HELP FILE
Add LastPass SSO Apps
App integrations (i.e., SSO apps, Cloud apps) are common online tools used within your company for which a LastPass admin has set up a single sign-on integration. This allows you to sign in to those apps using the same credentials that you use for LastPass.
Step #1: Add the SSO app
Step #2: Set up your Identity Provider
Step #3: Set up your Service Provider
Under the "Service Provider" section, enter the following, which can be retrieved by logging in to your SSO app and reviewing its configuration settings:
- ACS (also known as the Post Back URL, Reply URL, or Single Sign-On URL) – This is the URL to which authentication responses (containing assertions) are returned. If you added a Custom app, the ACS information is required in order to save the app.
- Entity ID (also known as the Issuer ID or App ID for your app) – This is the Metadata URL of the Service Provider.
- Nickname – The name of the app how it appears in the Admin Console (and Cloud Apps, if your users have a LastPass password management Vault).
Step #4: Advanced setup (optional)
Under the "Advanced Setup" section, you can add any of the following additional customizations:
- Role – Learn how to create roles.
- IDP – Custom
- Relay State – Custom
- Identifier – Choose from Email, Secondary Email, User ID, Groups, Roles, or CustomID. By default, Email is selected
- Step Up Authentication (optional) – Check the box to enable the use of the LastPass MFA app when signing in to your app
- SAML Signature Method (optional) – Check the box(es) for using SHA1 and/or SHA256
Step #5: Manage custom attributes (optional)
Step #6: Assign users to your app
During the app setup, you can click
Save and assign to begin selecting users to assign. Otherwise if you have already saved the app, click the Assign Users icon
for your app.

- You can assign new users or groups, or manage those already selected by doing either of the following:
- To assign new, select the User or Group tab, then locate and click to select.
Tip: You can deselect by clicking on the user or group again, or click Remove All to remove all selected users.
- To manage selected, click the Selected tab to view all users and groups already assigned. If desired, click the Delete icon
to remove users or groups.
- To assign new, select the User or Group tab, then locate and click to select.
- Click Save when finished.
Step #7: Configure and finalize the SSO app integration
You can now search our
SSO App Catalog for your desired app, and follow the instructions in
Part 2 and
Part 3 to finish the SSO app integration setup.
Note: The SSO app integration for Office 365 has additional steps for manual configuration within
Part 1.