LastPass
  • 20 Mar 2022
  • 4 Minutes to read
  • Dark
    Light
  • PDF

LastPass

  • Dark
    Light
  • PDF

LastPass is a password manager that stores encrypted passwords online.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Users

Parameters

  1. Account Type (required, default: LastPass API) - Select the Account Type from the dropdown.

    • If the Account Type selected is LastPass API, the following parameters are displayed:

      1. Host Name or IP Address (required, default: https://identity-api.lastpass.com) - The hostname or IP address of the LastPass server that Axonius can communicate via the Required Ports.
      2. API Key (required) - An API Key associated with a user account that has the Required Permissions to fetch assets.
      3. Public Key File and Private Key File (required) - Click Choose file to upload the Public key file and Private key file, used for authentication. For more information, refer to Generating Keys.

    • If the Account Type selected is LastPass Business API, the following parameters are displayed:

      1. Host Name or IP Address (required, default: https://lastpass.com) - The hostname or IP address of the LastPass server that Axonius can communicate via the Required Ports.
      2. CID (Account number) (required) - Specify the CID (account number) used to make requests to the LastPass Business API.
      3. Provisioning hash (required) - Specify the provisioning hash used to make requests to the LastPass Business API.
        To obtain the CID and provisioning hash, see Generating the CID and Provisioning Hash.

  2. Verify SSL (required, default: false) - Select to verify the SSL certificate offered by the value supplied in Host Name or IP Address. For more details, see SSL Trust & CA Settings.

  3. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Host Name or IP Address.

    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Host Name or IP Address.
    • If not supplied, Axonius will connect directly to the value supplied in Host Name or IP Address.
  4. HTTPS Proxy User Name (optional, default: empty) - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
    • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
  5. HTTPS Proxy Password (optional, default: empty) - The password to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

    • If supplied, Axonius will authenticate with this value when connecting to the value supplied in HTTPS Proxy.
    • If not supplied, Axonius will not perform authentication when connecting to the value supplied in HTTPS Proxy.
  6. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

LastPass

APIs

Axonius integrates with APIs for LastPass Personal and LastPass Business accounts.


Required Ports

Axonius must be able to communicate with the value supplied in Host Name or IP Address via the following ports:

  • TCP port 443

Required Permissions

The value supplied in API Key must be associated with credentials that have permissions to fetch assets.

Generating Keys

To generate key files:

  1. Navigate to the LastPass Portal LastPass Portal.
  2. From the left pane, select Advanced Options.
  3. From the submenu, select Keys. The Keys Management page is displayed.

lastpasskeys.png

  1. Under Existing Keys, from the Generic API row, click Refresh (1). When requested to download public-key.cer, save this file to your system.
  2. Click the yellow Download (2) button. When requested to save the private-key.cer, save this file to your system.
  3. Click the green Copy (3) button to copy the API key.


Generating the CID and Provisioning Hash

To generate the CID and provisioning hash:

  1. Log in with your email address and master password to access the new Admin Console at the LastPass Login Page.
  2. Navigate to the Dashboard tab. The CID (account number) is located at the top of the page, preceded by the words "Account number". Jot down the CID information, as you will subsequently need it.
  3. Navigate to Advanced > Enterprise API.
  4. Do one of the following:
    • If you have not previously created your provisioning hash, click Create provisioning hash > OK. The provisioning hash appears at the top of the page.
    • If you previously created your provisioning hash but have since forgotten it, generate a new one.
Warning:

If you have already created a provisioning hash, then generating a new hash will invalidate the previous hash, and will require you to update all integrations with the newly generated hash.
To proceed with creating a new provisioning hash, click Reset your provisioning hash > OK. Your new provisioning hash is displayed at the top of the page.

Note:

Update all integrations that used the previous provisioning hash.



What's Next
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.