product icon

How can I change the SAML certificate of an application?

    You can create a new certificate in the LastPass new Admin Console by creating a new SAML key, which can be used to set up single sign-on between LastPass and your desired app or website. Once created, you can upload the new certificate to the SSO app's Service Provider settings.

    About this task: To create a new SAML key, do the following:
    1. Log in with your email address and master password to access the new Admin Console at
    2. If prompted, complete steps for multifactor authentication (if it is enabled for your account).
    3. Go to Advanced > Keys.
    4. Under SAML, click Create new key to create a new SAML key.
    5. Your new SAML key contains the following fields and actions for each:
      Setting in LastPass Instructions
      ID View the SAML key ID
      • Click to view
      • Click to copy
      Status Active or Inactive status (if SAML key is in use)
      SAML key
      • Click to download the public key
      • Click to download the public certificate
      • If desired, click to delete this SAML key if it is no longer needed
        Warning: Deleting a SAML key will invalidate any SSO integration you have set up that is currently using this SAML key. Learn more about managing your SAML keys before deleting.
    Results: You have created a new SAML key for LastPass.
    What to do next: If you downloaded the public key and the public certificates for the SAML key, you can now upload them to your SSO app's Service Provider settings.