OpenAI and 1Password are working together to make AI powered coding safer by keeping developer credentials hidden from AI models and code repositories.
Quick Summary – TLDR:
- 1Password has launched a new integration for OpenAI Codex focused on protecting developer credentials.
- The system gives AI coding agents temporary access to secrets without exposing them in prompts or files.
- Credentials stay inside the 1Password vault and are injected only during runtime.
- The move highlights growing security concerns around AI agents handling sensitive developer access.
What Happened?
1Password announced an expanded partnership with OpenAI to secure how developers use credentials with the AI coding assistant Codex. The company introduced a new 1Password Environments MCP Server for Codex, designed to provide secure, just in time access to sensitive credentials during software development workflows.
The integration aims to solve one of the biggest risks in AI assisted coding today: developers accidentally exposing secrets like API keys, database passwords, and deployment credentials inside prompts, repositories, or local files.
Toronto-based @1Password has expanded its work with Silicon Valley AI giant @OpenAI in an attempt to help businesses deploy autonomous AI agents to securely build products. https://t.co/HvrhBtzA5O
— BetaKit (@BetaKit) May 20, 2026
AI Coding Tools Are Creating New Security Risks
AI coding assistants are quickly becoming part of modern software development. Tools like Codex can now write code, fix bugs, answer questions about repositories, and even prepare software for deployment. As these systems become more autonomous, they also need access to sensitive infrastructure and developer environments.
That creates a major security challenge.
In many workflows today, developers still copy credentials into local configuration files or directly into prompts given to AI tools. In some cases, credentials are hardcoded into repositories where they can later be leaked or stolen.
According to 1Password CTO Nancy Wang, this approach is no longer sustainable in the age of AI agents.
Wang said:
How the New Codex Integration Works?
The new MCP server acts as a secure access layer between Codex and sensitive credentials stored inside 1Password.
Instead of exposing secrets directly to the AI model, the system injects credentials into authorized processes only during runtime. The credentials are not written to disk, stored in prompts, or surfaced in the model’s context window.
Developers can reference vaulted credentials without ever seeing the actual values inside terminals, codebases, or prompts.
According to 1Password, the setup allows teams to:
- Store credentials securely inside 1Password instead of repositories.
- Prevent secrets from appearing in prompts or AI generated outputs.
- Use credentials temporarily during execution sessions only.
- Limit access through authentication and approval controls.
The company also said Codex itself cannot retrieve or read the actual secret values through the MCP server. The AI agent can invoke applications or environments that use those credentials, but the credentials themselves never leave the secure vault.
OpenAI Pushes Safer AI Development
OpenAI says security will become increasingly important as AI agents move deeper into production software environments.
Nick Steele from OpenAI’s Agent Security team said secure runtime access is critical as developers begin integrating coding agents into real workflows.
Steele said:
The partnership also reflects a broader shift happening across the software industry. Companies are now trying to build security systems designed specifically for AI agents, not just human developers.
1Password Expands Beyond Password Management
Founded in 2005, Toronto based 1Password has grown far beyond its original password manager roots. The company now serves more than 180,000 businesses and manages over 1.3 billion human and machine credentials.
Its customer list includes companies like GitHub, Stripe, Salesforce, and Figma.
The company has increasingly focused on AI related security through its Unified Access Platform, which aims to manage access for humans, machines, and AI agents from a single system.
Wang said the long term goal is for 1Password to become the default authentication and authorization layer for AI agents across multiple platforms and coding tools.
SQ Magazine Takeaway
I think this partnership highlights one of the biggest problems quietly growing inside AI development right now. Everyone is excited about AI coding agents writing software faster, but very few teams are thinking seriously about what happens when those agents get access to production credentials and infrastructure.
The old habit of storing secrets in files or prompts already causes enough breaches with human developers. Giving AI agents unrestricted access could make software supply chain attacks far worse. 1Password’s approach of temporary runtime access feels like one of the smarter solutions we’ve seen so far in the AI coding race.