Lastpass: How to get autofill working with native authentication?

Return to top
Have more questions? Submit a request

14 Comments

  • JeremyBiron

    This doesn't work because LastPass won't pull up the password associated with the host-mapped domain.

    0
  • Adam L.

    Hi Jeremy, 

    This is an older tip - you're correct.  If you're host-mapped, we no longer authenticate you against the .zendesk.com domain (this dates back to when all Support agents needed to auth against .zendesk.com).  

    If you associate your LastPass to your host-mapped URL, it should now work as expected. 

    0
  • Kevin Taber

    Even using my host-mapped URL it is not working for me.

     

    Added 2 URLs:

    https://support.mydomain.com

    https://mycompany.zendesk.com

     

    Always get this prompt and it never auto-fills:

    0
  • Amie Brennan

    Hi Kevin,

    Thanks for the updates on this. I've seen this happen before myself with another piece of software I use and Lastpass wasn't filling in the login fields for me when I clicked on it to do so. I later discovered that I needed to install the LastPass web browser extension for the clicking action to work properly and the fields become filled out. 

    Are you able to confirm if you have the LastPass web browser extension installed on your browser? If not, are you able to please try installing the extension and then giving this another go from there? Hopefully that will do the trick for you and the fields will autofill like you are looking for. :)

    Best,

    Amie

    0
  • Martin MacDonald

    Greetings,

    I would like to share that I have the same experience.  I do have the LastPass extension installed in FireFox and Chrome.  I experience the same behavior, I must search out my password and paste it in the field.

    I have several Zendesk accounts.  My company uses Zendesk for our support tickets, I am an agent there.  A company we represent uses Zendesk to track issues, I am a User there.  Nixplay uses Zendesk, I am a User on their instance, the list goes on.

    Anyway, it is just very tricky.  I would love to know exactly which URL I should place in my LastPass entries so autofill would work.

    Thanks in advance.

    Marty

    0
  • Kevin Taber

    Amie, I use the Chrome extension.

    0
  • Nataliya Pavlova

    Hi Martin,

    I opened a new ticket for you and you will receive a reply by email.

    Thanks,
    Nataliya

    0
  • Jessie Schutz
    Zendesk team member

    Hi Martin!

    In my test account, I just have subdomain.zendesk.com entered in LastPass (Chrome extension), and it autofills my credentials there with no problem. I double checked and verified that Chrome's native password manager was disabled, as well.

    Have you checked to make sure that your browsers and the extensions are all up to date? That's the only thing I can think of...otherwise, do you use SSL or any two-factor authentication for any of those accounts?

     

    0
  • Martin MacDonald

    Hi Jessie,

    Thanks Nataliya for opening the ticket.

    Jessie - A few factors to share. I use Firefox more these days than Chrome. I have everything up to date. I do have numerous zendesk.com subdomains with which I interact. I have recorded a video and uploaded it to Google Drive. The link is below. I am less concerned about autofill than I am just being able to fill in the webpage at all from LastPass. Also, please understand that I am not sure this is "your issue". It may be a LastPass issue. I do appreciate the help and the time to look at the issue.

    Here is the video.
    https://drive.google.com/open?id=1MzPAE1RHW_kvP5CNBFkHlrB0siUe3F4L

    I look forward to your thoughts and direction.

    With regards,
    Marty

    0
  • Jessie Schutz
    Zendesk team member

    Hey Marty!

    Based on my own experience I feel like it might be a LastPass thing. I watched your video and I've had the exact same thing happen on other sites (not Zendesk). But hopefully Nataliya will be able to help you get it nailed down!

    0
  • Brett Postin

    I have been frustrated with this for a while so decided to investigate. 

    LastPass will be blocking the auto-fill as the domain you are accessing to login to zendesk does not match the domain the login widget seems to be served from. If you open your browser devtools (F12) you will see a console error.

    In my case i was accessing support.[company].co.uk whilst the login widget was served from [company].zendesk.com. LastPass rightly protects you against this.

    I don't know if this is a misconfiguration on my companies part (I don't control this) or a flaw with how the login widget is implemented in Zendesk so it would be great for any clarification.

    However you can work around this by:

    1. Adding equivalent domains in LastPass. See here.
    2. Adding a LastPass entry for the domain serving the login widget.
    3. Clearing your LastPass browser extension cache.

    Hope this helps.

    1
  • Martin MacDonald

    Thank you @brett!!! That worked for me.

    0
  • Ricardo
    Zendesk Community Team

    Hello @Brett,

    We have updated the article as per your feedback.

    Thank you for that.

    0
  • Max Mueller

    Hi,

    While @Brett's suggestion will work, there is an inherent security hole here. The first step of the suggestion is to use "Equivalent Domains", and unfortunately LastPass does not support *subdomain* equivalence, just domain equivalence.

    Therefore, you have to set a rule that zendesk.com is equivalent to [company].com (rather than being able to set a rule that [company].zendesk.com is equivalent to support.[company].com).

    Several companies use Zendesk as their support tool and therein lies the security issue. Say that you use another company's Zendesk for support as well. Well, now you need to set the equivalence rule such that zendesk.com is equivalent to company.com AND company2.com.

    Now, say that there is a nefarious actor at company.com that wants to intercept user's Zendesk credentials for [company2].com. There is nothing stopping (I think?) support.[company].com to serve, on their support login page, a login prompt "from" support.[company2].com. If you have exact URL matching turned on, then your credentials for [company2] will be fulled into the prompt, but will be sent to [company].

    I think this is all correct (this issue was described on an old LastPass thread which was never really resolved https://forums.lastpass.com/viewtopic.php?f=12&t=280565), but I could be wrong.

    I don't think there's anything for Zendesk to do, just wanted to explain the issue.

    -Max

    0

Please sign in to leave a comment.

Powered by Zendesk