Slack - SAML Relying Party Configuration - RSA Ready Implementation Guide
2 years ago
This section describes how to integrate RSA with Slack using SAML Relying Party.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service as Relying Party to Slack.
Procedure
  1. Sign in to RSA Cloud Administration Console
  2. Click Authentication Clients > Relying Parties.                                                                                                                                                image.png
  3. Click Add a Relying Party on the My Relying Parties page.                                                                                                                          image.png
  4. On the Relying Party Catalog page, click Add for Service Provider SAML.                                                                                                    image.png
  5. On the Basic Information page, enter a name for the Service Provider in the Name field.
  6. Click Next Step.
  7. On the Authentication page, choose SecurID Access manages all authentication.
  8. In the Primary Authentication Method list, select your desired login method as either Password or SecurID.
  9. In the Access Policy for Additional Authentication list, select a policy that was previously configured.                                                      image.png
  10. Click Next Step.
  11. Click Enter Manually on the Connection Profile page.                                                                                                                                image.png
  12. In the Service Provider Metadata section, provide the details in the following format:                                                                           
    1. ACS URL: https://<workspace>.slack.com/sso/saml. Replace <workspace> with your workspace name value.
    2. Service Provider Entity ID: Ensure that the value is https://slack.com.                                                                                          image.png
  13. Scroll down to the Message Protection section and choose the IdP signs entire SAML response option.
  14. Click Download Certificate to download the IDP signing certificate.                                                                                                               image.png
  15. Configure User Identity for NAMEID mapping.                                                                                                                                        image.png
    • Identifier Type – Email Address
    • Property – mail
  16. In the Attribute Extension section, enter User.Email in the Attribute Name field, select Identity Source in the Attribute Source drop-down list, and select mail in the Property drop-down list.                                                                                                                             image.png
  17. Scroll down to the Identity Provider section and make a note of the Entity ID field value. This value is required during the Slack configuration.                                                                                                                                                                                                 image.png
  18. Click Save and Finish.
  19. Click Publish Changes

Configure Slack

Perform these steps to configure Slack.
Procedure
  1. Sign in to Slack admin console - https://<workspace>.slack.com/admin.
  2. Click the Menu in the upper-left corner and click Settings & permissions.                                                                                                    image.png
  3. Click the Authentication tab.
  4. If you are configuring SAML Authentication for the first time, click Configure. If SAML Authentication was configured previously, click Change Settings in the SAML Authentication Settings section.                                                                                                       image.png                                                  image.png
  5. In the Configure SAML Authentication section, enable the Configure toggle switch.                                                                               image.png
  6. Enter your Cloud Identity Provider URL (from the metadata file) in the SAML 2.0 Endpoint (HTTP) field and your Cloud Identity Provider Entity ID in the Identity Provider Issuer field.                                                                                                                              image.png
  7. Copy the RSA public certificate extracted from the zip file during configuration and paste it into the Public Certificate field.                       image.png
  8. Scroll down to the Advanced Options section and click the expand.                                                                                                        image.png
  9. Enter your Service Provider URL in the Service Provider Issuer field.                                                                                                 image.png
  10. Choose how the SAML response from your IDP is signed. You must choose at least one option.                                                                  image.png
  11. Click Save Configuration.                                                                                                                                                                              image.png
Your users will receive an e-mail with directions to bind their current profile for single sign-on.

The configuration is complete.
Return to Slack - RSA Ready Implementation Guide .

Related Articles

Trending Articles

Don't see what you're looking for?