Product Backlog Item 885859: SaaS App Tutorial: Slack Update

v-nagta · v-nagta · commit fe72a194a664 · 2019-12-27T14:53:26.000+05:30
diff --git a/articles/active-directory/saas-apps/slack-tutorial.md b/articles/active-directory/saas-apps/slack-tutorial.md
@@ -12,9 +12,8 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.tgt_pltfrm: na
-ms.devlang: na
 ms.topic: tutorial
-ms.date: 08/23/2019
+ms.date: 12/23/2019
 ms.author: jeedes
 
 ms.collection: M365-identity-device-management
@@ -42,7 +41,8 @@ To get started, you need the following items:
 In this tutorial, you configure and test Azure AD SSO in a test environment.
 
 * Slack supports **SP** initiated SSO
-* Slack supports [**Automated** user provisioning and deprovisioning](slack-provisioning-tutorial.md) (recommended)
+* Slack supports **Just In Time** user provisioning
+* Slack supports [**Automated** user provisioning](https://docs.microsoft.com/en-gb/azure/active-directory/saas-apps/slack-provisioning-tutorial)
 
 > [!NOTE]
 > Identifier of this application is a fixed string value so only one instance can be configured in one tenant.
@@ -65,10 +65,10 @@ Configure and test Azure AD SSO with Slack using a test user called **B.Simon**.
 To configure and test Azure AD SSO with Slack, complete the following building blocks:
 
 1. **[Configure Azure AD SSO](#configure-azure-ad-sso)** - to enable your users to use this feature.
-	1. **[Create an Azure AD test user](#create-an-azure-ad-test-user)** - to test Azure AD single sign-on with B.Simon.
-	1. **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** - to enable B.Simon to use Azure AD single sign-on.
+	* **[Create an Azure AD test user](#create-an-azure-ad-test-user)** - to test Azure AD single sign-on with B.Simon.
+	* **[Assign the Azure AD test user](#assign-the-azure-ad-test-user)** - to enable B.Simon to use Azure AD single sign-on.
 1. **[Configure Slack SSO](#configure-slack-sso)** - to configure the single sign-on settings on application side.
-	1. **[Create Slack test user](#create-slack-test-user)** - to have a counterpart of B.Simon in Slack that is linked to the Azure AD representation of user.
+	* **[Create Slack test user](#create-slack-test-user)** - to have a counterpart of B.Simon in Slack that is linked to the Azure AD representation of user.
 1. **[Test SSO](#test-sso)** - to verify whether the configuration works.
 
 ### Configure Azure AD SSO
@@ -84,14 +84,18 @@ Follow these steps to enable Azure AD SSO in the Azure portal.
 1. On the **Basic SAML Configuration** section, enter the values for the following fields:
 
 	a. In the **Sign on URL** text box, type a URL using the following pattern:
-    `https://<your Slack company>.slack.com`
+    `https://<companyname>.slack.com`
 
     b. In the **Identifier (Entity ID)** text box, type a URL:
     `https://slack.com`
 
 	> [!NOTE]
 	> The Sign on URL value is not real. Update the value with the actual Sign on URL. Contact [Slack Client support team](https://slack.com/help/contact) to get the value. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
+1. Slack application expects the SAML assertions in a specific format, which requires you to add custom attribute mappings to your SAML token attributes configuration. The following screenshot shows the list of default attributes, where as **Unique User Identifier** is mapped with **user.userprincipalname**. ScaleX Enterprise application expects **Unique User Identifier** to be mapped with **user.mail**, so you need to edit the attribute mapping by clicking on **Edit** icon and change the attribute mapping.
+
+	![image](common/edit-attribute.png)
+
 1. On the **Set up single sign-on with SAML** page, in the **SAML Signing Certificate** section,  find **Certificate (Base64)** and select **Download** to download the certificate and save it on your computer.
 
 	![The Certificate download link](common/certificatebase64.png)
@@ -134,7 +138,7 @@ In this section, you'll enable B.Simon to use Azure single sign-on by granting a
 
 1. In a different web browser window, sign in to your Slack company site as an administrator.
 
-2. Navigate to your slack company name on the left which, in our case has been setup as **Microsoft Azure AD** and then go to **Team Settings** as shown in the following screenshot.
+2. Navigate to **Microsoft Azure AD** then go to **Team Settings**.
 
      ![Configure single sign-on On App Side](./media/slack-tutorial/tutorial_slack_001.png)
 
@@ -180,4 +184,4 @@ When you click the Slack tile in the Access Panel, you should be automatically s
 
 - [What is conditional access in Azure Active Directory?](https://docs.microsoft.com/azure/active-directory/conditional-access/overview)
 
-- [Try Slack with Azure AD](https://aad.portal.azure.com/)
+- [Try Slack with Azure AD](https://aad.portal.azure.com/)
