Steps to configure SAML SSO for Slack
About Slack
Slack is a comprehensive productivity platform designed to enhance team collaboration and streamline workflows. It offers a flexible communication environment where users can chat and share files, and engage in live discussions.
The following steps will help you enable single sign-on (SSO) for Slack from Identity360.
Prerequisites
- The MFA and SSO license for Identity360 is required to enable SSO for enterprise applications. For more information, refer to pricing details.
- Log in to Identity360 as an Admin or Super Admin.
- Navigate to Applications > Application Integration > Create New Application, and select Slack from the applications displayed.
Note: You can also find Slack from the search bar located at the top.
- Under the General Settings tab, enter the Application Name and Description.
- Under Choose Capabilities tab, choose SSO and click Continue.
General settings of SSO configuration for Slack
- Under Integration Settings, navigate to the Single Sign On tab and click Metadata Details. Copy the Login URL, Issuer URL, and Signing Certificate values, which will be used later during the configuration of Slack.
Integration Settings of SSO configuration for Slack
Slack (service provider) configuration steps
- Log into Slack as a workspace admin.
- From the menu bar on the left side, navigate to Settings & permissions → Authentication.
- Next to SAML authentication, click Configure.
Authentication settings of SAML configuration in Slack
- In the SAML 2.0 Endpoint (HTTP) and Identity Provider Issuer fields, enter the Login URL and Issuer URL copied from step 6 of prerequisites.
- In the Public Certificate field, paste the Signing Certificate value copied from step 6 of prerequisites.
SAML configuration details in Slack
- If you want to customize the Sign In Button Label, then enter a name for the button.
- Click Save Configuration.
Sign-in button customization in Slack
Identity360 (identity provider) configuration steps
- Switch to Identity360's SSO configuration page for Slack.
- Enter the workspace name of your Slack account, which can be found on the sidebar of Slack.
- Enter the Relay State parameter, if necessary.
Note: Relay State is an optional parameter used with a SAML message to remember where you were or direct you to a specific page after logging in.
- Click Save.
Integration Settings of SSO configuration for Slack
- To learn how to assign users to one or more applications, refer to this page.
Your users should now be able to sign in to Slack through the Identity360 portal.
Note: For Slack, both SP-initiated and IdP-initiated flows are supported.
Steps to enable MFA for Slack
Setting up MFA for Slack using Identity360 involves the following steps:
- Set up one or more authenticators for identity verification when users attempt to log in to Slack. Identity360 supports various authenticators, including FIDO2 passkeys, Google Authenticator, and email-based verification codes. Click here for steps to set up the different authenticators.
- Integrate Slack with Identity360 by configuring SSO using the steps listed here.
- Now, activate MFA for Slack by following the steps mentioned here.
How does MFA for applications work in Identity360?