In order to have a successful Team, you'll need to have members inside of it! The core of a Q&A begins with people who contribute to it, after all. We provide up to three different methods of authentication, both to ensure that only the people you want to have access to your Team will have it, but also to provide a smooth and comfortable join process for those users.
|Single sign-on||This is the safest and most efficient option for members to join and login to your team. It is only available on the Business tier, and we highly recommend using it instead of other options.|
|Email domain + manual invitation||Anyone with your organization's verified email domain will be able to join. You can hand out a link to your Team for everyone to join on their own, or send out invitations manually.|
|Manual invitation||All new users must be manually invited by an admin.|
You can select which method of authentication you would like to use by visiting the Authentication page under Settings then Access. Read more about the authentication types below.
For our most secure authentication option, we offer Single Sign-On as an authentication system. This will allow you to utilize an existing login system that you already use within your organization, such as Google Apps, Azure AD, or Okta. By utilizing SSO, it provides higher security by locking the Team to a system you already have complete control over. Furthermore, your users will only need to use their already-familiar login processes to gain access, without the extra hassle of setting up brand new accounts on Stack Overflow.
For more information about single sign-on and how to set it up, visit the Single sign-on folder and choose the system you are using.
Automatic joining via email domain
You can configure automatic joining by email domain, so that users can join easily so long as they belong to a verified email domain of your choice. This is ideal for corporate or academic environments, as well as any other context where you can expect your Team members to share the same email domain. This system avoids having to send invitations individually to all users, allowing it to scale both in large team sizes as well as if the users are expected to change over time. On the user side, it also speeds things up, as they will not need to wait for an invitation and can obtain access on their own simply by trying to access the Team URL.
What is my Team URL?
You can find your Team URL by clicking on Display under Settings. It is the last item displayed on that page, as a URL that can easily be copied. Provide it to your teammates for easily accessing the team once your email domains are verified.
View screenshot Any admin can manage the available domains for your Team by visiting Authentication under Settings. If the current authentication method is set to manual invitation, then the authentication will need to be changed to email domain.
If no domain has been set yet, you can verify an email domain by entering an email address in the text field provided. This will send a confirmation link to that email address, which will add the domain of that email to your Team as a verified domain. Once at least one verified domain has been set via this method, users will be able to create accounts and join your Team by simply accessing the Team URL while logged into or creating an account tied to that email domain.
Multiple domains can be added to a Team, such as if multiple partnered groups are using the same space. This list of domains is accessible at the bottom of the same page, and allows you to view any pending domains that you've sent, as well as remove any domain if the need should arise. If you haven't received the confirmation email yet, you can also resend it from this list.
Email domain settings
Manual invitation is a useful tool if you have users who are not on your organization's domain but still need access, or if your team is organized around a group that does not have a shared email domain. As an admin is required to send invites, you can grant access to individuals for your Team without leaving the door wide open to anyone and everyone. Invites work even if you have an email domain enabled as an authentication option, though this is not available if single sign-on is enabled.
View screenshot To send an invite to a user, an admin of the Team can visit the Users page under Settings and then click on Invite in the top right. A box will appear where you can enter the email addresses of all users to be invited. Note that if your authentication settings include email auto-join, there will be an extra prompt when sending emails to users outside of your approved domains, just as an advisory.
Send an invitation
Once you've sent an invite, each recipient will receive an invite link by email that they can use to gain access to your Team. The user can choose between using their own existing Stack Overflow account, or creating a new account, as needed. Once the account is confirmed in either way, they will be granted access as an active user of your Team.
View screenshot You can review the status of your invites by clicking on Pending in the sort options at the top of the list. Here, you can review when invites were sent, and also perform additional actions by hovering over their Member status in the rightmost column. If the email was entered incorrectly, you can prematurely cancel the invitation. Or if the user hasn't receive the invitation email, you can resend it to the user.
Manage pending invitations
Not receiving confirmation email
If you're having trouble finding your confirmation email, please check your spam folders to make sure it didn't end up there. The available admin tools also allow for resending a confirmation email for domain verification and individual user invitations.
If you're still experiencing issues with the confirmation email never coming through or links missing from the emails, you may need to contact your IT department to ensure emails are not being blocked. Please review the technical requirements for information on the domains we use for email communications and ensure that they are unblocked and trusted.