Extras
Supplemental Slack info for you and your team.
Slack Guides
Tips and tools for beginners and experts alike.
Slack Enterprise Grid
Get familiar with Slack Enterprise Grid for large organizations.
Changelog
If you're curious about what's new in Slack — and what's changed — you're in the right place.
Slack Certification
Develop your skills and prepare to become Slack Certified!
Getting Started
Launching a new team or joining one for the first time?
Our easy-to-read guides help your team work better, together, from day one.
Getting More Out of Slack
Ready to level up? Browse our time-saving tricks and practical tips for
making Slack work for you.
Department Playbooks
All kinds of teams thrive with Slack — take a look at our department-specific guides.
More coming soon!
Using Slack
Learn how Slack works, from top to bottom!
Workspace Administration
Want to learn more about setting up your team? Look no further!
Getting Started
Welcome to Slack! We're so glad you're here. Let's get started!
Your Profile and Preferences
Adjust your profile and preferences to make Slack work just for you!
Add Tools to Your Workspace
Simplify your daily work with apps and tools.
Tips, tricks, & More
Tips and tools for beginners and experts alike.
Next
Previous
Next Video
Previous Video
Actions, activity, access logs, accessibility, add, add an app, add-in, add-on, Add members, add on, Add to Slack, administrators, all passwords, analytics, android, announcement, announcements, App Directory, app icon, Apple Watch, approving apps, archive, Asana, Atlassian, Automation apps, badge, billing details, billing, Bitbucket, bot user, box, browse, Calendar, calls, Calls !pobeta!pc, cancel, changes, channels, channel instantly, channel management, channel notification, channel suggestions, claim domains, close, company culture, compliance exports, compose, computers, conversations, convert, connect, connected accounts, connection, connecting, copy messages, create, customization, customize, custom SAML, custom, customer support teams, dark mode, data exports, data security, deactivate, default channels, delete, deletion, deploy slack, desktop, direct messages, directory, disable, discover and join, Discovery APIs, display name, DMs, Do Not Disturb, domain, domains, downgrade, dropbox, duplicate accounts, edit, editing, education, email address, email, emoji, emoticons, Enterprise Grid, Enterprise Key Management, Enterprise Mobility Management, executives, export, failed payments, Fair Billing, faqs, features, finding, format, formatting, framework for apps, free trials, general, getting started, giphy, github integration, github organization, github, glossary, Gmail add-on, google apps, google calendar, google drive, guests, highlights, hipchat, human resources, IFTTT, import, Incoming WebHooks, integrations, ios, invite, invited, IT teams, JIRA, join, Keep up, keyboard layout, keyboard shortcuts, Keychain Access, keyword notifications, language, languages, leave, link previews, loading, limits, links, linux, mac, manage a workspace, manage apps, manage members, marketing, mention, merge, message actions, messages are displayed, message display, microsoft products, mobile, mobile push, move channels, moving workspaces, multiple, mute, name, names, noise, nonprofits, notify, OneDrive, onboard, Outlook Calendar, owners, password, payment, payments, pending, permissions, phones, pin, plan, plans, plus plan, polls, posts, privacy policies, prioritize tasks, private, private channel, private notes and files, project management, public channel, purpose, quick start guide, Quick Switcher, quote, reactivate, read, recruitment, referrer information, reminder, remove, rename, retention, Request a new workspace, role, roles, RSS, sales, Salesforce, SAML, SCIM, SCIM provisioning, screen reader, search, send, session duration, share messages, share, shared channel, shared channels, sidebar, sign in, sign out, signup mode, single sign-on, Slack Day, Slack for Teams, Slack notifications, Save notes and files, Service Level Agreements, ServiceNow, sign up, slack status, slackbot, slash commands, snippet, snooze, software developers, star, statistics, Stride, sync, tablets, tax, threads, time zone, tips, to-do lists, topic, triage channels, Terms of Service, transfer ownership, Transport Layer Security, Trello, troubleshoot, trouble receiving, tour, twitter, two-factor authentication, unread messages, updates, upgrade, upload, users, username, user groups, URL, vacation, Vendor and remittance, video, voice call, voice, what is, what's important, whitelist, whitelisting, windows phone, windows, Workflow Builder, workflows, working in, workspace apps, workspace creation requests, workspace discovery, work hours, workspace's settings, wunderlist, your actions, Zapier, zoom
Slack is experiencing some connectivity issues — please stand by.
Check
Status
SAML 单点登录
基于 SAML 的单点登录 (SSO) 可让成员通过所选择的身份提供商 (IDP) 访问 Slack。
注意: 如果在设置 SAML 单点登录时遇到困难,请参阅排除 SAML 授权错误 文章。
小窍门: 工作区拥有者(企业增强套餐)和组织拥有者 (Enterprise Grid) 可绕过 SSO 身份验证,通过电子邮件地址和密码进行登录 。这可确保即使你的 IDP 出现了问题也能访问你的工作区或组织。
步骤 1:配置你的身份提供商
要开始配置,你需要用你的 IDP 为 Slack 设置连接(或连接器) 。与我们合作的多家提供商已创建了帮助页面,以便用 Slack 启用 SAML。
备注 :我们还提供了一些指南,以帮助你设置自定义 SAML 单点登录 、Google Workspace 单点登录 或 ADFS 单点登录 。
步骤 2: 为 Slack 设置 SAML SSO
企业增强套餐
Enterprise Grid 套餐
在你配置了身份提供商 (IDP) 后,工作区拥有者便可启用 SSO。
在桌面上,单击左上方的工作区名称。
从菜单中选择设置和管理 ,然后单击工作区设置 。
单击身份验证 标签。
在 SAML 身份验证 旁边,单击配置 。
在右上角,打开测试 模式。
在 SAML SSO 网址 旁边,输入你的 SAML 2.0 端点网址 (HTTP) 。(这来自于设置你的连接器。如果 Okta 是 IDP,可根据需要将 IDP 网址 包括在内)
在身份提供商颁发者 旁边,输入你的 IDP 实体 ID 。
从身份提供商复制完整的 x.509 证书,并将其粘贴到 公共证书字段。
在高级选项 旁边,单击展开 。选择你的 IDP 的 SAML 回复的签名方式。如需端到端加密密钥,请勾选签署 AuthnRequest 旁边的复选框,以显示证书。
在设置 下方,确定在 SSO 启用后成员能否编辑个人档案信息(例如电子邮件或显示名)。你还可选择 SSO 是否为必选、部分必选* 或可选。
在自定义 下方,输入登录按钮标签 。
选择保存配置 ,完成操作。
*如果你有访客帐户,我们建议你选择部分必需 SSO 的选项,以便访客仍可使用电子邮件地址和密码登录。
在你配置了身份提供商 (IDP) 后,组织拥有者便可为你的 Enterprise Grid 组织启用 SSO:
在桌面上,单击左上方的工作区名称。
从菜单中选择设置和管理 ,然后单击组织设置 。
从左侧栏单击 安全 。
单击SSO 设置 。
输入你的 SSO 名称 。
输入 SAML 2.0 端点网址 (这来自于早前设置你的连接器。)这是来自 Slack 的身份验证请求将发送到的位置。
输入你的身份提供商颁发者网址 (也称为实体 ID)。
服务提供商颁发者网址 默认设置为 https://slack.com。此字段应与你在 IDP 中设置的内容匹配。
从身份提供商复制完整的x.509 证书 。
选择 SAML 响应和断言是否已经签署。如需 IDP 端到端加密密钥,请勾选签署 AuthnRequest 旁边的复选框,以显示证书。你还可为 AuthnContextClassRef 值选择选项。
单击测试配置 。我们将告知你更改是否成功,或者是否需要进行进一步更改。
准备就绪后,单击打开 SSO 或添加 SSO 。
小窍门: 设置 SSO 后,你可以管理单点登录设置 ,并了解如何在组织中将 IDP 组关联到工作区 。
添加额外的 SSO 配置
如果需要,你可以添加最多 11 个额外的 SSO 配置,以让人员从你选择的身份提供程序登录 Slack。
在桌面上,单击左上方的工作区名称。
从菜单中选择设置和管理 ,然后单击组织设置 。
从左侧栏选择 安全 。
单击 SSO 设置 。
单击添加 SSO 配置 ,然后按照以下步骤为 Slack 设置 SSO 。
SSO 启用后的预期情况
设置 SSO 之后,需要使用 SSO 进行登录的成员会收到一封电子邮件。电子邮件会提示成员将其 Slack 帐户 与你的 IDP 绑定。成员将有 72 小时的时间绑定其帐户,之后其链接会失效。
SSO 启用后已经登录的任何成员将保持已登录状态。 以后,所有成员将通过他们的 IDP 帐户登录 Slack。如果你选择需要 SSO,你的成员将先看到登录页面,然后才能访问你的工作区。
小窍门: 为简化成员管理,Slack 支持 SCIM 配置标准。如需了解更多信息,请访问 通过 SCIM 配置来管理成员
哪些人员可以使用此功能?
工作区拥有者 和 组织拥有者
企业增强版 和 Enterprise Grid 套餐
Awesome!
Thanks so much for your feedback!
Got it!
Thanks for your feedback.
If you’d like a member of our support team to respond to you, please send a note to feedback@slack.com .
Oops! We're having trouble. Please try again later!