├── README.md
├── eventsapi.go
├── eventsapi.js
├── eventsapi.php
├── eventsapi.py
└── eventsapi.rb


/README.md:
--------------------------------------------------------------------------------
 1 | # 1Password Events API Generic Scripts
 2 | 
 3 | This repository contains scripts in several languages to get started with the Events API.
 4 | 
 5 | All scripts use the `EVENTS_API_TOKEN` environment variable to load your API token. You should use [`op run`](https://developer.1password.com/docs/cli/reference/commands/run) and [secret references](https://developer.1password.com/docs/cli/secrets-reference-syntax/) provided by the [1Password CLI](https://developer.1password.com/docs/cli) to securely load environment variables.
 6 | 
 7 | **Example 1** - using an `.env` file, running the PHP script:
 8 | 
 9 | ```shell
10 | op run --env-file .env -- php eventsapi.php
11 | ```
12 | 
13 | **Example 2** - providing variables inline, running the Go script:
14 | 
15 | ```shell
16 | EVENTS_API_TOKEN="op://Vault/Item/token" op run -- go run eventsapi.go
17 | ```
18 | 
19 | You can generate an API bearer token [on 1Password.com](https://support.1password.com/events-reporting/#appendix-issue-or-revoke-bearer-tokens) or with the [CLI](https://developer.1password.com/docs/cli/reference/management-commands/events-api#events-api-create).
20 | 
21 | The script will print up to 20 audit events, sign-in attempts, or item usages from the last 24 hours.
22 | 
23 | Learn more about how to [get started with 1Password Events Reporting](https://support.1password.com/events-reporting/).
24 | 


--------------------------------------------------------------------------------
/eventsapi.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"fmt"
 6 | 	"io/ioutil"
 7 | 	"net/http"
 8 | 	"os"
 9 | 	"time"
10 | )
11 | 
12 | func main() {
13 | 	api_token := os.Getenv("EVENTS_API_TOKEN")
14 | 	url := "https://events.1password.com"
15 | 
16 | 	start_time := time.Now().AddDate(0, 0, -1)
17 | 
18 | 	payload := []byte(fmt.Sprintf(`{
19 | 		"limit": 20,
20 | 		"start_time": "%s"
21 | 	}`, start_time.Format(time.RFC3339)))
22 | 
23 | 	client := &http.Client{}
24 | 
25 | 	signinsRequest, _ := http.NewRequest("POST", fmt.Sprintf("%s/api/v1/signinattempts", url), bytes.NewBuffer(payload))
26 | 	signinsRequest.Header.Set("Content-Type", "application/json")
27 | 	signinsRequest.Header.Set("Authorization", "Bearer "+api_token)
28 | 	signinsResponse, signinsError := client.Do(signinsRequest)
29 | 	if signinsError != nil {
30 | 		panic(signinsError)
31 | 	}
32 | 	defer signinsResponse.Body.Close()
33 | 	signinsBody, _ := ioutil.ReadAll(signinsResponse.Body)
34 | 	fmt.Println(string(signinsBody))
35 | 
36 | 	usagesRequest, _ := http.NewRequest("POST", fmt.Sprintf("%s/api/v1/itemusages", url), bytes.NewBuffer(payload))
37 | 	usagesRequest.Header.Set("Content-Type", "application/json")
38 | 	usagesRequest.Header.Set("Authorization", "Bearer "+api_token)
39 | 	usagesResponse, usagesError := client.Do(usagesRequest)
40 | 	if usagesError != nil {
41 | 		panic(usagesError)
42 | 	}
43 | 	defer usagesResponse.Body.Close()
44 | 	usagesBody, _ := ioutil.ReadAll(usagesResponse.Body)
45 | 	fmt.Println(string(usagesBody))
46 | 
47 | 	auditEventsRequest, _ := http.NewRequest("POST", fmt.Sprintf("%s/api/v1/auditevents", url), bytes.NewBuffer(payload))
48 | 	auditEventsRequest.Header.Set("Content-Type", "application/json")
49 | 	auditEventsRequest.Header.Set("Authorization", "Bearer "+api_token)
50 | 	auditEventsResponse, auditEventsError := client.Do(auditEventsRequest)
51 | 	if auditEventsError != nil {
52 | 		panic(auditEventsError)
53 | 	}
54 | 	defer auditEventsResponse.Body.Close()
55 | 	auditEventsBody, _ := ioutil.ReadAll(auditEventsResponse.Body)
56 | 	fmt.Println(string(auditEventsBody))
57 | }
58 | 


--------------------------------------------------------------------------------
/eventsapi.js:
--------------------------------------------------------------------------------
 1 | // For more information, check out our support page
 2 | // https://support.1password.com/events-reporting
 3 | 
 4 | const apiToken = process.env.EVENTS_API_TOKEN;
 5 | const url = "https://events.1password.com";
 6 | 
 7 | const startTime = new Date();
 8 | startTime.setHours(startTime.getHours() - 24);
 9 | 
10 | const headers = {
11 |   "Content-Type": "application/json",
12 |   Authorization: `Bearer ${apiToken}`,
13 | };
14 | const payload = {
15 |   limit: 20,
16 |   start_time: startTime.toISOString().replace(/\.\d{3}Z$/, "Z"),
17 | };
18 | 
19 | // Alternatively, use the cursor returned from previous responses to get any new events
20 | // payload = { "cursor": cursor }
21 | 
22 | const options = {
23 |   method: "POST",
24 |   body: JSON.stringify(payload),
25 |   headers,
26 | };
27 | 
28 | fetch(`${url}/api/v1/signinattempts`, options).then(async (response) => {
29 |   if (response.ok) {
30 |     console.log(await response.json());
31 |   } else {
32 |     console.log("Error getting sign in attempts: status code", response.status);
33 |   }
34 | });
35 | 
36 | fetch(`${url}/api/v1/itemusages`, options).then(async (response) => {
37 |   if (response.ok) {
38 |     console.log(await response.json());
39 |   } else {
40 |     console.log("Error getting item usages: status code", response.status);
41 |   }
42 | });
43 | 
44 | fetch(`${url}/api/v1/auditevents`, options).then(async (response) => {
45 |   if (response.ok) {
46 |     console.log(await response.json());
47 |   } else {
48 |     console.log("Error getting audit events: status code", response.status);
49 |   }
50 | });
51 | 
52 | // For more information on the response, check out our support page
53 | // https://support.1password.com/cs/events-api-reference/
54 | 


--------------------------------------------------------------------------------
/eventsapi.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | # For more information, check out our support page
 3 | # https://support.1password.com/events-reporting
 4 | 
 5 | $api_token = getenv('EVENTS_API_TOKEN');
 6 | $url = "https://events.1password.com";
 7 | 
 8 | $start_time = (new \DateTime())->modify('-24 hours');
 9 | 
10 | $headers = array(
11 |   "Content-Type: application/json",
12 |   "Authorization: Bearer $api_token"
13 | );
14 | $payload = array(
15 |   "limit" => 20,
16 |   "start_time" => $start_time->format('Y-m-d\TH:i:s\Z')
17 | );
18 | 
19 | # Alternatively, use the cursor returned from previous responses to get any new events
20 | # $payload = array("cursor" => $cursor);
21 | 
22 | $context = stream_context_create(
23 |   array(
24 |     'http' => array(
25 |       'method' => 'POST',
26 |       'content' => json_encode($payload),
27 |       'header' => $headers,
28 |     )
29 |   )
30 | );
31 | 
32 | $signin_attempts = file_get_contents($url."/api/v1/signinattempts", false, $context);
33 | print($signin_attempts);
34 | 
35 | $item_usages = file_get_contents($url."/api/v1/itemusages", false, $context);
36 | print($item_usages);
37 | 
38 | $audit_events = file_get_contents($url."/api/v1/auditevents", false, $context);
39 | print($audit_events);
40 | 
41 | # For more information on the response, check out our support page
42 | # https://support.1password.com/cs/events-api-reference/
43 | 


--------------------------------------------------------------------------------
/eventsapi.py:
--------------------------------------------------------------------------------
 1 | import datetime
 2 | import requests
 3 | import os
 4 | 
 5 | # For more information, check out our support page
 6 | # https://support.1password.com/events-reporting
 7 | 
 8 | api_token = os.environ['EVENTS_API_TOKEN']
 9 | url = "https://events.1password.com"
10 | 
11 | start_time = datetime.datetime.now() - datetime.timedelta(hours=24)
12 | 
13 | headers = {
14 |   "Content-Type": "application/json",
15 |   "Authorization": f"Bearer {api_token}"
16 | }
17 | payload = {
18 |   "limit": 20,
19 |   "start_time": start_time.astimezone().replace(microsecond=0).isoformat()
20 | }
21 | 
22 | # Alternatively, use the cursor returned from previous responses to get any new events
23 | # payload = { "cursor": cursor }
24 | 
25 | r = requests.post(f"{url}/api/v1/signinattempts", headers=headers, json=payload)
26 | if (r.status_code == requests.codes.ok):
27 |   print(r.json())
28 | else:
29 |   print("Error getting sign in attempts: status code", r.status_code)
30 | 
31 | r = requests.post(f"{url}/api/v1/itemusages", headers=headers, json=payload)
32 | if (r.status_code == requests.codes.ok):
33 |   print(r.json())
34 | else:
35 |   print("Error getting item usages: status code", r.status_code)
36 | 
37 | r = requests.post(f"{url}/api/v1/auditevents", headers=headers, json=payload)
38 | if (r.status_code == requests.codes.ok):
39 |   print(r.json())
40 | else:
41 |   print("Error getting audit events: status code", r.status_code)
42 | 
43 | # For more information on the response, check out our support page
44 | # https://support.1password.com/cs/events-api-reference/
45 | 


--------------------------------------------------------------------------------
/eventsapi.rb:
--------------------------------------------------------------------------------
 1 | require 'date'
 2 | require 'json'
 3 | require 'net/http'
 4 | require 'uri'
 5 | 
 6 | # For more information, check out our support page
 7 | # https://support.1password.com/events-reporting
 8 | 
 9 | api_token = ENV['EVENTS_API_TOKEN']
10 | url = 'https://events.1password.com'
11 | 
12 | start_time = DateTime.now - 24
13 | 
14 | headers = {
15 |   "Content-Type": "application/json",
16 |   "Authorization": "Bearer #{api_token}"
17 | }
18 | payload = {
19 |   "limit": 20,
20 |   "start_time": start_time.strftime("%FT%TZ")
21 | }
22 | 
23 | # Alternatively, use the cursor returned from previous responses to get any new events
24 | # payload = { "cursor": cursor }
25 | 
26 | uri = URI.parse(url+"/api/v1/signinattempts")
27 | http = Net::HTTP.new(uri.host, uri.port)
28 | http.use_ssl = true
29 | req = Net::HTTP::Post.new(uri.request_uri, headers)
30 | req.body = payload.to_json
31 | res = http.request(req)
32 | if (res.code == '200')
33 |   puts(JSON.parse(res.body))
34 | else
35 |   puts("Error getting sign in attempts: status code #{res.code}")
36 | end
37 | 
38 | uri = URI.parse(url+"/api/v1/itemusages")
39 | http = Net::HTTP.new(uri.host, uri.port)
40 | http.use_ssl = true
41 | req = Net::HTTP::Post.new(uri.request_uri, headers)
42 | req.body = payload.to_json
43 | res = http.request(req)
44 | if (res.code == '200')
45 |   puts(JSON.parse(res.body))
46 | else
47 |   puts("Error getting item usages: status code #{res.code}")
48 | end
49 | 
50 | uri = URI.parse(url+"/api/v1/auditevents")
51 | http = Net::HTTP.new(uri.host, uri.port)
52 | http.use_ssl = true
53 | req = Net::HTTP::Post.new(uri.request_uri, headers)
54 | req.body = payload.to_json
55 | res = http.request(req)
56 | if (res.code == '200')
57 |   puts(JSON.parse(res.body))
58 | else
59 |   puts("Error getting audit events: status code #{res.code}")
60 | end
61 | 
62 | # For more information on the response, check out our support page
63 | # https://support.1password.com/cs/events-api-reference/
64 | 


--------------------------------------------------------------------------------