The LastPass SSO solution leverages SAML 2.0 to provide the best performance in endpoint security solution for a wide range of business needs. Because of its functionality, versatility, reliability, and scalability, SAML is an ideal option for service providers and identity providers alike.
LastPass provides a true SSO experience for end users, allowing them to access key apps without having to enter a unique password, thus delivering a more efficient authentication flow and enhanced productivity.
In this article we will outline setting up LastPass as a SAML Identity Provider so that we can utilize Telnyx's Single Sign-On feature. LastPass is a password manager that stores encrypted passwords online. It is one of the many SAML providers that Telnyx supports for our SSO feature.
Additional resources:
Instructions for setting up LastPass SAML Identity Provider with Telnyx
In this activity you will:
Pre-requisites:
Ensure that your Telnyx Mission Command Portal is configured properly
RECOMMENDED: Enable TLS to encrypt your traffic
Create an Organization in the Organization section of your Telnyx Mission Control Portal
Video Walkthrough
Setting up your Telnyx SIP portal account so you can make and receive calls:
LastPass: Configuring Single Sign-On (General)
Note: Video walkthrough for LastPass SAML/Telnyx-specific configuration coming soon. Check back as we update our docs. |
1. Create an SSO app on LastPass
In this section, you will create an SSO app on LastPass that you'll use to configure SSO authentication through Telnyx.
Log into your LastPass admin portal.
From the left-hand navigation, click Applications →SSO Apps.
Click Add your first SSO App.
On the pop-up screen, click on Add unlisted app. You'll be prompted to choose a name for your app.
On the Configure App page, make sure you're on the Set up App tab, then click Expand. You'll see information that will look similar to the screenshot below. Make note of this. You'll need it soon.
2. Obtain Organization configuration details from Telnyx
In this section, you'll log into your Telnyx portal and get the necessary configuration details to finish setting up your LastPass SSO app.
Log into your Telnyx Mission Control Portal.
If you did not complete this step as part of your pre-requisite activities, navigate to your Organization section of the Telnyx Mission Control Portal to create an Organization.
Once created, navigate to the Single Sign-On section of the portal and click the green Enable Single Sign-On button.
You will be presented with the following fields:
Authentication Provider name and Short Name: Enter the values that make sense for you here.
Please note that the Short Name will be part of the SSO URLs.Manually enter configuration: Select this
IdP Certificate Fingerprint: Provide the value from the Certificate Fingerprint:(SHA256) field you copied from LastPass in section 1.
IdP Certificate Fingerprint Algorithm: select sha256.
IdP Entity ID: Provide the value from the Entity ID field you copied from LastPass in section 1.
IdP SSO Target URL: Provide the value from the SSO Endpoint field you copied from LastPass in section 1.
Click Save Changes.
Scroll down to the Authentication Provider Generated Config section and take note of the following values, as you'll need them soon:
Assertion Consumer Service URL
Service Provider Entity ID
3. Add your Telnyx Organization details to your LastPass SSO app
In this final section, you'll return to LastPass and provide the information you obtained from Telnyx in step 6 of section 2.
Log into your LastPass admin portal.
Open the Set up LastPass tab and click Expand.
Click on the Advanced Settings dropdown and provide the following information:
ACS: Provide the value from the Assertion Consumer Service URL field you copied from Telnyx in step 6 of section 2.
Entity ID: Provide the value from the Service Provider Entity ID field you copied from Telnyx in step 6 of section 2.
Identifier: Select Email.
SAML signature method: SHA256
Sign Response: Enable this
When your configuration is complete, click Save & Assign to users.
On the next page, click on Assign users, groups and roles.
Select all appropriate users you would like to assign this app to using the check boxes beside their email IDs.
When all users are selected, click Assign.
Once you are ready to enable the configs, on the Telnyx Mission Control Portal, click on Enable Single Sign-On.
Click Save Changes.
Your chosen settings are now in effect! This will send all users in your organization an email informing them that SSO is now enabled. Your users will still be able to login using username/password for the next 72 hours. After that, they will be required to use SSO.
Troubleshooting
Q. I'm experiencing difficulty with this configuration!
A. If you experience technical difficulties while attempting to set up your LastPass SSO with Telnyx, its possible your provider is experiencing outages/maintenance. You can check the status of LastPass features at https://status.lastpass.com/.
Additional Resources
Review our getting started with guide to make sure your Telnyx Mission Control Portal account is setup correctly!
Additionally, check out: