HELP FILE

Generate SSO and MFA Reports

There are several report types available for LastPass SSO, MFA, and SSO & MFA admins to audit their users and access, application usage, actions performed by admins, notifications triggered, SAML logins, and much more. These reports can be exported as a CSV file to be shared with key stakeholders.

Reports generated from the LastPass SSO and/or MFA Admin Console are separate from those available in the LastPass Password Manager Admin Console – see Generate LastPass Enterprise Reports for more information.

Reports Overview

  1. Log in and access the LastPass Admin Console by doing either of the following:
    1. While logged in to LastPass, click the active LastPass icon in your web browser toolbar, then select Admin Console in the menu.
    2. Log in at https://lastpass.com/?ac=1 with your username and Master Password, then select Admin Console in the left navigation.
  2. In the left navigation of the Admin Console, select SSO, MFA, or SSO & MFA.
  3. Click Reports in the left menu, then select Overview to review the following:
    • User access – Includes an overview of successful authentication, failed authentications (e.g., no user response), and alerts (with denied requests and suspicious activities)
    • Application usage – Includes application names and usage
    • Smart Phones usage – Includes iOS and Android device usage

Admin reports

You can view all actions performed by admins, including admin name, time of action, and description of the actions performed. You can filter by using the Search field, or use the drop-down menus for Time, Admins, and/or Description. Click the Download icon to export your report as a CSV file.

The following descriptions are available for admin reports:

  • Add app
  • Add Blacklisted IP range
  • Add group
  • Add policy
  • Add Red Zone
  • Add user
  • Assign members to app
  • Assign user/group to client role
  • Assign user/group to privilege
  • Delete app
  • Delete Blacklisted IP range
  • Delete group
  • Delete policy
  • Delete Red Zone
  • Delete user
  • Edit authentication policy
  • Edit group
  • Edit policy
  • Edit recovery policy
  • Edit Red Zone
  • Edit user
  • Resend activation email
  • Unassign group from group
  • Unassign user/group from client role
  • Unassign user/group from privilege

User reports

You can view all actions performed by users, including the status, user name, email address, user status, time, and authentication method. You can filter by using the Search field, or use the drop-down menus for Time, Occurrence, and/or Type. Click the Download icon to export your report as a CSV file.

The following types are available for user reports:

  • Suspicious activity
  • User did not respond
  • Access denied due to unknown location
  • User rejected the request
  • Successful access
  • Access denied by Geofence

App reports

You can view application usage from users, including the name of the application, status, user's email address that used the app, web browser used, IP address, and time. You can filter by using the Search field, or use the drop-down menu for Time. Click the Download icon to export your report as a CSV file.

The following time frames are available for app reports:

  • Last hour
  • Last day
  • Last 7 days
  • Last 30 days
  • Last 6 months

Notification reports

You can view all notifications sent to users, including the date/time created, notification message, and status. You can filter by using the Search field, or use the drop-down menus for Time and/or Notification type. If desired, check the box for "Show pending notifications only". Click the Download icon to export your report as a CSV file.

The following Notification types are available for notification reports:

  • Request app
  • Login problem
  • Request for unlock phone

You can click Accept or Deny in the status column on behalf of a user.

SAML event reports

You can view all SAML (single sign-on) events from users, including time, user, application used, and IP address. You can filter by using the Search field, or use the drop-down menu for Time. Within the column in the far-right, click Response to view detailed SAML response info, and click Copy to clipboard if desired. Click the Download icon to export your report as a CSV file.

Related

Generate LastPass Enterprise Reports