[reactordev]

Negative, that comes from Azure AD, or Cognito, or Keycloak, or whatever.

The users name, email, phone, location, avatar pic, department, etc all comes over in the SAML payload.

[bigyikes]

This is not correct in general. My job uses SSO and I can change my Slack name.

[foobarian]

In our case we can not change the Slack display name, but we can change the @ handle. Pretty good compromise IMO.

[reactordev]

It is correct, your company just messed up somewhere...

[newdee]

Eh, that’s a matter of opinion on policy. Technically (at least with Slack) it is possible to require SSO for users and control over which profile attributes they can change themselves, including display name. Although they may get clobbered at login as part of reading the SAML doc.

[reactordev]

Just because you can, doesn’t mean you should - and in fact is a security hole if you do. We don’t allow security holes where I work so all attributes are copied over and nothing can be changed. No hidden employees. No unknown guests.