Set Up Federated Login for LastPass Using Okta

LastPass Enterprise and LastPass Identity account admins can set up and configure federated login so that users can utilize their organization's Okta directory account to log in to LastPass without ever having to create a second Master Password.

Please review the account requirements and limitations that apply to federated users, then you can begin the setup process between the LastPass Admin Console and the Okta Admin portal.

In this set of instructions, Okta is defined as the Identity Provider (IdP) used for authentication.

Account requirements

To enable federated login for LastPass using Okta, the following is required:

  • You must be using all of the following:
    • Okta Single Sign-On
    • Okta Lifecycle Management
    • API Access Management
  • An active trial or paid LastPass Enterprise or LastPass Identity account
  • An active LastPass Enterprise or LastPass Identity admin (required when activating your trial or paid subscription)

Limitations that apply to federated users

Step #1: Follow all steps in the Federated Login for Okta Setup Guide

Follow the instructions to set up federated login using Okta as your Identity Provider within the Federated Login for LastPass Using Okta Guide.

Step #2: Set up Multifactor Authentication on Okta (optional)

If desired, you can set up Multifactor Authentication at the Okta (Identity Provider) level.

You're all set!

You have successfully set up your LastPass Enterprise or LastPass Identity account to use federated login with your Okta directory. All of your newly populated federated users will receive a Welcome email informing them that they can now log in to use LastPass. Please note that your LastPass users must log in using the LastPass web browser extension in order to use federated login for their Okta account with LastPass.