1Password and OpenAI Introduce Just-in-Time Credentials for AI Coding Agents

1Password has partnered with OpenAI to introduce a just-in-time (JIT) credential delivery model for OpenAI Codex. Under the approach, AI coding agents receive credentials injected at runtime that expire after use, keeping secrets out of prompts, code repositories, and model context windows.

The model addresses one of the most practical risks of agentic AI workflows: long-lived credentials accessible to the agent can be extracted via prompt injection or inadvertently included in generated code. Teams deploying AI coding agents with access to production systems or credentials should evaluate JIT credential patterns as part of their agent security posture.