1Password extends OpenAI collaboration with Codex MCP server for just-in-time credential access - SiliconANGLE

1Password extends OpenAI collaboration with Codex MCP server for just-in-time credential access

Cybersecurity and password service provider 1Password LLC today expanded its collaboration with OpenAI Group PBC, releasing a Model Context Protocol server that lets the Codex coding agent pull credentials from 1Password vaults at runtime without exposing them to prompts, code or model context.

The 1Password Environments MCP Server for Codex provisions a secure runtime environment in which secrets are mounted, used and discarded, with user authentication required at the moment of access. Developers reference vaulted credentials inside Codex, but the actual values never appear in code, terminals, or the model’s context window.

The release continues a push by 1Password to position itself as the access layer for agentic development. The company has shipped similar integrations over the past year for Cursor, Browserbase and Perplexity AI Inc.’s Comet browser, all built around the same just-in-time pattern of issuing short-lived credentials that disappear once the task completes.

The problem the integration is targeting is well-documented. Codex and competing coding agents need access to databases, application programming interfaces and deployment pipelines to do useful work and in practice that access is often granted by pasting credentials into local files, dropping them into prompts, or hardcoding them into repositories where they can be exfiltrated. Long-lived secrets sitting in those locations have been the root cause of multiple high-profile breaches.