Add SSO apps for LastPass users
App integrations (that is, SSO applications) are common online tools used within your company for which a LastPass admin has set up a single sign-on integration. This allows you to sign in to those apps using the same credentials that you use for LastPass.
Note: This feature is only available for LastPass Business accounts. For more information on how to upgrade your account with the Advanced SSO add-on, see How do I upgrade my LastPass Business account with an add-on?
For more information about SSO Apps and their functionality, view LastPass Admin Toolkit: Using Single Sign-On (SSO).
Add the SSO app to LastPass
Configure the app
Sign in to your account at the app's website and go to this app’s settings to enable single sign-on. Make sure your app recognizes LastPass as the Identity Provider. Some apps allow you to upload settings in an XML file, while others require you to copy and paste the following information:
Name in LastPass | Value |
---|---|
Entity ID | |
SSO Endpoint | |
Logout URL | |
Certificate fingerprint | Provided in the Set up app section of the SSO app. If needed, download the LastPass certificate in PEM, DER, or Download metadata (XML) format. |
Certificate fingerprint (SHA256) | |
Certificate (PEM) |
Set up LastPass
Assign test users to your app
About this task: During the app setup, you can click
Save & assign users to assign a test user to your app.
Test logging in to your app
About this task: You can try to log in to your selected app with you currently logged in user.
- In the Test login window, select Open <your app> to open your app's URI configured in the ACS field in a new browser tab.
- Sign in to your app through SSO using your LastPass user.
- Go back to the LastPass admin page.
- Select one of the following options under Was the login successful?:
- Select Yes if the login was successful, then click Save & continue.
- Select No if the login was not successful, then click Restart configuration to restart the setup.
Assign users to your app
About this task: After testing the connection to your app, you can assign users, groups, and/or roles to your SSO app.