Set Up Federated Login for LastPass Using Azure Active Directory
LastPass Enterprise and LastPass Identity account admins can set up and configure federated login so that users can utilize their organization's Active Directory (Azure AD or on-premise Active Directory) account to log in to LastPass without ever having to create a second Master Password.
Please review the account requirements and limitations that apply to federated users, then you can begin the setup process between the LastPass Admin Console and the Azure AD portal.
Syncing your Azure Active Directory with LastPass requires the following:
- A Premium tier subscription to Microsoft Azure Active Directory
- An active trial or paid LastPass Enterprise or LastPass Identity account
- An active LastPass Enterprise or LastPass Identity admin (required when activating your trial or paid subscription)
Limitations that apply to federated users
Step #1: Follow all steps in the Federated Login for Azure AD Guide
Follow the instructions to set up federated login using Azure AD as your Identity Provider within the Federated Login for LastPass Using Azure AD Guide .
Step #2: Set up Multifactor Authentication on Azure AD (optional)
If desired, you can set up Multifactor Authentication at the Azure AD (Identity Provider) level.
You're all set!
You have successfully set up your LastPass Enterprise or LastPass Identity account to use federated login with your Azure Active Directory. All of your newly populated federated users will receive a Welcome email informing them that they can now log in to use LastPass. Please note that your LastPass users must log in using the LastPass web browser extension in order to use federated login for their Azure AD account with LastPass.
- To learn more about deploying the LastPass web browser extension to your organization, please see Install LastPass Software Using the Admin Console.
- To see your end users' experience, please see Federated Login Experience for LastPass Users.
- If your end users have linked personal accounts associated with their federated login account, please see How do I verify my linked personal account?
- To convert a non-federated user to a federated user, please see How do I convert an existing LastPass user to a federated (Azure AD) user?