How to Configure SAML 2.0 for Slack
This setup might fail without parameter values that are customized for your organization. Please use the Okta Administrator Dashboard to add an application and view the values that are specific for your organization.
Contents
Supported Features
The Okta/Slack SAML integration currently supports the following features:
- SP-initiated SSO
- IdP-initiated SSO
- JIT (Just In Time) Provisioning
For more information on the listed features, visit the Okta Glossary.
Configuration Steps
- Sign in to your Slack account as a Workspace Owner.
- Select Admin from the sidebar.
- Select Workspace settings from the menu.
- Click Security, and then select SSO & authentication
- Next to An identity provider or custom SAML, click Configure SAML.
- Enter the following information:
- SAML 2.0 Endpoint (HTTP): Copy and paste the following:
Sign into the Okta Admin dashboard to generate this value.
- Identity Provider Issuer: Copy and paste the following:
Sign into the Okta Admin dashboard to generate this value.
- Certificate: Copy and paste the following:
Sign into the Okta Admin Dashboard to generate this variable.

- Under Advanced Options, use the default value for the Service Provider Issuer.
It must be https://slack.com.

- Under Settings, select the desired options for SAML Authentication for users and workspace, then click Save Configuration.
Note: We recommend to use It’s optional for the Authentication for your workspace must be used by until the SAML configuration is fully tested. This will allow you to use both – username/password and SAML authentication options.

- You will be prompted for Okta authentication.
- After successful authentication in Okta you will see a confirmation message in Slack.
Notes
- Make sure that you entered the correct value in the Domain field under the General application tab in Okta. Using the wrong value will prevent you from authenticating via SAML to Slack.
- The following SAML attributes are supported:
| Name |
Value |
| first_name |
user.firstName |
| last_name |
user.lastName |
| User.Email |
user.email |
| User.Username |
user.userName |
SP-initiated SSO
- Go to https://[subdomain].slack.com.
Where [subdomain] is your organization's Slack subdomain.
- Select Sign in with Okta.