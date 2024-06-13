Connect to Slack through Access
This guide covers how to configure Slack in Cloudflare Zero Trust.
Prerequisites
- Slack Business+ or Enterprise Grid plan
1. Add a SaaS application to Cloudflare Zero Trust
- In Zero Trust, go to Access > Applications.
- Select Add an application > SaaS > Select.
- For Application, select Slack.
- For the authentication protocol, select SAML.
- Select Add application.
- Fill in the following fields:
- Entity ID:
https://slack.com
- Assertion Consumer Service URL:
https://<YOUR_DOMAIN>.slack.com/sso/saml
- Name ID format: The format expected by Slack, usually Email
- Entity ID:
- Copy the SSO endpoint, Access Entity ID or Issuer, and Public key.
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
2. Create a x.509 certificate
- Paste the Public key in a text editor.
- Wrap the certificate in
-----BEGIN CERTIFICATE-----and
-----END CERTIFICATE-----.
3. Add a SAML SSO provider to Slack
- In Slack, go to Settings & administrations > Workspace settings > Authentication.
- Select Configure.
- Enable Test. Configuration changes will not apply until Configuration is turned on.
- Fill in the following fields:
- SAML SSO URL: SSO endpoint from application configuration in Cloudflare Zero Trust.
- Identity Provider Issuer: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust.
- Public Certificate: Paste the entire x.509 certificate from step 2. Create a x.509 certificate.
- Under Settings, choose whether SSO is required, partially required, or optional for workspace members.
- (Optional) Under Customize, enter a Sign in Button Label.
- Test your set-up. If all works well, turn Test to Configure.
- In Slack, go to Settings & administration > Organization settings > Security.
- Select SSO Settings.
- Fill in the following fields:
- SAML SSO URL: SSO endpoint from application configuration in Cloudflare Zero Trust.
- Identity Provider Issuer: Access Entity ID or Issuer from application configuration in Cloudflare Zero Trust.
- Public Certificate: Paste the entire x.509 certificate from step 2. Create a x.509 certificate.
- Select Test Configuration.
- If all works well, select Turn on SSO or Add SSO.