Advanced LastPass Admin Options

LastPass Enterprise provides the ability for admins to customize hundreds of settings to achieve the most secure and optimally performing solution for your organization. In the Advanced Enterprise Options of the Admin Console, admins can add and configure global domains and URLs, view a change log of Master Passwords, and much more.

Note: These features are only available to LastPass Enterprise and Identity admins.

Global Equivalent Domains

LastPass Enterprise admins can add Global equivalent domains for their account to allow users to manage a single login for different domains that are related. Learn more.

Global Never and Global Only URLs

LastPass Enterprise admins can add Global Never and Global Only URLs in the Admin Console to control when you do or do not want LastPass to prompt your users for action. Learn more.

Master Passwords change log

As an admin, it's important for you to have access to a change log that allows you to view when your users last changed their Master Passwords, and take additional action if they need to be forced to log out and update it. Learn more.

SAML Initialization

You can view your SAML initialization status and start initialization as follows:

  1. Log in and access the Admin Console at!/dashboard.
  2. Go to Advanced OptionsEnterprise Options in the left navigation.
  3. Click the SAML Initialization tab.
    • If SAML initialization was already started, you a confirmation message will be displayed that SAML has already been successfully initialized.
    • If you have not begun SAML initialization, click Initialize SAML.

Enabled Multifactor Authentication Options

LastPass Enterprise admins can restrict the Multifactor Authentication options available for use by users within their organization. Learn more about Multifactor Authentication options.

Duo Security integration

LastPass Enterprise supports Duo Security integration, which allows admins to configure policies and authentication methods when using Duo Security. Learn how to integrate Duo Security.

Splunk Integration

All available events that take place in the LastPass Enterprise Admin Console (e.g., login activity, Master Password changes, form fill attempts, etc.) can be passed to a Splunk Cloud instance, where you can then create custom reports using that data. This allows you to use the advanced functionality of Splunk Cloud to access and report on your LastPass Enterprise activity. To take advantage of this integration, you need a running Splunk Cloud instance with a configured Data Input as HTTP Event Collector. Learn how to integrate Splunk.

RSA SecurID via RADIUS authentication

LastPass supports RSA SecurID authentication via RADIUS. To set up this integration, you must set up a RADIUS client for LastPass in your RSA Authentication Manager. Learn how to integrate RSA SecurID.

Symantec VIP authentication

LastPass Enterprise supports Symantec VIP authentication. In order to set up this integration, you must provide LastPass with a Symantec VIP certificate. Learn how to integrate Symantec VIP.

SecureAuth authentication

LastPass supports SecureAuth authentication. In order to set up this integration, you must provide LastPass with your SecureAuth Application ID, Application Key, and Realm. Learn how to integrate SecureAuth.


LastPass Admin Management of Global Never and Global Only URLs

How do I manage my URL Rules as an Enterprise Admin?

LastPass Admin Management of Multifactor Authentication Options

LastPass Admin Management of Global Equivalent Domains