Part 1 – Configuration on LastPass Dashboard
  • Open the LastPass Admin Dashboard. Select “Applications” from the left side menu and then select “Web App” from the submenu.

LastPass Web Applications

 

  • Click on “+ Add SSO App” button from the upper right corner.

Add SSO application

 

  • A pop-up window will appear. Under the section: “Select your app”, click on “Search…” and type G Suite to search the LastPass Catalog. Select G Suite from the drop-down menu.

SSO App Catalog

 

  • Under the section: “Identity Provider”, you will find the required information such as “Entity ID”, “SSO End Point”, and “Logout URL”. Also, you can download the LastPass Metadata xml or Certificate file to your computer by clicking on the download arrow button next to “Metadata” or “Certificate”.

SSO Identity Provider

 

You can also select just one app at a time, such as Gmail, Calendar, etc. The instructions are the same for both use cases (full Google App Suite vs. a single app).

 

Part 2 – SSO Configuration on G Suite
  • Open a new tab on your browser and log into your Google admin console.
  • Click on ”Security”.

G Suite Admin Security

 

  •  Select “Set up single sign-on” option.

G Suite Setup SSO

 

  •  Scroll down to select “Setup SSO with third-party identity provider”.
  • Enter the following information: 

Sign In Page URL: SSO End Point copied from LastPass Dashboard
Sign-out page URL: Logout URL copied from LastPass Dashboard
Change password URL: SSO End Point copied from LastPass Dashboard
Certificate: upload the certificate you downloaded from LastPass

  • Then save the changes.

 

Part 2 – Finalizing SSO Configurations
  • Go back to the browser tab where you have the LastPass Admin Dashboard open.
  • Expand the “Service Provider” section and paste  the following URL in the ACS URL text box:
    google.com/a/yourworkdomain.com
  • Click on “Save”.

SSO Service Provider

 

G Suite is now configured! Please see the Assign Users page for instructions on assigning users to G Suite.