OpenAI and 1Password Partner to Secure AI Agent Credentials

OpenAI and 1Password announced a partnership that gives the Codex agent secure access to stored credentials through the 1Password Environments MCP Server. The integration lets the agent retrieve passwords and other secrets without placing them in prompts, code, or model context. Both companies described the move as part of broader efforts to manage identity risks for autonomous AI agents.

The companies also released the first episode of the Zero-Shot Learning podcast on May 19, 2026. Nancy Wang, CTO of 1Password, Jeff Malnick, general manager and VP of developer and AI at 1Password, and Fotis Chantzis, OpenAI’s agent security lead, discussed practices for deploying AI agents safely.

The podcast is part of a bi-weekly series cohosted by Wang and Dev Tagare, senior director and head of engineering for Gemini Enterprise and Business at Google. Topics include short-lived credentials, sandboxing, and keeping secrets out of model context.

A Cloud Security Alliance report cited in the announcement stated that two thirds of organizations experienced a cybersecurity incident tied to AI agent deployment in the past year. Identity management remains a primary concern because current authentication systems are built mainly for human users.

” Wang noted that agents can operate continuously, spawn sub-agents, and hold the same access rights as human users, increasing potential exposure if credentials are misused. OpenAI’s agent security team, which had seven members as of May 18, 2026, works across privacy, detection, response, and safety functions.

The team focuses on continuous verification so that permissions match the specific tasks assigned to each agent.