Configure Slack for UserLock Single-Sign On
Procedure
Enable Slack in UserLock SSO
In the UserLock console, Navigate to Single Sign-On → Configuration.
- Select Add configuration, then select Slack as the provider to be configured.
- When prompted with the Custom App Domain, enter the domain of your Slack instance (https:// <slackDomain> .slack.com)
- Email domain: Enter the domain of the email you want to be used to allow users to log into.
NOTE: The SSO service needs to be restarted in order to use this profile
Configure Slack settings
Pre-requirement: A "Plus" plan is required in your Slack workspace in order to continue.
- Connect to your Slack workspace with an administrator account.
- Navigate to Administration → Settings and Permissions.
-
At the opened browser window, Go to Authentication and click the Configure button for SAML authentication.
-
Complete the form as indicated with the values listed below:
-
SAML 2.0 Endpoint (HTTP):
SSO address + "/saml/sso"
-
Identity Provider Issuer:
SSO address
-
Public Certificate: Navigate to the %ProgramData%\ISDecisions\UserLock\SSO folder and locate the ulsso.signing.cer certificate. Edit the certificate with a text editor, then copy and paste its value
-
-
Click upon the Configure SAML Authentication menu to change from Configure to Test mode.
-
Click on the Test Configuration button found in the "Test and Save" section at the bottom of the page:
Upon successful completion Slack presents the following message :
- Press the Save Configuration button to complete the procedure.
Security measures (if SSO/SSO is broken)
The only option is to ask your workspace owner to deactivate SSO while you are troubleshooting the issue.