Step #1: Generate a Provisioning Token and obtain the Connection URL in LastPass
To begin the setup process, capture both the Connection URL and Provisioning Token from the LastPass Admin Console.
Before you begin: It is required that you enable the “Permit super admins to reset Master Passwords” policy for at least one LastPass admin (who is also a non-federated admin) in the LastPass Admin Console. This ensures that all LastPass user accounts can still be recovered via master password reset, if a critical setting is misconfigured or changed for federated login after setup is complete.
Tip: Open a text editor application so that you can save the values that will be used to connect LastPass and OneLogin.
About this task: The steps below are performed in the LastPass new Admin Console.
- Log in and access the Admin Console at https://admin.lastpass.com/.
- Enter your LastPass admin email address and master password, then click Log In.
- Select .
- Select OneLogin.
- Copy the URL and paste it into your text editor application.
- Click Create token to generate it, then copy the Token and paste it into your text editor application.
Note: If you navigate away from the OneLogin tab within the Directory Integrations page, the Provisioning Token will no longer be accessible through the LastPass Admin Console. If the Token is lost, a new one can be generated, but this will invalidate the previous code. Any process that used the old Token will need to be updated with the new one. A new Provisioning Token can be generated by navigating back to the OneLogin tab and clicking Reset provisioning token.
Results: You have captured both the Connection URL and Provisioning Token from the LastPass Admin Console.
Parent article: Set Up Federated Login for LastPass Using OneLogin
Next article: Step #2: Add the LastPass Provisioning app in OneLogin