product icon

How do I activate federated login via AD FS as a new user?

    Your Welcome email will include your LastPass username (email address) and instruct you to log in to LastPass so that your vault can be de-crypted and re-encrypted to utilize your AD FS account going forward.

    Note:  These activation steps do not apply to brand new federated login users provisioned via Azure AD, Okta, Google Workspace, PingOne, PingFederate, or OneLogin – see those instructions.
    Before you begin: The steps below can only be performed via the LastPass web browser extension.
    1. Open the Welcome email you received.
      Welcome email with no activation code
    2. In your web browser toolbar, click the inactive LastPass icon inactive LastPass icon, then enter your username/email address and click Log In.

      Result: A progress bar is displayed to indicate that your LastPass vault is being re-encrypted with your AD FS account.

    3. Once complete, you must log in once again (also using the LastPass web browser extension).

      Result: You are redirected to your company's federated login page (AD FS sign-in page).

    4. Finish signing in to LastPass using your AD FS account credentials.
    Results: Your LastPass account is now activated to use federated login, and you will continue to use your AD FS account credentials to access your LastPass vault.