Se rendre au contenu

Security & Compliance

Lynx Compliance - 1Password Events Connector

Pulls compliance evidence from the 1Password Events API - sign-in attempts, item usages, audit events - via Bearer-token auth. Business+ tenants only.

Talk to sales See pricing

lynx_compliance_connector_1password · v19.0.1.0.0 · Premium

What this solves

Lynx Compliance - 1Password Events Connector

Compliance evidence from the 1Password Events API. Three event streams that auditors examine first on the shared-credential-vault surface:

  • Sign-in attempts (PR.AA-06): every successful and failed sign-in to the 1Password tenant, with IP, client, country, and failure reason. The canonical "show me failed-login bursts" evidence.

  • Item usages (DE.CM-03): every read of a vault item (which secret was retrieved by which user from which IP at what time). Off-hours retrieval is a high-signal insider-threat indicator.

  • Audit events (DE.CM-01, ISO A.5.18): admin actions — member invites, role changes, vault sharing changes, group edits. Unattributed audit-event activity is the fastest path to a SOC 2 finding.

Authentication is an Events API Bearer JWT issued from the 1Password Business+ admin console. Tokens are scoped to specific event types; the connector requests all three.

Key Features

  • 1Password connector type - Bearer token in credential_secret + optional config_json.endpoint for EU customers (https://events.1password.eu).

  • Three resource pulls - sign-in attempts, item usages, audit events. POST-based pagination with cursor + 90-day rolling window.

  • Pre-seeded collectors - three collectors covering PR.AA-06 (sign-in monitoring), DE.CM-03 (insider-threat usage signals), DE.CM-01 + A.5.18 (admin audit trail).

  • EU / US tenant aware - default base URL is the US event endpoint; EU customers override via config_json.endpoint.

Integrates With

  • lynx_compliance_connectors - registers under the connector framework.

  • lynx_compliance_evidence_collectors - shipped collectors use the standard schedule.

  • 1Password Events API via the requests HTTP client.

Depends on

base lynx_compliance lynx_license_enforcer lynx_base lynx_compliance_evidence_collectors lynx_compliance_connectors lynx_compliance_certification

Try Lynx Compliance - 1Password Events Connector on your team.

Free trial, no credit card. Talk to sales when you're ready.

Start free trial Browse all modules