Skip to main content

Slack TOTP integration

To improve security while accessing Slack™, users should utilize Multi-Factor Authentication (MFA). MFA adds an extra layer around the traditional username and password login, thus preventing unwanted access by threat actors to your Slack instance. With Arculix™ MFA, adding that extra layer, in this case the Time-Based One-Time Password (TOTP), is simple and cost-effective.

This guide walks you through the following steps to integrate Slack TOTP with Arculix:

  1. Configure the Slack instance to use MFA.

  2. Scan a QR code generated by Slack with the Arculix Mobile Application.

  3. Log in to Slack using MFA.

Prerequisites

  • User account with administrative privileges for the Slack panel.

Configure MFA plugin

  1. Log in to your Slack dashboard. Navigate to your account icon and click Settings and administration > Workspace settings.

    slack_workspace_settings.png
  2. Select the Authentication tab and click Expand. Then click Activate.

    slack_settings.png
  3. Click the Configure two-factor authentication link.

    slack_2fa_config.png
  4. Click Use an app and then scan the QR code with the Arculix Mobile app.

    slack_receive_code.png
    slack_qr_setup.png
  5. You can optionally add a backup phone. Enter the verification code sent to your mobile phone.

    slack_backup_number.png

Test your application integration

  1. Log in with username and password.

    On the next screen, enter the one time passcode generated inside the Arculix Mobile app.

    slack_enter_code.png
  2. You will be redirected to the Slack dashboard.

    slack_workspace.png

Support

If you have questions or need assistance, contact SecureAuth Support.

Sales

Want to learn more about our MFA solutions? Contact our Professional Services for a demo today.

Disclaimer

All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product, and service names used in this document are for identification purposes only. The use of these names, trademarks, and brands do not constitute an endorsement by the SecureAuth Corporation.