product icon

Step #1: Generate a Provisioning Token

    To begin the setup process for LastPass using Okta, capture both the Connection URL and Provisioning Token from the New LastPass Admin Console.

    Before you begin: It is required that you enable the “Permit super admins to reset master passwords” policy for at least one LastPass admin (who is also a non-federated admin, if you are setting up federated login) in the LastPass new Admin Console. This ensures that all LastPass user accounts can still be recovered (via master password reset) if a critical setting is misconfigured or changed for after setup is complete.
    Tip: Open a text editor application so that you can save the values that will be used to connect LastPass and Okta.
    About this task: The steps below are performed in the LastPass new Admin Console.
    1. Access the new LastPass Admin Console by opening a web browser and navigating to https://admin.lastpass.com/.
      Note: In Australia, Singapore, and India, there are data storage centers, but your data will be transferred through the US data center.
    2. Enter your LastPass administrator email address and master password, then click Log In.
    3. Go to Users > Directories.
    4. Select the Okta tab.
    5. Copy the URL and paste it into your text editor application.
      Remember: You will be using this value in a later step.
    6. Click the Create Provisioning Token to generate it, then copy the Token and paste it into your text editor application.
      Remember: You will be using this value in a later step.
      Note: If you navigate away from the Okta tab within the Directory Integrations page, the Provisioning Token will no longer be accessible through the LastPass new Admin Console. If the Token is lost, a new one can be generated, but this will invalidate the previous code. Any process that used the old Token will need to be updated with the new one. A new Provisioning Token can be generated by navigating back to the Okta tab and clicking Reset Provisioning Token.
    Results: You have created the Provisioning Token in LastPass and saved it for later use.
    Okta tab within Directory Integrations in LastPass Admin Console
    Parent article: Set Up Federated Login for LastPass Using Okta With an Authorization Server
    Next article: Step #2: Create the LastPass Provisioning App in Okta