Applies to Free, Basic, Business
⬢ Only Team Admins can utilize the features discussed in this solution.
To have a successful Team, you'll need to have members inside of it! The core of a Q&A begins with people who contribute to it, after all. We provide up to three different authentication methods to ensure that only the people you want to have access to your Team will have it and give a smooth and comfortable join process for those users.
Single sign-on: This is the safest and most efficient option for members to join and log in to your team. It is only available on the Basic and Business tiers, and we highly recommend using it instead of other options.
Email domain + manual invitation: Anyone with your organization's verified email domain will be able to join. You can hand out a link to your Team for everyone to join independently or send out invitations manually.
Manual invitation: All new users must be manually invited by an admin.
You can select which method of authentication you would like to use by visiting the Authentication page under Admin Settings. Read more about the authentication types below.
⬢ This information only applies to Stack Overflow for Teams, Basic and Business tiers.
For our most secure authentication option, we offer Single Sign-On as an authentication system. This will allow you to utilize an existing identity provider that you already use within your organization, such as Google Apps, ADSF, Azure AD, Okta, or OneLogin. Utilizing SSO will provide higher security by locking the Team to a system you already have complete control over.
To gain access, a user must have an active Stack Overflow account that will match the Single-Sign-On authentication set up with the Stack Overflow for Teams instance and Identity Provider.
For more information about single sign-on and how to set it up, visit the Single sign-on page and choose the provider you are using.
Automatic joining via email domain
You can configure automatic joining by email domain so that users can join easily so long as they belong to a verified email domain of your choice. This is ideal for corporate or academic environments and any other context where you can expect your Team members to share the same email domain. This system avoids having to send invitations individually to all users, allowing it to scale both in large team sizes and if the users are expected to change over time. On the user side, it also speeds things up, as they will not need to wait for an invitation and can obtain access on their own simply by trying to access the Team URL.
What is my Team URL?
You can find your Team URL by clicking on Appearance under Admin Settings. It is the last item displayed on that page, as a URL that can easily be copied. Provide it to your teammates for easy access to your team once the email domains are verified.
Any Teams Admin can manage the available domains for your Team by visiting Authentication under Admin Settings. If the current authentication method is set to manual invitation, then the authentication will need to be changed to email domain.
If no domain has been set yet, you can verify an email domain by entering an email address in the text field provided. This will send a confirmation link to that email address, which will add the domain of that email to your Team as a verified domain. Once at least one verified domain has been set via this method, users will be able to create accounts and join your Team by simply accessing the Team URL while logged into or creating an account tied to that email domain.
Multiple domains can be added to a Team, such as if multiple partnered groups use the same space. This list of domains is accessible at the bottom of the same page and allows you to view any pending domains that you've sent, as well as remove any domain if the need should arise. If you haven't received the confirmation email yet, you can also resend it from this list.
Manual invitation is a useful tool if you have users who are not on your organization's domain but still need access, or if your team is organized around a group that does not have a shared email domain. As an admin is required to send invites, you can grant access to individuals for your Team without leaving the door wide open to anyone and everyone. Invites work even if you have an email domain enabled as an authentication option, though this is not available if single sign-on is enabled.
To send an invite to a user, an admin of the Team can visit the Users page under Settings and then click on Invite in the top right. A box will appear where you can enter the email addresses of all users to be invited. Note that if your authentication settings include email auto-join, there will be an extra prompt when sending emails to users outside of your approved domains, just as an advisory.
Once you've sent an invite, each recipient will receive an invite link by email that they can use to gain access to your Team. The user can choose between using their own existing Stack Overflow account, or creating a new account, as needed. Once the account is confirmed in either way, they will be granted access as an active user of your Team.
You can review the status of your invites by clicking on Pending in the sort options at the top of the list. Here, you can review when invites were sent, and also perform additional actions by hovering over their Member status in the rightmost column. If the email was entered incorrectly, you can prematurely cancel the invitation. Or if the user hasn't receive the invitation email, you can resend it to the user.
Not receiving confirmation email
If you're having trouble finding your confirmation email, please check your spam folders to make sure it didn't end up there. The available admin tools also allow for resending a confirmation email for domain verification and individual user invitations.
If you're still experiencing issues with the confirmation email never coming through or links missing from the emails, you may need to contact your IT department to ensure emails are not being blocked. Please review the technical requirements for information on the domains we use for email communications and ensure that they are unblocked and trusted.