A guide to Slack's Discovery APIs
Occasionally, Slack Customers may need or be required by law to export messages and files from a workspace. Potential scenarios include issues related to human resources, legal, or finance, for example. On the Enterprise Grid plan, Org Owners can export data using Slack’s Discovery API.
How it works
Many customers enlist a third-party eDiscovery or Data Loss Prevention (DLP) partner to house all of their cloud solution software. Our Discovery API connects Slack Enterprise Grid organizations to a customer’s partner of choice.
Our Discovery API lets Org Owners on the Enterprise Grid plan use approved third-party apps to export or act on messages and files from Slack. The Primary Org Owner or an Org Owner can request to enable the Discovery API. Once enabled, it will be accessible to all Org Owners.
There are two types of third-party partner apps, depending on your needs:
eDiscovery apps pull messages and files from Slack, and store the information in third-party data warehouses. From the data warehouses, messages and files can be searched, archived, or retrieved.
- Data Loss Prevention (DLP)
DLP apps ensure confidential information (like credit card and social security numbers) isn’t shared outside of Slack by scanning for content within messages and files that break predefined policies.
Step 1: Evaluate your needs
Whether you decide to use an eDiscovery or DLP tool will depend on the needs of your organization. Here are some scenarios to help you select the right solution to use in partnership with the Discovery API:
Customers may use eDiscovery for one-off civil or criminal legal cases, or to replicate and keep a record of all message and file data for compliance purposes. Here's an overview of how eDiscovery apps work:
- They typically have read-only access to Slack message and file data
- Data can't be quarantined, removed, or tagged within Slack
- Data is captured and archived within a data warehouse
Note: Archiving does not disrupt or impact how members interact with a workspace.
By detecting and removing potential threats, DLP third-party tools allow you to secure your data from within. DLP apps can do the following:
- Have read and write access in Slack
- Ensure confidential information (like social security numbers) isn't shared within your Slack workspaces
- Allow authorized personnel to manage workspace activity and enforce predefined policies on messages and files shared in Slack
- Allow quarantined messages and files to be reviewed or removed
Step 2: Choose a partner
Many enterprises want a one-stop shop to house all of their cloud solutions. Slack works with a number of third-party eDiscovery and DLP partners. Here's a list of our current third-party partners to choose from:
- Connected Capture On-Prem by Smarsh
- Global Relay
- Bloomberg Vault
- 17a-4 DataParser
- McAfee VISION Cloud
(Skyhigh for Slack)
- Palo Alto Networks
- SafeGuard Cyber
- Nightfall (formerly Watchtower)
Step 3: Data access and format
The Discovery API allows Org Owners to export messages and files (PDFs, JPGs, etc.) from any workspace within an Enterprise Grid organization. An export will include data starting from the date a workspace was created until present time.
Data exported via the Discovery API comes in JSON format. If a different format is required, the Discovery API can be connected to a third-party eDiscovery or DLP app.
Have questions or need more information? Get in touch with your Account Executive or send our Support team a note.
- The Primary Org Owner and Org Owners.
- The Enterprise Grid plan.