PingOne Privilege

Slack integration

The PingOne Privilege Slack integration allows your teams to request just-in-time (JIT) access directly in Slack channels. Approvers are notified instantly, and users can make and track requests without leaving Slack.

This guide covers three main topics:

Configuring notifications for approvals

To send approval notifications to a Slack channel, you must first create an incoming webhook in Slack and then add it to PingOne Privilege.

Creating an incoming webhook in Slack

  1. In a web browser, go to the Slack Marketplace and search for Incoming webhooks.

  2. Click Add to Slack.

  3. In the list, select the channel where PingOne Privilege notifications should be posted.

  4. Click Add Incoming WebHooks Integration.

    The Incoming Webhooks integration page in the Slack App Directory
    The Post to Channel dialogue box. The channel name #oncall is entered in the channel field and the Add Incoming Webhooks integration button is indicated with an arrow.

  5. Copy the generated Webhook URL. You will need this in the next step.

  6. Click Save Settings.

    The Integration Settings menu. The Webhook URL and Save Settings buttons are indicated by arrows.

Adding the webhook to PingOne Privilege

  1. In the PingOne Privilege admin console, go to Integrations.

  2. On the All Integrations tab, in the Slack section, click Integrate.

  3. Enter a descriptive Integration Name, such as DevOps Team Approvals.

  4. Paste the webhook URL you copied from Slack into the Webhook Url field.

  5. Click Continue to create the integration.

  6. On the Active tab, locate your new Slack integration and click Manage Integration.

  7. In the Channel-Account linking section, click the menu button and then click Manage.

  8. Add the cloud accounts whose JIT notifications should be handled by this integration and click Update.

  9. In the Notification section, click Select to configure the GateWay Notification Channel and the Private Server Notification Channel.

You can create multiple integrations to send notifications for different sets of accounts to different Slack channels.

Enabling requests from Slack

To allow users to create access requests using slash commands, you must add the PingOne Privilege bot to your workspace. This requires administrator permissions in Slack.

  1. Click the following link to open the Slack authorization page: Add PingOne Privilege Bot to Slack.

  2. Review the permissions and click Allow to add the bot to your Slack workspace.

After authorization, the PingOne Privilege bot displays in the Apps section in your Slack client.

Using Slack commands

The PingOne Privilege bot provides the following slash commands:

Command Description

/procyon login

Links your Slack account to your PingOne Privilege user identity. This is a required one-time setup before making requests.

/procyon request

Initiates a new JIT access request. The bot will guide you through selecting resources and defining the request details.