Creating a Slack connection
Use a Slack connection to enable provisioning from PingOne to the Slack user directory.
Before you begin
Make sure that you have:
-
A Slack Workspace Owner account. For more information, see Types of roles in Slack.
-
The OAuth2 Access Token for the connected application. You can use the Ping Identity OAuth Configuration Service (OCS) to get the token. For more information, see Getting a Slack API access token.
You should review the provisioning information in the Slack documentation. For more infomration, see Manage members with SCIM Provisioning.
Steps
-
Go to Integrations → Provisioning.
-
Click and then click New connection.
-
On the Identity Store line, click Select.
-
Click Slack, click Select, and then click Next.
-
Enter a name and description for this provisioning connection.
The connection name appears in the provisioning list after you save the connection.
-
Click Next.
-
On the Configure authentication panel, in the OAuth2 Access Token field, enter the access token from Slack for the connected application.
You can use the Ping Identity OAuth Configuration Service (OCS) to get the token. For more information, see Getting a Slack API access token.
-
Click Test connection to verify that PingOne can establish a connection to Slack.
Result:
If there are any issues with the connection, a Test Connection Failed dialog box opens. Click Continue to resume the setup with an invalid connection.
You cannot use the connection for provisioning until you have established a valid connection to Slack. To retry, click Cancel in the Test Connection Failed dialog box and repeat step 7.
Troubleshooting:
Learn more about troubleshooting your connection in Troubleshooting Test Connections Failure.
-
In the Configure Preferences and Actions sections, enter the following:
Field Description Unique user identifier
Determines how to identify a unique user. Select
primaryEmail
oruserName
.Group membership handling
Determines whether to update or replace target groups with PingOne memberships. Select Merge or Overwrite.
Merging or overwriting memberships only applies to SCIM, Slack, and GitHub EMU provisioning connections.
Allow users to be created
Determines whether to create a user in the Slack user directory when the user is created in the PingOne identity store.
Allow users to be updated
Determines whether to update user attributes in the Slack user directory when the user is updated in the PingOne identity store.
Allow users to be deprovisioned
Determines whether to deprovision a user in the Slack user directory when the user is deprovisioned in the PingOne identity store.
Remove action
Determines the action to take when removing a user from the Slack user directory.
-
Disable. When a user is deprovisioned from the PingOne identity store, PingOne disables the user in the external identity store.
Deprovision on rule deletion
Determines whether to deprovision users that were provisioned using this rule if the rule is deleted.
-
-
Click Save.
Next steps
To sync group members out of PingOne into a software as a service (SaaS) application, follow the instructions in Configuring outbound group provisioning.