1Password

When connecting 1Password to 1Password SaaS Manager, you will be asked for a Secret Token and Tenant URL. In order to find these values you must configure the 1Password SCIM Bridge.

As part of the security process for 1Password, you need to make SCIM requests through a service run on infrastructure that you control. This means that encryption keys are never given to a third-party. Read more about how to configure SCIM Bridge.

The Tenant URL is the URL that you use to log in to the SCIM bridge.

The associated secret Bearer token that you use to log in to the 1Password SCIM bridge interface:

Google Workspace

When a SCIM Bridge is configured for Google Workspace, then 1Password turns off the SCIM API on SCIM Bridge.

For Google Workspace, SCIM Bridge doesn't actually use SCIM at all - it connects to Google Workspace and pulls data using Google APIs.

For Entra or Okta for example, it's the other way round: the IdP connects to SCIM Bridge to provision or deprovision, so the SCIM interface is enabled.

This means that if you have configured SCIM Bridge for Google, the 1Password SaaS Manager connector will not be able to connect because the SCIM API is not actually available.