Start Building

LastPass Developer Documentation

Show/hide navigation

Users Provisioning API

This document offers instructions for consuming the LastPass Users provisioning API. 

Since all the following endpoints are secured by Public Key cryptography in addition to the default TLS, you need to study the ‘Encryption’ part first.

All the requests need to be formatted as base64 and put inside “Request.Payload” parameter. All the responses need to be extracted from the decrypted “Response.Value.Payload”

Here is the list of all methods:

POST /GetUsers

Returns list of existing users’ email addresses and the total count of all the users from LastPass directory based on pagination attributes. 

Example Request and Response in JSON:

Attribute Type Description
Size* Integer Number of users on each page
Offset* Integer Offset number

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description
Value.Items Array of String Array of users emails
Value.Total Integer Total users count

POST /AddUser

Adds a user to the LastPass directory.

Example Request and Response in JSON:

Attribute Type Description
Email* String Email address. Unique identifier of the user in the entire LastPass directory.
Secondary Email String

Secondary email address. This attribute does not need to be unique and can be the same as the main Email. It will be used to send the invitation email to the user.

FirstName* String First name
LastName* String Last name
PhoneNumber String Phone number
EmployeeID String Employee ID
Department String Employee department
Description String Description
SamAccountName String Active Directory SAM Account Name
OU String Organizational Unit
Attributes Array Custom attributes

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /EditUser

Edits an existing user in LastPass directory. 

Example Request and Response in JSON:

Attribute Type Description
Email* String Email address
SecondaryEmail String Secondary email address
FirstName* String First name
LastName* String Last name
PhoneNumber String Phone number
EmployeeID String Employee ID
Department String Employee department
Description String Description
SamAccountName String Active Directory SAM Account Name
OU String Organizational Unit
Attributes Array Custom attributes

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /DeleteUser

Deletes a user in LastPass directory. It takes the user’s primary email as a parameter.

Example Request and Response:

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /SuspendUser

Suspends an existing user in LastPass Directory. It takes the user’s primary email as a parameter.

Example Request and Response:

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /ReactivateUser

Activate a user. It takes the user’s primary email as a parameter.

Example Request and Response:

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /IsUserExists

Checks if a user exists. It takes the user’s primary email as a parameter.

Example Request and Response:

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /ResendActivationEmail

Resends the activation email. It takes the user’s primary email as a parameter.

*Please note that it deactivate user’s account, therefore that specific user cannot log in anymore.

Example Request and Response:

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Success message or error description

POST /UsersLog

Returns users authentication logs.

Example Request and Response in JSON:

Attribute Type Description
From Datetime Indicates the beginning date of the period
To Datetime Indicates the end date of the period  
Offset* Integer Offset count
Count* Integer Size of each page

Response payload contains a list of login events.

Attribute Type Description
Count* Integer Total count of returned  auth logs
Total* Integer Total count of existing logs
Offset* Integer Offset count
Items* Array  Array of auth logs

POST /QRCode

Get user activation QR code data. QR code data – string that can be used to generate QR code to pair user’s phone. This request will also inactivate user.

Example Request and Response in JSON:

Attribute Type Description
Email* String User’s email for QR code generation
LockPhone* Boolean Value indicating whenever the need to lock current user’s phone

Attribute Type Description
Succeeded* Boolean True if request processing is successful
Message* String Error description
Value String Data for QR code generation.

 

Copyright@2020LogMeIn, Inc. All Rights Reserved