Integrating Slack with Authomize
Slack can be integrated with Authomize to help manage authorization within Slack. After integration, Authomize provides visibility into Slack so that Slack can be incorporated in access reviews (for compliance purposes and better security).
Slack integration workflow
- Go to Settings/Data Sources and check to see if Slack was already installed. If not, click Add New App.
- Click Slack
- In the Integrate Slack dialog click Install Slack App.
- In the Authomize (Integration) dialog click Allow.
- You can integrate one Slack workspace, so if you have several workspaces, be sure to pick the right one. You can pick it from the drop-down menu on the top-right corner.
- Click Create in the Integrate Slack window.
- When done, Authomize.com opens in another tab in your browser.
- To complete the integration, go to the browser tab with the Authomize app, enter the “owner” of Slack and click Create.
- When Slack is integrated you will see that it has become part of the Connected Apps list.
Optionally adding Authomize to a private Slack channel
To be able to incorporate data about a private Slack channel, Authomize must be added to that channel.
This is optional. To do that, select the channel in Slack, click the + button at the bottom of a message dialog, and type “add”. When presented with a number of options, pick the Add apps to this channel option from the list.
Once Authomize is added to the channel, it will appear in the Apps section of the Slack menu.
What data is collected
- user accounts (must have emails)
- groups (can contain internal employees and external users)
- public channels
- user accounts of that channel
- private channels (Authomize cannot access private channels unless it is added to the private channel)
- no information is gathered unless Authomize was added to the channel
- user accounts of that channel (only when Authomize was added to channel as described above)
- file metadata of shared files in groups (not private DMs)
- Note: Authomize does not read or collect information about messages
- private channels cannot be seen or accessed unless Authomize is added to that channel
- each Slack workspace must be integrated independently
- direct messages (DMs) are not supported (so no data is collected)
- Authomize does not collect data about Slack users’ Multi-Factor Authentication as that would require Authomize to have Slack API admin privileges (which Authomize does not have).