LastPass federation integration with different TLD

%3CLINGO-SUB%20id%3D%22lingo-sub-1526667%22%20slang%3D%22en-US%22%3ELastPass%20federation%20integration%20with%20different%20TLD%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1526667%22%20slang%3D%22en-US%22%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20was%20looking%20into%20integrating%20LastPass%20and%20Azure%20AD%20with%20federation%20login%20(%3CA%20href%3D%22https%3A%2F%2Fsupport.logmeininc.com%2Flastpass%2Fhelp%2Fhow-do-i-set-up-federation-services-for-my-lastpass-enterprise-account-using-azure-active-directory%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Edocumentation%20here%3C%2FA%3E)%20except%20that%20I%20ran%20into%20a%20problem%20with%20the%20fact%20that%20the%20current%20users%20on%20my%20LastPass%20Enterprise%20have%20a%20different%20TLD%20than%20my%20users%20on%20Azure%2C%20which%20cause%20an%20endless%20loop%20when%20trying%20to%20authenticate.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFor%20example%2C%20on%20LastPass%20I%20have%20%22user_a%40example.com%22%2C%20but%20on%20Azure%20it's%20%22user_a%40example.uk%22.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20changed%20some%20emails%20on%20LastPass%20to%20match%20the%20domain%20my%20users%20use%20to%20login%20on%20Azure%20and%20it%20works%20just%20fine%2C%20but%20this%20would%20bring%20a%26nbsp%3Bplethora%20of%20other%20problems%20that%20I%20can't%20afford%20to%20deal%20with.%3CBR%20%2F%3E%3CBR%20%2F%3EThe%20question%20is%2C%20any%20way%20I%20can%20make%20Azure%20accept%20a%20domain%20different%20than%20the%20one%20used%20to%20login%3F%20I%20know%20some%20platforms%20can%20do%20this%20transformation%20on%20their%20side%20(I%20believe%20ServiceNow%20does%20this)%2C%20but%20LastPass%20support%20wasn't%20very%20helpful.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThank%20you%2C%3C%2FP%3E%3CP%3ERafael%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Frequent Visitor

 

Hello,

 

I was looking into integrating LastPass and Azure AD with federation login (documentation here) except that I ran into a problem with the fact that the current users on my LastPass Enterprise have a different TLD than my users on Azure, which cause an endless loop when trying to authenticate.

 

For example, on LastPass I have "user_a@example.com", but on Azure it's "user_a@example.uk".

 

I changed some emails on LastPass to match the domain my users use to login on Azure and it works just fine, but this would bring a plethora of other problems that I can't afford to deal with.

The question is, any way I can make Azure accept a domain different than the one used to login? I know some platforms can do this transformation on their side (I believe ServiceNow does this), but LastPass support wasn't very helpful.

 

Thank you,

Rafael

0 Replies