In order to have a successful Team, you'll need to have members inside of it! The core of a Q&A begins with people who contribute to it, after all. We provide up to 3 different methods of authentication, both to ensure that only the people you want to have access to your Team will have it, but also to provide a smooth and comfortable join process for those users. So what are the options you have?
Managing Email Auto-Join
You can configure a Team with Auto-Join, so that users can join that Team automatically as long as they belong to a verified email domain of your choice. This is ideal for corporate or academic environments, as well as any other context where you can expect your Team members to share the same email domain. This system allows you to not have to send invites individually to all users, allowing it to scale both in large Team sizes as well as if the users are expected to change over time. On the user side, it also speeds things up, as they will not need to wait for an invite and can obtain access on their own simply by trying to access the Team's URL.
To manage the domains, an Admin of the Team can use the left hand navigation to head to 'Settings' -> 'Authentication'. If the current authentication method is on Invite Only, then the authentication will need to be changed to Email
and Invite, as shown below:
If no domain has been set yet, you can verify an email domain by entering an email address in the text field provided below the section. This will send a confirmation link to that address, which when used will add the domain of that email to your Team as a verified domain. Once at least one verified domain has been set in this method, users will then be able to create accounts and join your Team by simply accessing the Team URL while logged into or creating an account tied to that email.
Multiple domains can be added to a Team, such as if multiple partnered groups are using the same space. This list of domains is accessible at the bottom of the same page, and allows you to also view any pending domains that you've sent, as well as remove any domain if the need should arise.
Inviting Users to the Team Individually
Unlike other authentication options, invites will work no matter what the user's email address is. Whether this is because your Team is organized around a group that does not have a shared email domain, or perhaps you need a user from outside of your organization to join the Team, invites will allow anyone access in a controlled fashion. As an Admin is required to send invites, this allows you to grant access to individuals for your Team without leaving the door wide open to anyone and everyone. Invites work even if you have Email Auto-Join enabled as a system, though this is not available if Single Sign-On is enabled.
To send an invite to a user, an Admin of the Team can use the left hand navigation to head to 'Settings' -> 'Manage users'. There, they can click the 'Invite' button located in the top right corner to pop up a text field like below:
Enter the email of the user you'd like to invite, and it'll be sent off - the field even allows for multiple emails at once, if there are multiple users you need to invite at once. Note that if your authentication settings include Email Auto-Join, there will be an extra prompt when sending emails to users outside of your approved domain, just as an advisory.
Once you've sent an invite, the recipient will receive an invite link by email that they can use to gain access to your Team. The user can choose between using their own existing Stack Overflow account, or creating a new account, as needed. Once the account is confirmed in either way, they will then be granted access as an active user of your Team.
You can review the status of your invites currently by checking the "Pending" tab on the table of users on the same page. Here, you can review when invites were sent, and also perform additional actions by hovering over their Member status on the rightmost column. Did a user claim that they did not receive the invite? You can send them a new invite from there. Did you accidentally input an email incorrectly? You can remove the invitation prematurely, preventing that invitation from working and allowing an unintended user to hop into your Team.
Using Single Sign-On (SSO)
Note: Single Sign On as an authentication is only available to Stack Overflow For Business and Stack Overflow Enterprise customers. The Stack Overflow For Teams Basic plan does not offer this functionality.
For our most secure authentication option, we offer Single Sign-On as an authentication system. This will allow you to utilize an existing login system that you already use within your organization, such as Google Apps, Azure AD, or Okta. By utilizing SSO, it provides higher security by locking the Team to a system you already have complete control over. Furthermore, your users will only need to use their already-familiar login processes to gain access, without the extra hassle of setting up brand new accounts on Stack Overflow.
For more information about Single Sign-On and how to set it up, check out this section of our Help Center: Stack Overflow For Business - Single Sign On