![]() ![]() You must select the Enable management of User Groups and Group Membership in this application option to manage groups and group membership in the application from JumpCloud. Group Management Important Considerations At this time, Allowing users to choose their own display name is not supported.Slack only allows matching with the attributes userName and email.), underscores ( _ ), hyphens ( – ), apostrophes ( ‘ ), brackets (, ) and separators (, / ) You can use non-English characters, spaces, and capitalization.Values aren’t entirely unique for example, 2 users can have the same display name.You can’t use special characters, such as.If the Enable management of User Groups and Group Membership in this application is enabled, groups cannot be added back to the Slack application after being removed. Removing a group after it has been added to the Slack application in JumpCloud typically results in the group being disabled in Slack. Adding the group back to the Slack application in JumpCloud results in errors and fails, because there is no functionality in the SCIM protocol for enabling disabled groups.The mapping to the ‘What I do’ field is completely controlled by Slack. If users have been given the ability to change the “What I do value in Slack”, their change will be overridden whenever a user update is sent via the SCIM integration. Slack maps the value sent for the ‘title’ user attribute to both the ‘title’ and ‘What I do’ field.If you do, users who are members of that user group will be deactivated in the application if one of the connectors is removed from the user group. Don’t add the same user group to multiple Slack connectors in JumpCloud.If your request would cause more than 50 fields to exist, the call will fail with an “unable_to_create_team_profile_fields” error message. There is a limit of 50 custom profile fields, which includes fields set via the SCIM API.For example, you can’t have a username for if you also have a #general channel in the Slack workspace.Username values and channel name values have to be unique and share the same namespace.Slack doesn’t store “type” for “addresses.” The “type” field is used to determine which address is the “primary address” if the request doesn’t specify one, however the “type” isn’t stored.If your requests are being limited, an “HTTP: 429” error will be returned. Subteams that are automatically generated by Slack, like “Team Admins,” can’t be updated via the SCIM API.Group mention handles can’t be set via the SCIM provisioning API.You need to provision them as a full user first, then restrict them via the Slack admin page. Single-Channel Guests can’t be fully provisioned via SCIM.When creating a new user, make sure that nothing is invalid in the custom profile, otherwise all profile fields will be dropped.Even if the existing user has been previously deactivated in Slack, the existing user email address has to be manually updated in Slack to unbind the email and allow it to be reprovisioned. If you try to provision a user with a duplicate email address, it will fail.Users can’t be permanently deleted from Slack, they can only be deactivated. ![]() ![]() Additionally, these users can log in to Slack with the password they used prior to your deletion of the Slack application from your JumpCloud account. If you delete an integrated Slack application from your Applications list, the Slack application is removed from JumpCloud, but any previously bound users remain active in Slack.Users that are created in Slack remain in an ‘Inactive’ state until they log in to their JumpCloud user portal and launch Slack using their JumpCloud credentials.If you are setting up Slack Identity Management for an organization that is managed from the Multi-Tenant Portal (MTP), you need to use a local JumpCloud administrator from that particular organization to do so.JumpCloud Session Settings are not passed into Slack, session duration will need to be set in Slack as well.SAML is the recommended method for managing secure user authentication into Slack.The email address of the JumpCloud accounts must correspond to the email address associated with the Slack Plus accounts.This will hide the inactive Slack tile from your users. If you choose to not activate SSO, deselect Show this application in the User Portal in the General Info tab of the Slack configuration window.We recommend that you activate SSO for Slack prior to creating an Identity Management integration with Slack to simplify the login process for your users and reduce the number of usernames and passwords they have to remember.See Guide to single sign-on settings for more information on changing this setting. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |