Setting Method for SAML Authentication in Slack

※ Settings in Slack must be done in advance.

※ You need to create an account with Slack with the same e-mail address used for your SKUID account.

※ Please refer to the manual provided by Slack for the latest settings procedure.

Slack Help Center [SAML Single Sign On」

https://get.slack.help/hc/ja/articles/203772216                              

 

Settings for Slack

 Log in to Slack with an administrator account.

1. Click [Workspace name] at the upper left of the desk top screen.

2. Click [Administration] from menu and select [Workspace settings].

3. Click [Authentication] twice and click [Set up] next to SAML authentication.

4. Enter the following information at the [Settings for SAML authentication] screen.

SAML 2.0 end point (HTTP):

https://saml.sku.id/uas/saml2/SingleSignOnService


ID provider issuer
https://saml.sku.id/uas


Public certificate

Download a certificate for SKUID from the following page and attach it.
Please download a certificate for SKUID from here.

 

[Advanced Settings][Service Provider Issuer]:

   https://[Your workspace name].slack.com     

 

Untick [ユーザーによるメールアドレスの変更を許可する] on [Settings].

 

Select members to be authenticated at [ワークスペースの認証が必要なメンバー] on [Settings].

 

5.Click [Save settings] to complete.

 

SKUID Administrator Panel Settings

1.Log in to SKUID and select the [App] menu on the [Administration Panel].

2.Click [Register App] at the upper right of the screen, and search for the application name [Slack (SAML)] on the [Company Application Registration] screen.

3.Click [Slack (SAML)].

4.Fill in each of the setting items and click [Register].

  ① [Application name] is an optional item. Please input here when changing display name.

  ② [Log in URL] can be left as it is.

  ③ [Name ID] cannot be changed. The e-mail address of each member’s SKUID account will be used.

  ④ For [user.email], input an item name as same as [user.email].

  For [Metadata], please modify as follows and save as an xml file to upload.

 

 ※ Input your slack URL in the spot marked in red and save as a file.

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
validUntil="2018-10-28T10:13:10Z"
cacheDuration="PT604800S"
entityID="https:// [Your workspace name].slack.com">
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">

<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="https:// [Your workspace name].slack.com/sso/saml/logout" />
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="https:// [Your workspace name].slack.com/sso/saml"
index="1" />
</md:SPSSODescriptor>
</md:EntityDescriptor>

 

SKUID My Page Settings

1.Click [Add App] on [My page].

2.On [Application Registration] screen, select [Slack (SAML)] and click [Next] at the upper right of the screen.

3.To change [Display name], enter a display name and click [Register].

4.Please click on the application at the [extension function] or the [My page] and check whether the log in is successful.

 

Setting Method for SAML Authentication in Slack

※ Settings in Slack must be done in advance.

※ You need to create an account with Slack with the same e-mail address used for your SKUID account.

※ Please refer to the manual provided by Slack for the latest settings procedure.

Slack Help Center [SAML Single Sign On」

https://get.slack.help/hc/ja/articles/203772216                              

 

Settings for Slack

 Log in to Slack with an administrator account.

1. Click [Workspace name] at the upper left of the desk top screen.

2. Click [Administration] from menu and select [Workspace settings].

3. Click [Authentication] twice and click [Set up] next to SAML authentication.

4. Enter the following information at the [Settings for SAML authentication] screen.

SAML 2.0 end point (HTTP):

https://saml.sku.id/uas/saml2/SingleSignOnService


ID provider issuer
https://saml.sku.id/uas


Public certificate

Download a certificate for SKUID from the following page and attach it.
Please download a certificate for SKUID from here.

 

[Advanced Settings][Service Provider Issuer]:

   https://[Your workspace name].slack.com     

 

Untick [ユーザーによるメールアドレスの変更を許可する] on [Settings].

 

Select members to be authenticated at [ワークスペースの認証が必要なメンバー] on [Settings].

 

5.Click [Save settings] to complete.

 

SKUID Administrator Panel Settings

1.Log in to SKUID and select the [App] menu on the [Administration Panel].

2.Click [Register App] at the upper right of the screen, and search for the application name [Slack (SAML)] on the [Company Application Registration] screen.

3.Click [Slack (SAML)].

4.Fill in each of the setting items and click [Register].

  ① [Application name] is an optional item. Please input here when changing display name.

  ② [Log in URL] can be left as it is.

  ③ [Name ID] cannot be changed. The e-mail address of each member’s SKUID account will be used.

  ④ For [user.email], input an item name as same as [user.email].

  For [Metadata], please modify as follows and save as an xml file to upload.

 

 ※ Input your slack URL in the spot marked in red and save as a file.

<?xml version="1.0"?>
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
validUntil="2018-10-28T10:13:10Z"
cacheDuration="PT604800S"
entityID="https:// [Your workspace name].slack.com">
<md:SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">

<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="https:// [Your workspace name].slack.com/sso/saml/logout" />
<md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="https:// [Your workspace name].slack.com/sso/saml"
index="1" />
</md:SPSSODescriptor>
</md:EntityDescriptor>

 

SKUID My Page Settings

1.Click [Add App] on [My page].

2.On [Application Registration] screen, select [Slack (SAML)] and click [Next] at the upper right of the screen.

3.To change [Display name], enter a display name and click [Register].

4.Please click on the application at the [extension function] or the [My page] and check whether the log in is successful.