Merge kinde-oss/david/update/lastpass

onderay · web-flow · commit 176cd3ef22f2 · 2025-10-23T16:53:57.000+11:00
diff --git a/src/content/docs/authenticate/enterprise-connections/lastpass-sso.mdx b/src/content/docs/authenticate/enterprise-connections/lastpass-sso.mdx
@@ -66,10 +66,7 @@ You can make a connection available only to a specific organization, or you can
 
 1. Enter a name for the connection. It should match the connection name in LastPass.
 2. Enter a random string value for Entity ID, for e.g. `870sa9fbasfasdas23aghkhc12zasfnasd`.
-3. Enter the **IdP metadata URL**. This URL comes from your identity provider.
-
-   ![optional fields for saml](https://imagedelivery.net/skPPZTHzSlcslvHjesZQcQ/4f1851db-5c34-496b-ced1-07c1cd272b00/public)
-
+3. You will need to create a url to host the data for the **IdP metadata URL**. Details on the content for this file are provided by LastPass covered in Step 3.
 4. Enter a **sign in URL** if your IdP requires a specific URL.
 5. If you want, select the **Sign request algorithm** and **Protocol binding**. The options you choose will depend on what your identity provider prefers or requires.
 6. Select `Email` as the **Name ID** format. This helps identify and link user identities between your IdP and Kinde. 
@@ -116,8 +113,7 @@ View the [LastPass docs](https://support.lastpass.com/s/document-item?language=e
 
 10. Enter a **Name** and select which groups will be able to sign in using this SSO connection.
 11. At the top of the **Configuration section** select **Export SAML IdP Metadata**.
-12. Select Copy or download, then select **OK**.
-
+12. Select **Copy** or **Download**, then select **OK**. Copy this data to a self-hosted public URL—for example, a [GitHub Gist](https://docs.github.com/en/get-started/writing-on-github/editing-and-sharing-content-with-gists/creating-gists/).
     ![Configure application in LastPass](https://imagedelivery.net/skPPZTHzSlcslvHjesZQcQ/bf384b65-ff19-490d-974d-34d807519700/public)
 
 13. In the **Service Provider entity ID** field, enter the random ID you generated for the **Entity ID** in Kinde.
@@ -127,28 +123,18 @@ View the [LastPass docs](https://support.lastpass.com/s/document-item?language=e
 
     ![Custom attributes in LastPass](https://imagedelivery.net/skPPZTHzSlcslvHjesZQcQ/cd749576-b884-42e9-d7cb-caf6bca32400/public)
 
-17. Select **View key** under the **Key field**.
-18. Copy the key. You will need this to finishe setting up the Kinde connection.
-19. Make sure the **Service is enabled** option is selected.
-20. Select **Save**.
+17. Make sure the **Service is enabled** option is selected.
+18. Select **Save**.
 
 ## Step 4: Finish setting up your LastPass connection in Kinde
 
-<Aside>
-
-Important: You need to host the signing certificate as an XML file with a third-party provider, or use [a GitHub Gist](https://gist.github.com/cecilemuller/9492b848eb8fe46d462abeb26656c4f8/)) and then use the URL in the **Signing certificate**  field at step 4, below.
-
-</Aside>
-
 1. Open the connection in Kinde. Go to **Organization > Authentication** or via **Settings > Authentication**.
-2. In the **IdP metadata URL** field paste the **IDP Entity ID** you copied from LastPass.
+2. In the **IdP metadata URL** use the self-hosted url created in step 3.12.
 3. In the **Sign-in URL** field paste the **Single Sign-on URL** you copied from LastPass.
-4. In the **Signing certificate** field paste the URL to the IdP metadata XML file where the certificate is stored, e.g. a Gist URL. 
-5. In the **Private key** field paste in the **Key** you copied from LastPass.
-6. Switch on the connection. This will make it instantly available to users if this is your production environment.
+4. Switch on the connection. This will make it instantly available to users if this is your production environment.
    1. For environment-level connections, scroll down and select the apps that will use the auth method.
    2. For organization-level connections, scroll down and select if you want to switch this on for the org. Note that it will be automatically available for all apps if you choose this option.
-7. Select **Save**.
+5. Select **Save**.
 
 Test the connection works by trying to sign in to your test environment using this method. 
 Re-test when you deploy the option to users. 
