Configuring Slack to use Shibboleth

Matt Brennan brennanma at
Fri Apr 29 12:14:36 EDT 2016

Did you guys get this to work? I'm trying to set it up, but every time I
hit "Save" it authenticates me through the IdP and brings me back to the
default chat room. I can't seem to find any log messages (on either side)
that actually give a hint what's going on.


On Thu, Apr 14, 2016 at 5:37 PM, Nate Klingenstein <ndk at> wrote:

> > They provide documentation for their custom SAML process here:
> >
> I was just reviewing this last night.  Beyond the typical custom
> implementation stuff, one thing that jumped out at me is the Required for
> both:
> <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
> NameQualifier="" SPNameQualifier="">Your
> Unique Identifier</saml:NameID>
> and
> <saml:Attribute Name="User.Email"
> NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
>  <saml:AttributeValue xsi:type="xs:anyType">testuser at
>  </saml:AttributeValue>
>  </saml:Attribute>
> I haven’t played with it to see what happens if one, the other, neither,
> both, or a changed value gets sent.  It’s my next step, so if anyone knows
> anything, it would be helpful.
> My hope is that they just use the persistentId as an identifier and email
> as email.  I have lots of hope in life, though.
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list