Supplemental Slack info for you and your team.Tips and tools for beginners and experts alike.Get familiar with Slack Enterprise Grid for large organizations.If you're curious about what's new in Slack — and what's changed — you're in the right place.Develop your skills and prepare to become Slack Certified!Launching a new team or joining one for the first time?
Our easy-to-read guides help your team work better, together, from day one.Ready to level up? Browse our time-saving tricks and practical tips for
making Slack work for you.All kinds of teams thrive with Slack — take a look at our department-specific guides.
More coming soon!Learn how Slack works, from top to bottom!Want to learn more about setting up your team? Look no further!Welcome to Slack! We're so glad you're here. Let's get started!Adjust your profile and preferences to make Slack work just for you!Simplify your daily work with apps and tools.Tips and tools for beginners and experts alike.
Slack is experiencing some connectivity issues — please stand by. Check
Status
Tip: Workspace Owners (Business+) and Org Owners (Enterprise Grid) can bypass SSO authentication to sign in with an email address and password. This guarantees access to your workspace or org, even if your IDP is having issues.
Step 1: Configure your identity provider
To get started, you’ll need to set up a connection (or connector) for Slack with your IDP. Many providers we work with have created help pages for enabling SAML with Slack:
Once you’ve configured your identity provider (IDP), a Workspace Owner can enable SSO.
From your desktop, click your workspace name in the top left.
Select Settings & administration from the menu, then click Workspace settings.
Click the Authentication tab.
Next to SAML authentication, click Configure.
In the top right, toggle Test mode on.
Next to SAML SSO URL, enter your SAML 2.0 Endpoint URL(HTTP). (This came from setting up your connector. If Okta is your IDP, you can include the IDP URL instead if you’d like.)
Next to Identity Provider Issuer, enter your IDP Entity ID.
Copy the entire x.509 Certificate from your identity provider and paste it into the Public Certificate field.
Next to Advanced Options, click Expand. Choose how the SAML response from your IDP is signed. If you need an end-to-end encryption key, check the box next to SignAuthnRequest to show the certificate.
Under Settings, decide if members can edit their profile information (like their email or display name) after SSO is enabled. You can also choose whether SSO is required, partially required* or optional.
Under Customize, enter a Sign In Button Label.
Select Save Configuration to finish.
*If you have guest accounts, we recommend choosing the option where SSO is partially required, so guests can still sign in using their email address and password.
Once you’ve configured your identity provider (IDP), an Org Owner can enable SSO for your Enterprise Grid organization:
From your desktop, click your workspace name in the top left.
Select Settings & administration from the menu, then click Organization settings.
From the left sidebar, click Security.
Click SSO Settings.
Enter your SSO name.
Enter your SAML 2.0 Endpoint URL (this came from setting up your connector earlier.) This is where authentication requests from Slack will be sent.
Enter your Identity Provider Issuer URL (also known as the entity ID).
The Service Provider Issuer URL is set to https://slack.com by default. This field should match what you've set in your IDP.
Copy the entire x.509 Certificate from your identity provider.
Choose whether the SAML responses and assertions are signed. If you require an end-to-end encryption key for your IDP, select the checkbox next to SignAuthnRequest to show the certificate. You can also select your preference for AuthnContextClassRef values.
Click Test Configuration. We'll let you know if the changes are successful or whether you need to make further changes.
Once you’ve set up SSO, members that are required to sign in with SSO will get an email. The email will prompt members to bind their Slack accounts with your IDP. Members will have 72 hours to bind their account before their link expires.
Any members already signed in when SSO is enabled will remain signed in. Going forward, all members will sign in to Slack with their IDP account. If you chose to require SSO, your members will see a sign in page before they can access your workspace.
Great news! Our Help Center is available in multiple languages. Switch to EnglishBonne nouvelle ! Le centre d'assistance de Slack est désormais disponible dans plusieurs langues. Poursuivre en FrançaisGute Neuigkeiten! Unser Support-Center gibt es jetzt in mehreren Sprachen! Weiter auf DeutschSlack ヘルプセンターが複数言語で閲覧できるようになりました!日本語ページへ切り替え¡Buenas noticias! El centro de ayuda de Slack ya está disponible en varios idiomas. Continúa leyendo en español