Data Connection: Slack

Transcend allows you to programmatically retrieve and redact user data in Slack in accordance with data privacy regulations like GDPR and CCPA.

  • Transcend requires Discovery scopes to use Slack's Discovery API, which allows Transcend—within your secure Sombra gateway—to examine every message sent within a Slack instance. We do this to build a comprehensive, encrypted dictionary that maps where personal data is located within your Slack instance.
  • When new DSRs come in, we use that dictionary to find the messages containing personal data.
  • Finally, the Discovery API grants Transcend the ability to tombstone messages that contain personal data. Tombstone is a Slack native feature that hides messages or files. When Transcend tombstones a message, we redact the message, preserving the message text except for any relevant personal identifiers. You can read more about Slack’s Tombstoning on their website, here.

An example of a message from the Slack chatbot, notifying a user that a Tombstone has occurred in a message between them and another individual or other individuals.

What the Tombstoned message looks like -a Direct Message that has been tombstoned.

Transcend can connect directly to your Slack organization in a few clicks. Follow the below steps to connect Slack to your Integrations:

  1. Locate your Slack instance's Org Owner. Note: This is the only person who can connect the integration since only Org Owners can approve the use of Discovery scopes required for the functionality of this integration.
  2. Before attempting to connect Slack, you must first enable Discovery scopes for your Slack org. The Org Owner you found in Step 1 must email exports@slack.com and request that Discovery scopes be enabled. If you're the Org Owner, follow this link for a convenient pre-generated email: Org Owner Email.
  3. Slack is unique in that it requires two OAuth loops. The first enables Transcend to use Discovery API routes to index and redact personal data within your Slack org. If you're the Org Owner (no other admin will suffice), proceed through the first OAuth loop by clicking "Connect". After successful authentication, you'll be redirected to the second step of the OAuth flow.
  4. The second OAuth loop creates a bot token. Once again, click "Connect" to initiate the second OAuth loop. This time, when you reach Slack’s OAuth page, notice the dropdown at the top right. This dropdown lists all workspaces you, the Org Owner, are a member of (both internal and external). Choose any workspace you’d like, so long as it resides within your org - the bot can “live” in any arbitrary workspace within your org. We use this bot to DM users within your Slack org whenever a message is tombstone-redacted. This is required by Slack, and it’s also a great way to keep your employees fully informed of any changes made to their messages. If a message written by an employee is tombstone-redacted, that employee will immediately receive a DM from Transcend that links directly to the newly redacted message.

Once connected, you can configure integration settings from your Integrations.

If you have trouble connecting the Slack integration, contact us at support@transcend.io.

To remove the Slack integration from your Integrations, navigate to your Integrations, and click into Slack. At the bottom of the screen, expand "Remove Slack". Click Remove Silo. You'll be prompted to confirm that you'd like to remove the integration, click Ok. Confirm the integration has been removed by navigating back to your Integrations.