Single sign-on allows your Laddr instance to act as an “identity provider” for your Slack organization, so your users only need to sign into Laddr and can seamlessly access Slack seeing another login prompt or needing to be invited. If they try to access Slack directly without a session, they’ll see a “Sign in with SAML2” button presented by Slack that will send them to Laddr’s login page, which will send them on to their original Slack destination after login or registration. The text of this button can be customized in Slack’s SSO settings to say something like “Sign in with mybrigade.org” instead. Once SSO for Slack is activated, Slack will email all existing users in the Slack organization with a button that will log them in via your Laddr instance and seamlessly link their existing Slack account.
Setup
Install and configure emergence-slack on your staging site
Link users into Slack with no extra clicks
-
Override
site-root/chat.php
with an interactive relay script that will ensure the user is logged in before sending them directly to Slack’s SAML authentication endpoint:<?php Emergence\Slack\Connector::handleLaunchRequest();
-
Override
php-config/Laddr.config.d/chat.php
to make all chat links rendered within the site pass the user through our custom/chat
script rather than linking directly to Slack:<?php Laddr::$chatLinker = function($channel = null) { $url = '/chat'; if ($channel) { $url .= '?channel=' . urlencode($channel); } return $url; };