Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Slack

This documentation for the Slack integration describes the technical capabilities of this integration, including authorization, scopes/permissions, and utilized endpoints. For more information on how to integrate Slack, visit our connection instructions.

Version

This integration utilizes the Slack Web API.

Base URL

The base URL used for all Slack API endpoints:
https://slack.com/api

Authentication & Authorization

The DataGrail Slack integration connects using OAuth 2.0.

Scopes

The Slack integration requires specific scopes that must be granted in order to function for a given capability.

ScopeAccessSystem Detection
search:read
channels:history
channels:read
team:read
users:read
users:read.email
app_mentions:read
admin.apps:read

Endpoints Utilized

DataGrail uses the following endpoints to authorize and test the connection:

MethodEndpointPurposeDocs
GET/auth.teams.listList workspaces that the token can access
POST/auth.testValidate credentials
POST/oauth.v2.accessGet and refresh access token
GET/oauth/v2/authorizeRequest authorization

Limits

Limits in Slack are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket.

  • DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.
  • DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Capabilities

Access

DataGrail's Slack integration provides Synchronous Access capabilities for the following supported identifier category: Email.

Data Interactions

For Access requests, DataGrail will take the following actions:

  1. Search for users by the data subject email address, if both scopes users:read and users:read.email are present.
  2. If the scopes are present and a match is found, DataGrail will fetch available workspaces and search for messages and files containing the data subject email and user ID.
  3. If users:read and users:read.email are not present, DataGrail will search available workspaces and public channels for messages and files containing the data subject email, filtering out false positives.

Endpoints Utilized

MethodEndpointPurposeDocs
GET/auth.teams.listList available workspaces
POST/conversations.listFetch the public channels list
POST/search.allSearch for messages and files containing the data subject email
GET/users.lookupByEmailSearch user by email

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

Data Interactions

DataGrail's System Detection process runs once daily and performs the following actions:

  • Read apps and app requests in available Slack workspaces to detect new systems added.
Enterprise Grid

System Detection functionality is accessible only in Enterprise Grid mode.

Endpoints Utilized

MethodEndpointPurposeDocs
POST/admin.apps.approved.listRead app and app requests in the Slack workspace

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.