Skip to main content
Sign in

Creating an extended integration for LastPass users

  • November 13, 2024 14:07
  • Updated

Let Oomnitza be your single source of truth!

You'll get complete visibility of your users as data from LastPass is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and LastPass in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key user information
  • Configurable reports to share information about users with your colleagues and management
  • Workflows that can be used to onboard and offboard employees  
    • Workflows for deactivating and deleting users
    • Workflows for changing master passwords and resetting passwords
    • Workflows for re-inviting users
  • Workflows for getting a SaaS user's role and deactivating SaaS users

Navigation

small_blue_link.svg Add credentials

small_blue_link.svg Create the user integration

small_blue_link.svg Create workflows

Before you start

To stream LastPass user data into Oomnitza, you use basic authorization.

Best practice
For the integration with Oomnitza, create a dedicated user account.

Add credentials to the vault in Oomnitza

  1. In Oomnitza, go to Configuration>Security>Credentials.
  2. Click Add new credential (+).
  3. Search for the integration, and then click the forward button > to select the integration.
  4. Enter the user name and password of your account
  5. Click Create.

Integration not in the list? Click Advanced Mode and complete these steps:

  1. Add the information details.
  2. Click the AUTHORIZATION tab.
  3. Ensure that Basic Auth is selected as the authorization type.
  4. Enter the user name and password of your account.
  5. Click Create

Next

You use the credentials that you added to create and customize your LastPass user integration with Oomnitza.

You'll also need the following information to create the integration:

  • Client ID (LastPass account number)
  • Provisioning hash (API secret) 

Useful links

small_blue_link.svg LastPass API Documentation 

small_blue_link.svg CID (LastPass account number) and API secret (provisioning hash) 

Create the user integration

  1. In Oomnitza, click Configuration > Integrations > Overview.
  2. Click Block view block_view.PNG.
  3. On the Integrations page, scroll down to the Extended section for user integrations.
  4. Click NEW INTEGRATION.
  5. In the sidebar, search for the integration.
  6. Click ADD.

Integration details overview

More information is provided about the following fields to help you complete the integration:

  • User only. Add user records.
  • User plus SaaS user. Add user and SaaS user records. 

The benefit of adding SaaS user records is that you can run a workflow to validate the status and activity of SaaS users and retrieve information such as the role of the SaaS user. The information that can be retrieved depends on whether SaaS user workflows are available for the integration. 

Installation types

  • Cloud. Store credentials in the Oomnitza cloud.
  • Local. Store credentials locally. If you want to sync Oomnitza with vendor applications that require AWS or OAUTH authentication, select cloud as the type of installation. Local installations don't support AWS and OAuth authentication. 

Integration preferences

  • Create & Update. Add and update records.
  • Create only. Add records.
  • Update only. Update records.

Editing the integration details

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make your changes.

Editing the credential details

If you selected Cloud as the installation type, choose one of the following options:

  • Select the credentials that were created for the integration.
  • Edit the credentials that were created for the integration.
  • Create new credentials

Scheduling the integration

By default, data is synced once every day. Change the interval or the time so that the data is streamed when your system isn't busy.

  1. Click Edit edit_black_pencil_icon.svg.
  2. Make and save your changes.

Mapping fields to Oomnitza

To map the fields to Oomnitza, click Edit edit_black_pencil_icon.svg.

 cog_red_dot_small_icon.svg Selecting Edit integration to add rules for syncing data. small_blue_link.svg Filtering integration results.  
 

You can add new fields to your integration by selecting Add new field  add_grey_rectangel_icon.svg on the mapping page. 
small_blue_link.svg Creating custom API fields. 

Creating custom mappings

Map the LastPass fields to Oomnitza fields and create custom mappings to get the user information that you need.

Important
You must create custom mappings for the following date fields:
- Created
- Last Login
- Last Password Change
To make the labels are more readable, you change the names of the Created field to LastPass Users Created, the name of the Last Login field to LastPass Users Last Login, and the name of the Last Password Change field to LastPass Users Last Password Change. Make sure that the data type for these fields is set to short text.

Create custom fields

Create custom mappings to map the LastPass fields to Oomnitza:

  1. Click the down arrow on the field that you want to map.
  2. Select Add new Oomnitza users field.
  3. Change the name of the field.
  4. Click CREATE

Mandatory mappings

  1. Ensure that the Username field is mapped to the
    1. Username field on the Oomnitza side (required for integration).
    2. Email field on the Oomnitza side (required for integration).
  2. Select the Role field on the Oomnitza mapping side.
  3. Choose a suitable role from the list (a defined role is necessary for the integration)
  4. Assign a sync key to a unique field, such as the Email.
  5. Click UPDATE.

Custom LastPass to Oomnitza mappings

The following LastPass fields can be mapped to Oomnitza:

Admin
Applications
Attachments
Created
Disabled
Duo Username
Formfills
Fullname
Last Login
Last Password Change
MP Strength
Never Logged In
Notes
Password Reset Required
Sites
Totalscore
User Load Connector Sync Time
Username

Launching the integration

Your integration is in Draft mode until the required mandatory fields are added. When added, click Launch to activate your integration. 

small_blue_link.svg If you selected Cloud as the installation type when creating the integration, see Running an extended integration

small_blue_link.svg If you selected Local as the installation type when creating the integration, see Running an extended integration locally.

Viewing data ingested by Oomnitza

Viewing ingested asset data

For asset integrations, click Hardware. If the asset integration also ingests software data, click Software.

Viewing ingested user data

For user integrations, click People. If you chose the option to ingest User and SaaS user data, click Software > SaaS, click the SaaS app, and then click the Users tab. 

Related Links

Create workflows

To reduce your workload and automate complex and repetitive tasks, you can use the following API presets:   

  • Deactivate user
  • Delete user
  • Change master password and reset password
  • Re-invite user
  1. Click Configuration > Workflows 
  2. Click Add (+) and select Software SaaS Users from the list.
  3. Enter the name and a description of the workflow. 
  4. Edit the Begin block by choosing a schedule and adding the rules that will trigger the workflow. For example, add the rule Name equals LastPass, and a rule to trigger the workflow.
  5. Click the Blocks tab, and  drag and drop the API block onto the canvas.
  6. Click the Edit button.
  7. Enter LastPass in the search field and and choose one of the following presets:
    • LastPass Deactivate User
    • LastPass Delete User
    • LastPass Master Password Change
    • LastPass Re-invite User
    • LastPass Reset Password 
  8. Make your changes. You'll be prompted to select your credentials, enter your CID (LastPass account number), your provisioning hash (API secret), and your username.
  9. Click SAVE.
  10. Connect the blocks.
  11. Save, validate, and activate your workflow.

articles_icon.svg Reference articles for workflows

SaaS User Role Retrieval

  1. Click Configuration > Workflows 
  2. Click Add (+) and select Software SaaS Users from the list.
  3. Enter the name of the workflow and a description.
  4. Edit the Begin block. For example, you can complete these actions:
    • Create a schedule for running the workflow.
    • Use a rule to identify the SaaS software such as Name equals LastPass.
    • Add rules to trigger the workflow. For example, you can add a rule to deactivate users who haven't logged in for a specified period. 
  5. From the Integrations section, drag and drop the SaaS User Role Retrieval block onto the canvas.
  6. Edit the SaaS User Role Retrieval block.
    1. To find the preset, type LastPass.
    2. Click the right arrow (>) next to LastPass User Role.
    3. Select your credentials and enter your LastPass CID and API secret. (The API secret is also known as the provisioning hash in LastPass).
  7. Connect the workflows.
  8. Save, validate, and activate your workflow.

To view active LastPass users in the SaaS Users UI, complete the following steps:

  1. Click Software from the menu.
  2. Select the SaaS tab, and select your software entry for LastPass.
  3. Click Users in the side pane.           
  4. The Last visit column will be populated with that the user details to confirm that this user has been found in your LastPass SaaS. 

Note
No role information is retrieved using the LastPass User Role preset. Instead, all active users are assigned a default "Users" role.

Reference articles for creating workflows

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets, learn how to:

      • Configure dashboards for your users and software
      • Configure custom reports about your users and software
      • Create workflows to automate tasks

small_blue_link.svg Getting started

Related articles

Comments

0 comments

Please sign in to leave a comment.