity is outbound HTTPS from Iru to your chosen
events.* host. You do not need to allow inbound access from Iru into 1Password.Iru only reads events
Iru only reads events. It cannot create, edit, or delete 1Password data.
See also
- See Sources Management for the full connector list.