openapi: 3.0.4 info: title: LastPass API version: 1.0.0 termsOfService: https://www.lastpass.com/legal-center/developer-terms description: | The LastPass API enables programmatic management of your organization’s LastPass entities — users, roles (admin levels), and managed (child) companies for Managed Service Providers (MSPs) — supporting lifecycle operations (create, read, update, delete), invitations, and reporting. **Where to obtain key:** Generate in the LastPass **Admin Console → Advanced → LastPass API**. To learn about how you can create an API key for the LastPass API for your account and managed account(s), refer to the related [support article](https://link.lastpass.com/rest-api-reset-key). **Resources:** - **Users** — Create, retrieve, update, delete, and invite users within your company. - **Admin levels** — Define and manage role-based access control (RBAC) levels and assign users to them. - **Managed companies** — Manage child companies in an MSP (Managed Service Provider) hierarchy. - **Managed companies users** — Manage users within child companies in an MSP hierarchy. - **Managed companies admin levels** — Manage role-based access control (RBAC) levels within child companies in an MSP hierarchy. - **Managed companies reports** — Access billing cycles, billing reports, and admin user reports across managed companies. **Common patterns:** - Paginated list responses use `max-results` and `page-token` to set maximum number of results per page and to identify page break, respectively. - Sorting via `sort` query param (e.g. `name:asc`, `id:desc`). - Full-text search on string fields (e.g. `name`, `email`) uses `%` as a wildcard (e.g. `%name%`, `name%`). - Async operations (e.g. create managed company) return `202 Accepted`. - Errors follow the `ProblemDetails` schema (RFC 9457). **HTTP status code summary:** | Code | Message | Reason | |------|---------|-------------------| | 200 | OK | Request succeeded | | 201 | Created | Resource created successfully | | 202 | Accepted | Async operation queued; poll for result | | 204 | No Content | Request succeeded; no body returned | | 400 | Bad Request | Invalid payload or parameters | | 401 | Unauthorized | Missing or invalid API key | | 402 | Subscription Expired | Subscription has expired | | 403 | Forbidden | Authenticated but insufficient permissions | | 404 | Not Found | Resource does not exist | | 409 | Conflict | Request conflicts with current state | | 415 | Unsupported Media Type | Request body content type not supported | | 422 | Unprocessable Content | Request is well-formed but contains semantic errors | | 429 | Too Many Requests | Rate limit exceeded | | 500 | Internal Server Error | Unexpected server-side failure | servers: - url: https://api.lastpass.com/business security: - ApiKey: [] tags: - name: Users description: Create, retrieve, update, delete, and invite users within your company. - name: Admin levels description: Define and manage role-based access control (RBAC) levels and assign users to them. - name: Managed companies description: Manage companies in a Managed Service Provider (MSP) hierarchy. - name: Managed companies users description: Manage users within child companies in an MSP hierarchy. - name: Managed companies admin levels description: Manage role-based access control (RBAC) levels within child companies in an MSP hierarchy. - name: Managed companies reports description: Access billing cycles, billing reports, and admin user reports across managed companies. paths: /v1/users: get: summary: List users description: Returns a paginated list of users in the company. Supports filtering by name, email, and account status, and sorting by multiple fields. operationId: listUsers tags: - Users parameters: - name: max-results in: query description: The number of elements to retrieve. required: false schema: type: integer format: int32 default: 10 minimum: 1 maximum: 500 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. required: false schema: type: string - name: sort in: query description: Sort the resource collection according to client criteria. required: false schema: type: string examples: id:asc: summary: id:asc value: id:asc id:desc: summary: id:desc value: id:desc name:asc: summary: name:asc value: name:asc name:desc: summary: name:desc value: name:desc account-status:asc: summary: account-status:asc value: account-status:asc account-status:desc: summary: account-status:desc value: account-status:desc email:asc: summary: email:asc value: email:asc email:desc: summary: email:desc value: email:desc - name: name in: query description: Full-text search on the full name of the user. required: false schema: type: string examples: name%: summary: name% value: name% '%name%': summary: '%name%' value: '%name%' '%name': summary: '%name' value: '%name' '%first%second%': summary: '%first%second%' value: '%first%second%' - name: account-status in: query required: false schema: $ref: '#/components/schemas/CompanyUserAccountStatus' - name: email in: query description: Full-text search on the email of the user. required: false schema: type: string examples: email%: summary: email% value: email% '%email%': summary: '%email%' value: '%email%' '%email': summary: '%email' value: '%email' '%first%second%': summary: '%first%second%' value: '%first%second%' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUsersCollection' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' post: summary: Create user description: Creates a new user account in the company with the provided details. operationId: createUser tags: - Users parameters: [] requestBody: description: New user account details required: true content: application/json: schema: $ref: '#/components/schemas/UserAccountCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/users/{user-id}: get: summary: Get user description: Returns the details of the user identified by 'user-id'. operationId: getUser tags: - Users parameters: - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' patch: summary: Partially update user description: Applies a partial update to the user's account, modifying only the fields provided in the request body. operationId: partiallyUpdateUser tags: - Users parameters: - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 requestBody: description: User account details required: true content: application/json: schema: $ref: '#/components/schemas/CompanyUserUpdate' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '415': $ref: '#/components/responses/UnsupportedMediaType' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' delete: summary: Delete user description: Permanently removes the specified user account from the company. operationId: deleteUser tags: - Users parameters: - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '204': $ref: '#/components/responses/NoContent' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/invites: post: summary: Invite user description: Sends an invitation to the specified user, prompting them to activate their LastPass account. operationId: inviteUser tags: - Users parameters: [] requestBody: description: User to invite required: true content: application/json: schema: $ref: '#/components/schemas/InviteCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/admin-levels: get: summary: List admin levels description: Returns a paginated list of admin levels for the company. Supports filtering by name. Can be sorted. operationId: listAdminLevels tags: - Admin levels parameters: - name: sort in: query description: Sort the resource collection according to client criteria. required: false schema: type: string examples: name:asc: summary: name:asc value: name:asc name:desc: summary: name:desc value: name:desc - name: name in: query description: Full-text search on the name of the admin level. schema: type: string examples: name%: summary: name% value: name% '%name%': summary: '%name%' value: '%name%' '%name': summary: '%name' value: '%name' '%first%second%': summary: '%first%second%' value: '%first%second%' - name: max-results description: The number of elements to retrieve. in: query schema: type: integer format: int32 default: 10 minimum: 1 maximum: 50 - name: page-token description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. in: query schema: type: string responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelManagementPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/admin-levels/{admin-level-id}: get: summary: Get admin level description: Returns the full details of a single admin level identified by its ID. operationId: getAdminLevel tags: - Admin levels parameters: - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelManagement' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/admin-levels/{admin-level-id}/users: get: summary: List admin level users description: Returns a paginated list of users assigned to the specified admin level. operationId: listAdminLevelUsers tags: - Admin levels parameters: - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. schema: type: string - name: max-results in: query description: The number of elements to retrieve. schema: type: integer format: int32 default: 10 minimum: 1 maximum: 50 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelUserPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' post: summary: Add user to admin level description: Assigns the specified user to the given admin level, granting them the associated administrative permissions. operationId: addUserToAdminLevel tags: - Admin levels parameters: - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 requestBody: description: User to assign to the admin level required: true content: application/json: schema: $ref: '#/components/schemas/AdminLevelUserCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/AdminLevelAddUserResponse' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/admin-levels/{admin-level-id}/users/{user-id}: delete: summary: Remove user from admin level description: Removes the specified user from the given admin level, revoking the associated administrative permissions. operationId: removeUserFromAdminLevel tags: - Admin levels parameters: - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '204': $ref: '#/components/responses/NoContent' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies: get: summary: List managed companies description: Returns a paginated list of managed companies. Supports filtering by parent ID, name, license limit, status, type, and add-ons, and sorting by multiple fields. operationId: listManagedCompanies tags: - Managed companies parameters: - name: max-results in: query description: The number of elements to retrieve. required: false schema: type: integer format: int32 default: 10 minimum: 1 maximum: 500 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. required: false schema: type: string - name: sort in: query description: Sort the resource collection according to client criteria. required: false schema: type: string examples: id:asc: summary: id:asc value: id:asc id:desc: summary: id:desc value: id:desc name:asc: summary: name:asc value: name:asc name:desc: summary: name:desc value: name:desc license-limit:asc: summary: license-limit:asc value: license-limit:asc license-limit:desc: summary: license-limit:desc value: license-limit:desc parent-id:asc: summary: parent-id:asc value: parent-id:asc parent-id:desc: summary: parent-id:desc value: parent-id:desc status:asc: summary: status:asc value: status:asc status:desc: summary: status:desc value: status:desc type:asc: summary: type:asc value: type:asc type:desc: summary: type:desc value: type:desc - name: parent-id in: query description: Filter companies based on the parent company ID. Returns the specified company and all of its managed companies in the organizational hierarchy. required: false schema: type: integer format: int64 - name: name in: query description: Full-text search on the full name of the company. required: false schema: type: string examples: name%: summary: name% value: name% '%name%': summary: '%name%' value: '%name%' '%name': summary: '%name' value: '%name' '%first%second%': summary: '%first%second%' value: '%first%second%' - name: license-limit in: query description: Filter by license limit. required: false schema: type: string examples: '[minValue:maxValue]': summary: '[minValue:maxValue]' value: '[minValue:maxValue]' '[:maxValue]': summary: '[:maxValue]' value: '[:maxValue]' '[minValue:]': summary: '[minValue:]' value: '[minValue:]' - name: status in: query description: Filter by managed company status. Pass multiple values as a comma-separated list (e.g. `active,suspended`). required: false explode: false schema: type: array items: $ref: '#/components/schemas/ManagedCompanyStatus' - name: type in: query description: Filter by managed company type. Pass multiple values as a comma-separated list (e.g. `msp,managed-msp`). required: false explode: false schema: type: array items: $ref: '#/components/schemas/ManagedCompanyType' - name: addon in: query description: Filter by add-ons. Pass multiple values as a comma-separated list (e.g. `mfa,sso`). explode: false required: false schema: type: array items: $ref: '#/components/schemas/ManagedCompanyAddon' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/ManagedCompaniesCollection' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' post: summary: Create managed company description: Creates a new managed company under the current MSP account. Returns `202 Accepted` as provisioning is asynchronous. operationId: createManagedCompany tags: - Managed companies parameters: [] requestBody: description: New managed company details required: true content: application/json: schema: $ref: '#/components/schemas/ManagedCompaniesCreate' responses: '202': description: Accepted content: application/json: schema: $ref: '#/components/schemas/AcceptedRequest' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '415': $ref: '#/components/responses/UnsupportedMediaType' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}: get: summary: Get managed company description: Returns the full details of the specified managed company. operationId: getManagedCompany tags: - Managed companies parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/ManagedCompany' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' put: summary: Update managed company description: Replaces all updatable fields of the specified managed company with the values provided. Returns `202 Accepted` as the update is processed asynchronously. operationId: updateManagedCompany tags: - Managed companies parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 requestBody: description: Managed company details required: true content: application/json: schema: $ref: '#/components/schemas/ManagedCompaniesUpdate' responses: '202': description: Accepted content: application/json: schema: $ref: '#/components/schemas/AcceptedRequest' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' patch: summary: Partially update managed company description: Partially updates the managed company. Accepts the same fields as PUT, but only updates those included in the request body. The company name cannot be updated via this endpoint. Returns `202 Accepted` as the update is processed asynchronously. operationId: partiallyUpdateManagedCompany tags: - Managed companies parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 requestBody: description: Managed company details required: true content: application/json: schema: $ref: '#/components/schemas/ManagedCompaniesUpdate' responses: '202': description: Accepted content: application/json: schema: $ref: '#/components/schemas/AcceptedRequest' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' delete: summary: Detach managed company description: Detaches the specified company from its MSP parent, removing the managed relationship. operationId: detachManagedCompany tags: - Managed companies parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 responses: '204': $ref: '#/components/responses/NoContent' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/users: get: summary: List users of a managed company description: Returns a paginated list of users belonging to the specified managed company. Supports the same filtering and sorting options as the top-level users endpoint. operationId: listManagedCompanyUsers tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: max-results in: query description: The number of elements to retrieve. required: false schema: type: integer format: int32 default: 10 minimum: 1 maximum: 500 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. required: false schema: type: string - name: sort in: query description: Sort the resource collection according to client criteria. required: false schema: type: string examples: id:asc: summary: id:asc value: id:asc id:desc: summary: id:desc value: id:desc name:asc: summary: name:asc value: name:asc name:desc: summary: name:desc value: name:desc account-status:asc: summary: account-status:asc value: account-status:asc account-status:desc: summary: account-status:desc value: account-status:desc email:asc: summary: email:asc value: email:asc email:desc: summary: email:desc value: email:desc - name: name in: query description: Full-text search on the full name of the user. required: false schema: type: string examples: name%: summary: name% value: name% '%name%': summary: '%name%' value: '%name%' '%name': summary: '%name' value: '%name' '%first%second%': summary: '%first%second%' value: '%first%second%' - name: account-status in: query description: Filter by user account status. required: false schema: $ref: '#/components/schemas/CompanyUserAccountStatus' - name: email in: query description: Full-text search on the email of the user. required: false schema: type: string examples: email%: summary: email% value: email% '%email%': summary: '%email%' value: '%email%' '%email': summary: '%email' value: '%email' '%first%second%': summary: '%first%second%' value: '%first%second%' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUsersCollection' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' post: summary: Create user in a managed company description: Creates a new user account within the specified managed company. operationId: createManagedCompanyUser tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 requestBody: description: New user account details required: true content: application/json: schema: $ref: '#/components/schemas/UserAccountCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/users/{user-id}: get: summary: Get user in a managed company description: Returns the user details identified by the given ID within the managed company. operationId: getManagedCompanyUser tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' patch: summary: Partially update user in a managed company description: Applies a partial update to the user's account in the specified managed company, modifying only the fields provided in the request body. operationId: partiallyUpdateManagedCompanyUser tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 requestBody: description: User account details required: true content: application/json: schema: $ref: '#/components/schemas/CompanyUserUpdate' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' delete: summary: Delete user in a managed company description: Permanently removes the specified user account from the managed company. operationId: deleteManagedCompanyUser tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '204': $ref: '#/components/responses/NoContent' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/invites: post: summary: Invite user in a managed company description: Sends an invitation to the specified user within a managed company, prompting them to activate their LastPass account. operationId: inviteManagedCompanyUser tags: - Managed companies users parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 requestBody: description: User to invite required: true content: application/json: schema: $ref: '#/components/schemas/InviteCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/CompanyUser' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/admin-levels: get: summary: List admin levels for a managed company description: Returns a paginated list of admin levels defined for the specified managed company. Supports filtering by name and sorting. operationId: listManagedCompanyAdminLevels tags: - Managed companies admin levels parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: sort in: query description: Sort the resource collection according to client criteria. required: false schema: type: string examples: name:asc: summary: name:asc value: name:asc name:desc: summary: name:desc value: name:desc - name: name in: query description: Full-text search on the name of the admin level. schema: type: string examples: name%: summary: name% value: name% '%name%': summary: '%name%' value: '%name%' '%name': summary: '%name' value: '%name' '%first%second%': summary: '%first%second%' value: '%first%second%' - name: max-results in: query description: The number of elements to retrieve. schema: type: integer format: int32 default: 10 minimum: 1 maximum: 50 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. schema: type: string responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelManagementPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/admin-levels/{admin-level-id}: get: summary: Get admin level for a managed company description: Returns the full details of a single admin level within the specified managed company. operationId: getManagedCompanyAdminLevel tags: - Managed companies admin levels parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelManagement' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/admin-levels/{admin-level-id}/users: get: summary: List admin level users for a managed company description: Returns a paginated list of users assigned to the specified admin level within a managed company. operationId: listManagedCompanyAdminLevelUsers tags: - Managed companies admin levels parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. schema: type: string - name: max-results in: query description: The number of elements to retrieve. schema: type: integer format: int32 default: 10 minimum: 1 maximum: 500 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminLevelUserPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' post: summary: Add user to admin level in a managed company description: Assigns the specified user to the given admin level within a managed company, granting them the associated administrative permissions. operationId: addManagedCompanyUserToAdminLevel tags: - Managed companies admin levels parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 requestBody: description: User to assign to the admin level required: true content: application/json: schema: $ref: '#/components/schemas/AdminLevelUserCreate' responses: '201': description: Created content: application/json: schema: $ref: '#/components/schemas/AdminLevelAddUserResponse' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '415': $ref: '#/components/responses/UnsupportedMediaType' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies/{child-company-id}/admin-levels/{admin-level-id}/users/{user-id}: delete: summary: Remove user from admin level in a managed company description: Removes the specified user from the given admin level within a managed company, revoking the associated administrative permissions. operationId: removeManagedCompanyUserFromAdminLevel tags: - Managed companies admin levels parameters: - name: child-company-id in: path description: The ID of the managed company. required: true schema: type: integer format: int64 - name: admin-level-id in: path description: The ID of the admin level. required: true schema: type: integer format: int64 - name: user-id in: path description: The ID of the user. required: true schema: type: integer format: int64 responses: '204': $ref: '#/components/responses/NoContent' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '422': $ref: '#/components/responses/UnprocessableContent' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies-reports/admin-users: get: summary: Admin users description: Returns a paginated list of admin users across all child and grandchild companies of the current MSP account. operationId: listManagedCompaniesAdminUsers tags: - Managed companies reports parameters: - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. schema: type: string - name: max-results in: query description: The number of elements to retrieve. schema: type: integer format: int32 default: 10 minimum: 1 maximum: 500 responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/AdminUserReportPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies-reports/billing-cycles: get: summary: Billing cycles description: Returns the most recent billing cycles for the current company. The number of cycles returned is configurable between 1 and 12, defaulting to 1. operationId: listBillingCycles tags: - Managed companies reports parameters: - name: number-of-cycles in: query description: The number of billing cycles to retrieve. schema: default: 1 minimum: 1 maximum: 12 type: integer format: int32 responses: '200': description: OK content: application/json: schema: type: array items: $ref: '#/components/schemas/BillingCycle' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' /v1/managed-companies-reports/billing-reports: get: summary: Billing report description: | Returns paginated billing report records for child and grandchild companies within the specified date range. Supports filtering by license type. To retrieve a billing report for a specific billing cycle, first use the **Billing cycles** resource to fetch available cycles and use those dates as query parameters. operationId: listBillingReports tags: - Managed companies reports parameters: - name: start-date in: query description: Start of the billing report date range (inclusive). Must be in ISO 8601 date format. required: true schema: type: string format: date example: '2025-08-28' - name: end-date in: query description: End of the billing report date range (inclusive). Must be in ISO 8601 date format. required: true schema: type: string format: date example: '2025-08-28' - name: license-type in: query schema: $ref: '#/components/schemas/BillingReportLicenseType' - name: max-results in: query description: The number of elements to retrieve. schema: type: integer format: int32 default: 10 minimum: 1 maximum: 50 - name: page-token in: query description: Continuation token used to retrieve the next page from the collection of resources. This parameter should be set with the value returned as `nextPageToken`. schema: type: string responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/ManagedCompaniesBillingReportDataPagedResult' '400': $ref: '#/components/responses/BadRequest' '401': $ref: '#/components/responses/Unauthorized' '402': $ref: '#/components/responses/PaymentRequired' '403': $ref: '#/components/responses/Forbidden' '404': $ref: '#/components/responses/NotFound' '409': $ref: '#/components/responses/Conflict' '429': $ref: '#/components/responses/TooManyRequests' '500': $ref: '#/components/responses/InternalServerError' components: securitySchemes: ApiKey: type: apiKey in: header name: Authorization description: | Authenticate using your LastPass API key. Set the `Authorization` header to `api-key `. Example: `api-key lpkey_XXXXXXXXXXXX_YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY` Generate your API key in the LastPass Admin Console under **Advanced → LastPass API**. schemas: AcceptedRequest: properties: id: type: integer description: Unique identifier of the asynchronous request. url: type: string description: URL to poll the result of the asynchronous request. message: type: string description: Human-readable description of the accepted request. type: object AdminLevelAddUserResponse: required: - email - name type: object properties: id: type: integer format: int64 description: Unique identifier of the user. name: type: string nullable: true description: Full name of the user. email: type: string nullable: true description: Email address of the user. adminLevelId: type: integer format: int64 description: Unique identifier of the admin level assigned to the user. additionalProperties: false AdminLevelManagement: required: - name type: object properties: id: type: integer format: int64 description: Unique identifier of the admin level. name: type: string nullable: true description: Display name of the admin level. description: type: string nullable: true description: Optional description of the admin level. permissions: type: array items: $ref: '#/components/schemas/AdminLevelPermissions' nullable: true description: List of permissions granted to this admin level. managedCompaniesPermissions: type: array items: $ref: '#/components/schemas/ManagedCompaniesAdminLevelPermissions' nullable: true description: List of managed company permissions granted to this admin level. managedCompaniesAdminLevel: $ref: '#/components/schemas/ManagedCompaniesAdminLevelType' additionalProperties: false AdminLevelManagementPagedResult: required: - items type: object properties: nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. items: type: array items: $ref: '#/components/schemas/AdminLevelManagement' nullable: true description: List of admin levels in the current page. additionalProperties: false AdminLevelPermissions: type: string description: | An admin-level permission. - `view-adoption-dashboard` — View adoption dashboard. - `view-security-dashboard` — View security dashboard. - `view-managed-companies` — View managed companies. - `access-managed-companies-in-admin-console` — Access managed companies in Admin Console. - `add-managed-companies` — Add managed companies. - `suspend-managed-companies` — Suspend managed companies. - `detach-managed-companies` — Detach managed companies. - `manage-subscriptions` — Manage subscriptions. - `view-psa-settings` — View PSA settings. - `modify-psa-settings` — Modify PSA settings. - `view-users` — View users. - `add-and-edit-users` — Add and edit users. - `disable-and-activate-users` — Disable and activate users. - `delete-users` — Delete users. - `remove-users-from-company` — Remove user from company. - `invite-users-with-existing-last-pass-account` — Invite users with existing LastPass accounts. - `approve-or-reject-imported-users` — Approve or reject imported users. - `require-users-to-change-master-password` — Require users to change master password. - `destroy-user-sessions` — Destroy user sessions. - `manage-groups` — Manage groups. - `configure-directory-and-federated-login` — Configure directory and federated login. - `modify-mfa-and-registered-devices` — Modify MFA and registered devices. - `modify-advanced-sso` — Modify Advanced SSO. - `modify-advanced-mfa` — Modify Advanced MFA. - `view-shared-folders` — View shared folders. - `view-general-reports` — View general reports. - `view-site-login-activity-report` — View site login activity report. - `view-security-reports` — View security reports. - `unknown` — Unrecognized permission; may indicate a newer type not supported. enum: - view-adoption-dashboard - view-security-dashboard - view-managed-companies - access-managed-companies-in-admin-console - add-managed-companies - suspend-managed-companies - detach-managed-companies - manage-subscriptions - view-psa-settings - modify-psa-settings - view-users - add-and-edit-users - disable-and-activate-users - delete-users - remove-users-from-company - invite-users-with-existing-last-pass-account - approve-or-reject-imported-users - require-users-to-change-master-password - destroy-user-sessions - manage-groups - configure-directory-and-federated-login - modify-mfa-and-registered-devices - modify-advanced-sso - modify-advanced-mfa - view-shared-folders - view-general-reports - view-site-login-activity-report - view-security-reports - unknown AdminLevelUser: required: - email - name type: object properties: id: type: integer format: int64 description: Unique identifier of the user. name: type: string nullable: true description: Full name of the user. email: type: string nullable: true description: Email address of the user. additionalProperties: false AdminLevelUserCreate: required: - userId type: object properties: userId: type: integer format: int64 description: The ID of the user to assign. additionalProperties: false AdminLevelUserPagedResult: required: - items type: object properties: nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. items: type: array items: $ref: '#/components/schemas/AdminLevelUser' nullable: true description: List of users in the current page. additionalProperties: false AdminUserReport: required: - adminLevel - company - userEmail - userId type: object properties: userId: type: integer format: int64 description: Unique identifier of the user. userEmail: type: string nullable: true description: Email address of the user. adminLevel: $ref: '#/components/schemas/AdminUserReportAdminLevel' company: $ref: '#/components/schemas/AdminUserReportCompany' additionalProperties: false AdminUserReportAdminLevel: required: - id - name type: object properties: id: type: integer format: int64 description: Unique identifier of the admin level. name: type: string nullable: true description: Display name of the admin level. additionalProperties: false AdminUserReportCompany: required: - id - name type: object properties: id: type: integer format: int64 description: Unique identifier of the company. name: type: string nullable: true description: Name of the company. additionalProperties: false AdminUserReportPagedResult: required: - items type: object properties: nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. items: type: array items: $ref: '#/components/schemas/AdminUserReport' nullable: true description: List of admin user report entries in the current page. additionalProperties: false BillingCycle: required: - endDate - startDate type: object properties: startDate: type: string format: date description: Start date of the billing cycle (ISO 8601 date). endDate: type: string format: date description: End date of the billing cycle (ISO 8601 date). additionalProperties: false BillingReportAddon: type: string description: | An add-on activated for a managed company. - `mfa` — Multi-factor authentication. - `sso` — Single sign-on. enum: - mfa - sso BillingReportLicenseType: type: string description: | The license type of a company in a billing report. - `msp-distributor` — LastPass MSP distributor. - `managed-msp` — LastPass MSP managed company. - `msp-managed-company` — LastPass managed MSP. enum: - msp-distributor - managed-msp - msp-managed-company CompanyUser: properties: id: type: integer description: Unique identifier of the user. name: type: string description: Full name of the user. email: type: string description: Email address of the user. accountStatus: $ref: '#/components/schemas/CompanyUserAccountStatus' type: object CompanyUserAccountStatus: type: string description: | The current status of a company user account. enum: - enrolled - pending-invitation - expired-invitation - staged - disabled - awaiting-approval CompanyUsersCollection: properties: items: type: array items: $ref: '#/components/schemas/CompanyUser' description: List of users in the current page. nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. type: object CompanyUserUpdate: properties: name: type: string description: Updated full name of the user. type: object InviteCreate: required: - userId type: object properties: userId: type: integer format: int64 description: The ID of the user to invite. additionalProperties: false ManagedCompaniesAdminLevelPermissions: type: string description: | A permission for the managed companies admin level. - `view-adoption-dashboard` — View adoption dashboard. - `view-security-dashboard` — View security dashboard. - `view-users` — View users. - `add-and-edit-users` — Add and edit users. - `disable-and-activate-users` — Disable and activate users. - `delete-users` — Delete users. - `remove-users-from-company` — Remove user from company. - `invite-users-with-existing-last-pass-account` — Invite users with existing LastPass accounts. - `approve-or-reject-imported-users` — Approve or reject imported users. - `require-users-to-change-master-password` — Require users to change master password. - `destroy-user-sessions` — Destroy user sessions. - `manage-groups` — Manage groups. - `configure-directory-and-federated-login` — Configure directory and federated login. - `modify-mfa-and-registered-devices` — Modify MFA and registered devices. - `modify-advanced-sso` — Modify Advanced SSO. - `modify-advanced-mfa` — Modify Advanced MFA. - `view-shared-folders` — View shared folders. - `view-general-reports` — View general reports. - `view-site-login-activity-report` — View site login activity report. - `view-security-reports` — View security reports. - `unknown` — Unrecognized permission; may indicate a newer type not supported. enum: - view-adoption-dashboard - view-security-dashboard - view-users - add-and-edit-users - disable-and-activate-users - delete-users - remove-users-from-company - invite-users-with-existing-last-pass-account - approve-or-reject-imported-users - require-users-to-change-master-password - destroy-user-sessions - manage-groups - configure-directory-and-federated-login - modify-mfa-and-registered-devices - modify-advanced-sso - modify-advanced-mfa - view-shared-folders - view-general-reports - view-site-login-activity-report - view-security-reports - unknown ManagedCompaniesAdminLevelType: type: string description: | The admin level type for managed companies. enum: - none - custom - admin - super-admin - unknown ManagedCompaniesBillingReportData: required: - addons - licenseType - name type: object properties: id: type: integer format: int64 description: Unique identifier of the managed company. name: type: string nullable: true description: Name of the managed company. licenseType: $ref: '#/components/schemas/BillingReportLicenseType' addons: type: array items: $ref: '#/components/schemas/BillingReportAddon' nullable: true description: List of add-ons enabled for the managed company. dailyAverageLicenseCount: type: number format: float description: Average number of licenses used per day. parentId: type: integer format: int64 nullable: true description: Unique identifier of the parent company; null if top-level. additionalProperties: false ManagedCompaniesBillingReportDataPagedResult: required: - items type: object properties: nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. items: type: array items: $ref: '#/components/schemas/ManagedCompaniesBillingReportData' nullable: true description: List of billing report entries in the current page. additionalProperties: false ManagedCompaniesCollection: properties: items: type: array items: $ref: '#/components/schemas/ManagedCompany' description: List of managed companies in the current page. nextPageToken: type: string nullable: true description: Token to retrieve the next page; null if no further pages exist. type: object ManagedCompaniesCreate: properties: name: type: string description: Display name of the new managed company. licenseLimit: type: integer description: Maximum number of user licenses for the company. Only used for warning when reached. type: $ref: '#/components/schemas/ManagedCompanyType' addons: type: array items: $ref: '#/components/schemas/ManagedCompanyAddon' description: List of add-ons to enable for the company. parentId: type: integer nullable: true description: Unique identifier of the parent company; null if top-level. type: object ManagedCompaniesUpdate: properties: licenseLimit: type: integer description: Updated maximum number of user licenses. Only used for warning when reached. status: $ref: '#/components/schemas/ManagedCompanyStatus' addons: type: array items: $ref: '#/components/schemas/ManagedCompanyAddon' description: Updated list of add-ons for the company. type: object ManagedCompany: properties: id: type: integer description: Unique identifier of the managed company. parentId: type: integer description: Unique identifier of the parent company; null if top-level. name: type: string description: Display name of the managed company. licenseLimit: type: integer description: Maximum number of user licenses for the company. Only used for warning when reached. type: $ref: '#/components/schemas/ManagedCompanyType' addons: type: array items: $ref: '#/components/schemas/ManagedCompanyAddon' description: List of add-ons enabled for the company. status: $ref: '#/components/schemas/ManagedCompanyStatus' type: object ManagedCompanyStatus: type: string description: | The status of a managed company. - `active` — Will be billed for LastPass at the end of the month. - `suspended` — Won’t be billed for LastPass at the end of the month. enum: - active - suspended ManagedCompanyType: type: string description: | The type of a managed company. - `managed` — A standard managed company. - `managed-msp` — A managed service provider (MSP) managed by an MSP. enum: - managed - managed-msp ProblemDetails: properties: title: type: string nullable: true description: Short, human-readable summary of the problem type. status: type: integer nullable: true description: HTTP status code. detail: type: string nullable: true description: Human-readable explanation specific to this occurrence of the problem. instance: type: string nullable: true description: URI reference identifying the specific occurrence of the problem. errors: type: array nullable: true description: List of individual field-level validation errors, if applicable. items: $ref: '#/components/schemas/ProblemDetailsError' type: object ProblemDetailsError: properties: detail: type: string description: Human-readable description of the specific validation error. pointer: type: string description: JSON Pointer identifying the field in the request body that caused the error. type: object UserAccountCreate: properties: email: type: string description: Email address of the new user. name: type: string description: Full name of the new user. creationAccountAction: $ref: '#/components/schemas/UserAccountCreationAction' type: object UserAccountCreationAction: type: string description: | The action to take when creating a user account. - `invite` — Add the user to your LastPass organization and send them an activation email. Set their LastPass status to Pending invitation. - `stage` — Add the user to your LastPass organization, but don't notify them that their LastPass account has been created. Set their LastPass status to Staged, allowing admins to further configure the account before the user can gain access. enum: - invite - stage ManagedCompanyAddon: type: string description: | An add-on that can be enabled for a managed company. - `mfa` — Multi-factor authentication. - `sso` — Single sign-on. enum: - mfa - sso responses: BadRequest: description: Bad Request content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' Conflict: description: Conflict content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' Forbidden: description: Forbidden content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' InternalServerError: description: Internal Server Error content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' NoContent: description: No Content NotFound: description: Not Found content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' PaymentRequired: description: Subscription Expired content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' TooManyRequests: description: Too Many Requests content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' Unauthorized: description: Unauthorized content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' UnsupportedMediaType: description: Unsupported Media Type content: application/json: schema: $ref: '#/components/schemas/ProblemDetails' UnprocessableContent: description: Unprocessable Content content: application/json: schema: $ref: '#/components/schemas/ProblemDetails'