All Collections
Integrations
Using the LastPass SAML Integration
Using the LastPass SAML Integration
Ryan Hutcheson avatar
Written by Ryan Hutcheson
Updated over a week ago

Pinpoint supports SAML providers for Single Sign On. Please note that our current SAML implementation does not yet support Just in Time account creation ('Provisioning'). This means that a user will only be logged in to Pinpoint if their account has already been created. If a client would like this functionality, please talk to the Dev team about this, and we will discuss requirements. This guide does preemptively configure LastPass to include the First and Last name when it is authenticating, to allow this possibility in the future.

Steps to configure Pinpoint

  1. Log in to Pinpoint as a user who has the role Company Manager

  2. On the left hand side, in the menu under Settings, click Integrations

3. Click on Apps and then search for 'SAML', then click Add

4. You will be shown this screen. At this stage we suggest you open an additional window and follow the steps in LastPass until the next section. You will be copy-pasting some of these details into LastPass.

Steps to configure LastPass

  1. Log in to LastPass enterprise and click on Admin Panel

  2. Click on Applications and click 'Web App'. Click on 'Add Application' or 'Add your first SSO app'

3. Under App Type, select 'Custom', and type the application name 'Pinpoint'

4. Click on Service Provider and fill in:

  1. ACS: [Copy Consumer URL from Pinpoint]

  2. Entity ID: [Copy Entity ID from Pinpoint]

  3. Nickname: Pinpoint

5. Click on Custom Attributes

  1. Check both ☑ Sign Assertion and ☑ Sign Response

  2. Attribute 1: Last Name → user.last_name

  3. Attribute 2: First Name → user.first_name

  4. Upload the Pinpoint logo:

6. Click Save. We now need the metadata XML to paste into Pinpoint. Click the settings icon on the application to reopen the application dialog and select 'Identity Provider', then click Metadata to download the XML file.

View the contents of the downloaded metadata and Copy (it will look something like this)

Back over to Pinpoint

  1. Paste the contents of the XML into the Metadata field and press Save

2. You should now be able to click 'Enable' on the top right of the integration settings page and login via LastPass (once users have been added to the application).

Back to LastPass

  1. Configure user access to the Pinpoint application via your own internal policies.

  2. Please note that if a user does not yet have an account in Pinpoint, and attempt to login, they will see a notice screen instead. Add this user to Pinpoint manually for single-sign on to work.

Related Articles
How to configure your JumpCloud integration
How to enable the Okta integration with Pinpoint
Setting up Azure Active Directory as your IDP
Using the Metaview Integration
Setting up Single Sign On using SAML
Did this answer your question?