HELP FILE

How do I update my Azure AD federated login integration to allow logins from managed mobile devices?

    LastPass admins can make changes to their existing federated login configuration in both Azure AD and in the LastPass new Admin Console in order to allow users to log in to the LastPass Password Manager mobile apps using their Azure AD credentials when conditional access policies are enforced.

    • Update the Login App settings in Azure AD.
      1. In the Azure AD portal, navigate to your home directory at https://portal.azure.com/#home.
      2. Select App registrations.
      3. Select the Login App for LastPass.
      4. Select Authentication in the left navigation.
      5. Select Add a platform.
      6. Complete the setup for your desired platform(s):
        Platform Instructions
        iOS
        1. Select iOS.
        2. For the bundle ID value, enter com.lastpass.ilastpass.
        3. Select Configure.
        4. The redirect URI should be the following: msauth.com.lastpass.ilastpass://auth
        Android
        1. Select Android.
        2. For the package name value, enter com.lastpass.lpandroid.
        3. For the signature hash value, enter Nj4J6bdFV874uA0vAgoHGeD4ip0=
      7. Select Save when finished.
    • Update the Azure AD settings in LastPass.
      1. Log in and access the Admin Console at https://admin.lastpass.com/.
      2. Select Users > Federated login > Azure AD.
      3. Check the box for the Enable Conditional Access Policies setting.
      4. Select Save Changes.
    Results: You have updated your configuration settings in both Azure AD and the LastPass new Admin Console to allow users to sign in to the LastPass app for iOS or Android using federated login.
    What to do next: Inform users that they can log in to the LastPass app for iOS or Android using federated login (i.e., using their Azure AD credentials).