Online Help

SafeNet Trusted Access for Slack

Overview

Configuring SafeNet Trusted Access for Slack is a three-step process:

1.SafeNet Trusted Access setup

2.Slack setup

3.Verify authentication

SafeNet Trusted Access Setup

Activate the Slack application in SafeNet Trusted Access by performing the following steps:

1.In the Applications pane, you will notice that the Slack application that you added previously is currently in inactive state by default. To configure and activate this application, click on the application (for example, Slack) and proceed to the next step.

2.Under STA Setup, in the DOMAIN NAME field, enter the domain name of your organization registered in Slack.

 

3.Click Save Configuration to save the details and activate the Slack application in SafeNet Trusted Access.

Slack Setup

As prerequisites:

Create a user account (for example, alice) in the identity provider with the Slack team owner's email address. This user account will be used to verify the Identity Provider configuration in Slack.

Download the Identity Provider Signing Certificate from the SafeNet Trusted Access console by clicking the Download X.509 certificate button. You will need this certificate in one of the steps below.

 

Perform the following steps to configure SafeNet Trusted Access as your Identity Provider in Slack:

1.In a web browser, open the following URL to log into the Slack account as a team owner:

https://<Domain Name of your Organization registered in Slack>.slack.com/admin

2.On the team owner’s administration console, in the left pane, under ADMINISTRATION, click Authentication.

3.In the right pane, on the Authentication tab, under Configure an authentication method, for SAML authentication, click Configure.

4.Under Configure SAML Authentication, under Choose your SAML provider, perform the following steps:

a.Select the Custom SAML 2.0 option.

b.Click Configure.

5.Perform the following steps:

a.In the SAML 2.0 Endpoint (HTTP) field, enter the SINGLESIGNONSERVICE URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking on the Copy to Clipboard icon available next to the SINGLESIGNONSERVICE field.

b.In the Identity Provider Issuer field, enter the ISSUER/ENTITY ID URL that is provided on the SafeNet Trusted Access console.

You can copy this URL by clicking on the Copy to Clipboard icon available next to the ISSUER/ENTITY ID field.

c.Open the Identity Provider Signing Certificate that you download earlier from the SafeNet Trusted Access console in Notepad, and then copy the entire text of the certificate.

d.In the Public Certificate field, paste the text of the Identity Provider Signing Certificate.

e.Click expand available next to the Advanced Options field.

f.In the AuthnContextClassRef field, select Don’t send this value.

g.In the Service Provider Issuer field, enter https://slack.com.

h.Under Settings, ensure that the following are not selected:

Update profile each time a user logs in

Allow users to change their email address

Allow users to choose their own display name

i.Under Authentication for your workspace must be used by, ensure that All workspace members option is selected.

j.Click Save Configuration. You will be redirected to the Identity Provider login window for the verification of the Identity Provider configuration in Slack.

6.In the Username field, enter your Identity Provider user name that contains the Slack administrator’s email ID, and click LOGIN.

7.In the Password field, enter the one-time password (OTP) generated on the Gemalto token, and click LOGIN.

After successful authentication, you will redirected to the Slack team owner’s administration console. In the right pane, under Settings & Permissions, a success message is displayed ensuring that the identity provider configuration has been correctly done in Slack.

Verify Authentication

Using STA Console

Navigate to the Slack login URL, https://<Domain name>.slack.com. On the Slack dashboard, click Sign in with SAML. You will be redirected to the SafeNet Trusted Access sign-in page. Enter your primary directory login information, approve the two-factor authentication, and you should be redirected to the Slack user account after authentication.

Using STA User Portal

Navigate to the User Portal URL to log in to the STA User Portal dashboard. On the dashboard, you will see a list of applications to which you have access. Click on the Slack application icon, you should be redirected to the Slack user account after authentication.

 

© 2018 SafeNet Trusted Access. Various trademarks held by their respective owners.