PingOne

Creating a Slack connection

Use a Slack connection to enable provisioning from PingOne to the Slack user directory.

Before you begin

Make sure that you have:

  • A Slack Workspace Owner account. For more information, see Types of roles in Slack.

  • The OAuth2 Access Token for the connected application. You can use the Ping Identity OAuth Configuration Service (OCS) to get the token. For more information, see Getting a Slack API access token.

You should review the provisioning information in the Slack documentation. For more infomration, see Manage members with SCIM Provisioning.

Steps

  1. Go to Integrations → Provisioning.

  2. Click and then click New connection.

  3. On the Identity Store line, click Select.

  4. Click Slack, click Select, and then click Next.

  5. Enter a name and description for this provisioning connection.

    The connection name appears in the provisioning list after you save the connection.

  6. Click Next.

  7. On the Configure authentication panel, in the OAuth2 Access Token field, enter the access token from Slack for the connected application.

    You can use the Ping Identity OAuth Configuration Service (OCS) to get the token. For more information, see Getting a Slack API access token.

  8. Click Test connection to verify that PingOne can establish a connection to Slack.

    Result:

    If there are any issues with the connection, a Test Connection Failed dialog box opens. Click Continue to resume the setup with an invalid connection.

    You cannot use the connection for provisioning until you have established a valid connection to Slack. To retry, click Cancel in the Test Connection Failed dialog box and repeat step 7.

    Troubleshooting:

    Learn more about troubleshooting your connection in Troubleshooting Test Connections Failure.

  9. In the Configure Preferences and Actions sections, enter the following:

    Field Description

    Unique user identifier

    Determines how to identify a unique user. Select primaryEmail or userName.

    Group membership handling

    Determines whether to update or replace target groups with PingOne memberships. Select Merge or Overwrite.

    Merging or overwriting memberships only applies to SCIM, Slack, and GitHub EMU provisioning connections.

    Allow users to be created

    Determines whether to create a user in the Slack user directory when the user is created in the PingOne identity store.

    Allow users to be updated

    Determines whether to update user attributes in the Slack user directory when the user is updated in the PingOne identity store.

    Allow users to be deprovisioned

    Determines whether to deprovision a user in the Slack user directory when the user is deprovisioned in the PingOne identity store.

    Remove action

    Determines the action to take when removing a user from the Slack user directory.

    • Disable. When a user is deprovisioned from the PingOne identity store, PingOne disables the user in the external identity store.

    Deprovision on rule deletion

    Determines whether to deprovision users that were provisioned using this rule if the rule is deleted.

  10. Click Save.

Next steps

To sync group members out of PingOne into a software as a service (SaaS) application, follow the instructions in Configuring outbound group provisioning.