Use Cases

Specifying who can use SSO to access 1Password

About this task

Complete the integration by specifying who can access 1Password using SSO and how many days they have to update their sign-on methods before they’re locked out of their accounts.

Steps

  1. Specify who can access 1Password by selecting the appropriate option:

    • Selected groups: Only the users in the groups you specify will be able to sign on using SSO.

    • Everyone except guests: All 1Password users, except guests and account owners, will sign on using SSO.

      • Existing users will be prompted to sign on using SSO.

      • New users will use their PingOne SSO username when initially accessing 1Password.

      • Guests and account owners will sign on using their account password and secret key.

    • Everyone: All 1Password users, except those who are account owners, will sign on using SSO.

      • Existing users will be prompted to sign on using SSO.

      • New users will use their PingOne SSO username when initially accessing 1Password.

      • Account owners will sign on using their account password and secret key.

  2. Specify the number of days that users have to update their sign-on methods.

    The default is 5 days.

    qvy1691709266503

    When setting this deadline, consider the following:

    • By default, the deadline is set to 5 days. You can set it to between 1 day and 30 days.

    • The timer starts as soon as the user group is configured to use SSO.

    • If you plan to have additional users use SSO to access 1Password after the initial configuration, you should create a new custom group with its own deadline to ensure that newly-assigned users won’t need to have their accounts recovered.

    • If a user is a member of several groups with different deadlines, the deadline for the first SSO group is used.

    • If you add a user to a group with an expired deadline, you or another administrator will need to recover the account.

  3. Indicate whether you want users to be able to access 1Password using biometrics. If you do, specify the number of days that users will have to use SSO to access their accounts.

    mjw1691709298028

  4. When you’re finished, click Review Changes. Click Save.

    For more information, see Configure Unlock 1Password with SSO using OpenID Connect.