Set Up Federated Login for LastPass Using Azure Active Directory

Federated login for LastPass Enterprise and Identity allows users to log in to LastPass using their organization's Active Directory (Azure AD or on-premise Active Directory) without having to create and use a separate Master Password.

Please review the account requirements and limitations that apply to federated users, then you can begin the setup process between the LastPass Admin Console and the Azure AD portal.

Note: In this set of instructions, Azure AD is defined as the Identity Provider (IdP) used for authentication.

Account and system requirements

Syncing your Azure Active Directory with LastPass requires the following:

  • A Premium tier subscription to Microsoft Azure Active Directory
  • An active trial or paid LastPass Enterprise or LastPass Identity account
  • An active LastPass Enterprise or LastPass Identity admin account (required when activating your trial or paid subscription)
Note: The LastPass Azure AD SCIM endpoint for federated login does not require any software installation.

Limitations that apply to federated users