If I change my company's domain, how do I make sure my LastPass users are updated?
If you have a LastPass Business account and plan on changing your company's domain, you will want your users' email addresses to reflect the new domain.
Users that were manually added to LastPass
For users that were manually added to a LastPass account, they can update their email addresses manually within the Account Settings of their LastPass user account (instructions here).
Users that were added via automated provisioning
If you are a LastPass admin and have added your LastPass users via automated provisioning (i.e., LastPass AD Connector, Azure, Okta, Okta Hybrid, Google Workspace, PingOne, OneLogin, Provisioning API), you can update your users' email addresses in two different ways (listed below as Option #1 and Option #2).
Option #1: Update each user manually within the Admin Console
If you are an admin with the "Permit super admins to reset master passwords" policy enabled, you can choose to change each user's LastPass email address manually.
Option #2: Update automatically and force user action
As a LastPass admin, you can update your user objects with the new email domain as the email attribute value. This will trigger an email notification to be sent to your users.
- Active Directory integration – Using the LastPass AD Connector, SCIM Provisioning via Azure AD, Okta, OneLogin, and PingOne
- Federated login implementation – Using Azure, Okta, Okta Hybrid (which requires the LastPass AD Connector), Google Workspace and PingOne
Restriction: Automatic email changes are not supported for users provisioned by Federated Login using AD FS (both the traditional and simplified versions) or PingFederate. This means that a LastPass admin must manually change the email addresses of these users using Option #1 above.
User experience for users provisioned via Active Directory integration

User experience for users provisioned via federated login implementation
