Hi there, we already use the provisioning feature in Azure AD to sync accounts to LastPass but I want to turn on SSO as well. Is there any risk of overwriting user data in the LastPass vault when we turn on SSO? I just need to make sure existing data is preserved for each user account that already exists in LastPass.
Edited to add this sentence: I added this sentence.
No. We had the same configuration, we started with provisioning and have moved on to federation with SSO, when you enable users for federation keep in mind they will get prompted to change their master password but if everything goes well, it doesn't require one and will just activate with no password and that sets them as federated.
Worst case is if you don't notify your users they will be confused and unable to access their data during the transition. I make sure to get confirmation and guide them through it as we convert them.