Page created: 22 Apr 2021
|
Page updated: 15 Dec 2022
Enable Slack sign on from a PingFederate URL (IdP-initiated sign on) and direct Slack sign on using PingFederate (SP-initiated sign on) with JIT provisioning.
- Configure PingFederate to authenticate against an IdP or datastore containing the users that require application access.
- You must have administrative access to PingFederate and Slack.
-
Create a PingFederate SP
connection for Slack:
-
Add the PingFederate
connection to Slack.
- For Slack Standard or Plus, do the following:
- Sign on to your Slack Workspace as an administrator.
- Go to
. - Click the Authentication tab.
- In the Configure an authentication method section, on the
SAML authentication line, click
Configure.
- If prompted, enter your password to continue.
- In the SAML 2.0 Endpoint (HTTP) field, enter the PingFederate Location value.
- In the Identity Provider Issuer field, enter the PingFederate entityID value.
- In the Public Certificate field, paste in the contents of the
PingFederate signing certificate.
- Expand the Advanced Options section, and clear the
Assertions Signed check box.
- In the Settings section, select the It’s
optional radio button for the authentication
setting.Note:
You can change the authentication setting to your desired value after you have completed testing.
- Click Save Configuration.
- When you're redirected to PingFederate, authenticate with PingFederate.
Result: Your selection is confirmed against PingFederate and saved if successful.
- For Slack Enterprise Grid, do the following:
- Sign on to your Slack Organization (not Workspace) as an administrator.
- Go to
- For Slack Standard or Plus, do the following: