How do I add the "active" user attribute in Azure AD for LastPass federated login?
The "active" user attribute is not listed when configuring your user attributes in the Azure AD portal during the setup process for LastPass federated login.
The "active" user attribute was deleted from your Azure AD environment.
The LastPass admin who is setting up federated login can add the "active" user attribute back in the Azure AD portal by doing the following:
- Log in to your Azure AD portal with your administrator account credentials at https://portal.azure.com.
- Click Enterprise applications.
- Select the LastPass Provisioning App you created.
- Go to .
- Scroll down and check the box for Show advanced options.
- Click Edit attribute list for customappsso.
- Scroll to the bottom, then enter active in the first empty field.
- For the "Type" drop-down menu select Boolean.
- Click Add Attribute, then click Save.
- Back on the Attribute Mapping page, below your existing user attributes, click Add New Mapping.
- On the Edit Attribute menu in the right navigation, enter the following:
For this setting: Enter or select this: Mapping type Expression Expression Switch([IsSoftDeleted], ,"False", "True","True","False") Target attribute active Match objects using this attribute No Apply this mapping Always
- Click OK.
Result: You have successfully added the "active" user attribute back to Azure AD.