Would like to chime in without just saying me too.
We have also got the same problem when trying it in our AD FS environment.
Not sure if you guys have gotten further.
Been in contact with LastPass support who claim that status code 13 is basically translated to MissingEmailClaim. That is not strange since the Key chain fails so that no saml is acctually transmitted to lastpass servers.
The problem looking at the LastPassADFS log (located in ProgramData on AD FS server) for us though is that it cannot create a secure channel towards lastpass to get their part of the password
WebCall query: https://lastpass.com/lmiapi/federated/key?email=
Failed to get public key(s): System.Net.Http.HttpRequestException: An error occurred while sending the request. ---> System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
It also triggers a Schannel error TLS error code 40 (Handshake failure)
We have TLS 1.2 enabled which should work according to LastPass supporthttps://docs.microsoft.com/en-us/window ... s-in-ad-fs