User Directory Integration

Automate and scale password management when you connect LastPass with your User Directory.


What is a directory integration?

Your identity provider (IDP) remains your single source of truth when establishing a directory integration with LastPass.
This is an incredible time-saver for IT admins, as the integration automates account creation, user termination, group management and more – all from your user directory.


Utilize your source of truth

By integrating LastPass with your identity provider, you establish a trust relationship between your identity provider (IDP) and us. The IDP – your single source of truth – will check a user’s credentials against its database, verifying their identity before granting access to their password vault.

It’s an incredible time-saver for IT departments, as they can grant and revoke access to LastPass and all the applications within a user's vault through your user directory.

Integrate with all major identity providers

We support the most popular directories so you can save your IT staff valuable time and keep your data more secure.


Microsoft™ Active Directory

A configurable, lightweight client that syncs user profiles from your on-premise AD.


Microsoft™ Azure AD

Through a SCIM API, our Azure AD endpoint syncs user profiles from your consolidated cloud directory.


Google Workspace

Automate and scale password management, while saving time for IT, with Google Directory Integration.



Automatically provision and deprovision from your single sign-on provider through a SCIM API.



Manage and provision both users and groups by establishing integration with PingOne or Ping Federate.



Manage onboarding, offboarding, and group assignments by utilizing a SCIM API for your OneLogin directory.


Custom API

Larger enterprises with complex onboarding needs can take advantage of our flexible, powerful API.


How Does a Directory Integration Work with LastPass?

Implementing and onboarding LastPass Business is easy with a user directory. We help you automate oversight of business password management by automatically testing and recognizing a user's identity.


Microsoft Active Directory (AD)

Businesses using AD can create a directory integration with LastPass through the LastPass AD Connector – configurable client that syncs profiles from your user directory to LastPass. When new users are created in your AD, we can automatically provision them with a LastPass Business account.


Cloud-based IDPs

Cloud-based IDPs – e.g., Google Workspace – seamlessly integrate with LastPass, requiring no extra tools. You can onboard and offboard users whenever they're created or disabled/deleted in your IDP.

Benefits of a directory Integration


Centralize onboarding

A configurable, lightweight client that syncs user profiles from your on-premise user directory.


One-click offboarding

Simply sync user profiles from your consolidated cloud directory.


Automate with groups

Automate and scale password management while saving IT time.


Build a foundation for federation

Once integrated, federate users so they can log in to their vault using just their directory password.


Never share your data with us

We've designed LastPass to protect what you store, so you can always trust us with your sensitive data.

Our zero-knowledge infrastructure ensures neither LastPass nor your user directory possesses enough information to access a user’s vault. We make sure only a user knows just what their LastPass password is, such that only they can encrypt and decrypt their password vault and data.


Zero-knowledge infrastructure

Your password vault and data are encrypted and decrypted at the device level. So, your users’ passwords will never be shared with our servers.


Strongest encryption standard

LastPass uses AES-256-bit encryption with PBKDF2 SHA-256 and salted hashes to ensure complete account security in the cloud.


SOC 2 Type 2 compliance

LastPass remains compliant with the “gold standard” of security and reliability – we safeguard user data and ensure our security measures remain up to date.


Save IT time while increasing security

Give IT greater control over provisioning and deprovisioning by integrating your user directory with LastPass.