Part 1 – Configuration on LastPass Dashboard
- Open the LastPass Admin Dashboard. Select “Applications” from the left side menu and then select “Web App” from the submenu.
- Click on “+ Add SSO App” button from the upper right corner.
- A pop-up window will appear. Under the section: “Select your app”, click on “Search…” and type Salesforce to search the LastPass Catalog. Select Salesforce from the drop-down menu.
- Under the section: “Identity Provider”, you will find the required information such as “Entity ID”, “SSO End Point”, and “Logout URL”. Also, you can download the LastPass Metadata xml or Certificate file to your computer by clicking on the download arrow button next to “Metadata” or “Certificate”.
Part 2 – Configuration on Salesforce
- With the lightening experience, Select “Identity” and then “Single Sign-on Settings”.
- Upload the Meta Data file that you downloaded from LastPass dashboard.
- Most of the information is already filled in using the Meta Data. Please add the following information:
Identity Provider Certificate: Upload the certificate file you’ve just downloaded from LastPass dashboard
Identity Provider Login URL: https://identity.lastpass.com/SAML/SSOService (SSO End Point copied from LastPass dashboard)
Identity Provider Logout URL: https://identity.lastpass.com/Login/Logout (Logout URL copied from LastPass dashboard)
- Click on “Save“.
- Copy the Salesforce Login URL. You will use it to configure your ACS URL on your LastPass dashboard.
By completing the steps above, your users will be able to access SalesForce from LastPass Cloud Apps portal. In order for users to be able to directly log in from Salesforce with the same LastPass user experience, please continue the next 2 optional steps and set up a customized Salesforce domain. Your users can login directly from that domain to Salesforce.
- From the left side menu select “Domain Management” and then “My Domain”.
- If you don’t have a domain setup already, provide a name for your organization (https://yourworkdomain.my.salesforce.com), check availability, and select “Register Domain“. It will take a few mins for your domain to get ready.
- Then, scroll down and click on the “Edit” button next to “Authentication Configuration”.
- Uncheck the Login Page checkbox and check the LastPass checkbox instead. Click on “Save“.
Salesforce is now configured! Please see the Assign Users page for instructions on assigning users to Salesforce.