UserLock Documentation
UserLock Documentation

Configure Slack for UserLock Single-Sign On


Enable Slack in UserLock SSO

In the UserLock console, Navigate to Single Sign-On → Configuration.

  1. Select Add configuration, then select Slack as the provider to be configured.
  2. When prompted with the Custom App Domain, enter the domain of your Slack instance (https:// <slackDomain>
  3. Email domain: Enter the domain of the email you want to be used to allow users to log into.

NOTE: The SSO service needs to be restarted in order to use this profile

Configure Slack settings

Pre-requirement: A "Plus" plan is required in your Slack workspace in order to continue.

  1. Connect to your Slack workspace with an administrator account.
  2. Navigate to Administration → Settings and Permissions.
  3. At the opened browser window, Go to Authentication and click the Configure button for SAML authentication.

  4. Complete the form as indicated with the values listed below:

    • SAML 2.0 Endpoint (HTTP):

      SSO address + "/saml/sso"
    • Identity Provider Issuer:

      SSO address
    • Public Certificate: Navigate to the %ProgramData%\ISDecisions\UserLock\SSO folder and locate the ulsso.signing.cer certificate. Edit the certificate with a text editor, then copy and paste its value

  5. Click upon the Configure SAML Authentication menu to change from Configure to Test mode.

  6. Click on the Test Configuration button found in the "Test and Save" section at the bottom of the page:

    Upon successful completion Slack presents the following message :

  7. Press the Save Configuration button to complete the procedure.

Security measures (if SSO/SSO is broken)

The only option is to ask your workspace owner to deactivate SSO while you are troubleshooting the issue.