Set Up Federated Login for LastPass Using Okta With an Authorization Server
Option #3 (standard configuration, with an authorization server)
LastPass Business account admins can set up and configure federated login using Okta in a few different ways so that users can log in to LastPass without ever having to create a second master password. Once Okta federated login is set up, LastPass Business users can log in to LastPass using their Okta account (instead of a username and separate master password) to access their LastPass vault.
Federated login using Okta can be set up in the following ways:
Option | Identity Provider | Directory Provider | Authorization Server | Account requirements |
---|---|---|---|---|
Option #1 (standard configuration, without an authorization server) For more information, see Set up Federated Login for LastPass using Okta without an authorization server. |
Okta SCIM |
Okta SCIM |
✘ |
All of the following:
|
Option #2 (hybrid configuration) For more information, see Set up Federated Login for LastPass using Okta SSO and active directory. |
Okta SSO |
Active Directory |
✘ |
All of the following:
|
Option #3 (standard configuration, with an authorization server - this article) For more information, see instructions below in this guide or watch the video. |
Okta SCIM |
Okta SCIM |
✔ |
All of the following:
|
This guide provides setup instructions for using LastPass with Okta SCIM as your Identity Provider (IdP) and directory provider. This type of setup may be referred to as a "standard” configuration (Option #3).
LastPass supports the following provisioning features:
- Create Users
- Update User Attributes
- Deactivate Users
- Push Groups
Before you begin
Before you begin the setup process between the LastPass Admin Console and the Okta Admin portal, review important information that applies to federated users.
- Review the limitations that apply to federated user accounts.
- Additionally, linked personal accounts must be verified on every new device that a federated user will use for logging in to access their LastPass vault.
You are now ready to follow the step-by-step instructions indicated at the bottom of the page to set up federated login using Okta SCIM as your Identity Provider and directory provider (with an authorization server). Complete all steps one by one.