A guide to Slack’s Discovery APIs
Occasionally, Slack customers may need or be required by law to export messages and files from a workspace. Potential scenarios include issues related to human resources, legal or finance, for example. On the Enterprise Grid subscription, org owners can export data using Slack’s Discovery API.
How it works
Many customers enlist a third-party e-discovery or data loss prevention (DLP) partner to house all of their cloud solution software. Our Discovery API connects Slack Enterprise Grid organisations to a customer’s partner of choice.
Our Discovery API lets org owners on the Enterprise Grid subscription use approved third-party apps to export or act on messages and files from Slack. The primary org owner or an org owner can request to enable the Discovery API. Once enabled, it will be accessible to all org owners.
There are two types of third-party partner apps, depending on your needs:
E-discovery apps pull messages and files from Slack and store the information in third-party data warehouses. From the data warehouses, messages and files can be searched, archived or retrieved.
- Data loss prevention (DLP)
DLP apps ensure that confidential information (like credit card and social security numbers) isn’t shared outside of Slack by scanning for content within messages and files that break predefined policies.
Step 1: Evaluate your needs
Whether you decide to use an e-discovery or DLP tool will depend on the needs of your organisation. Here are some scenarios to help you select the right solution to use in partnership with the Discovery API:
Customers may use e-discovery for one-off civil or criminal legal cases, or to replicate and keep a record of all message and file data for compliance purposes. Here's an overview of how e-discovery apps work:
- They typically have read-only access to Slack message and file data
- Data can’t be quarantined, removed or tagged within Slack
- Data is captured and archived within a data warehouse
Note: Archiving does not disrupt or impact how members interact with a workspace.
By detecting and removing potential threats, DLP third-party tools allow you to secure your data from within. DLP apps can do the following:
- Have read and write access in Slack
- Ensure that confidential information (such as national insurance/personal ID numbers) isn’t shared within your Slack workspaces
- Allow authorised personnel to manage workspace activity and enforce predefined policies on messages and files shared in Slack
- Allow quarantined messages and files to be reviewed or removed
Step 2: Choose a partner
Many enterprises want a one-stop shop to house all of their cloud solutions. Slack works with a number of third-party e-discovery and DLP partners. Here's a list of our current third-party partners to choose from:
- Bloomberg Vault
- Connected Capture On-Prem by Smarsh
- Global Relay
- OpenText EnCase
- Theta Lake
- 17a-4 DataParser
- McAfee VISION Cloud
(Skyhigh for Slack)
- Nightfall (formerly Watchtower)
- Palo Alto Networks
- SafeGuard Cyber
Step 3: Data access and format
The Discovery API allows org owners to export messages and files (PDFs, JPGs, etc.) from any workspace within an Enterprise Grid organisation. An export will include data starting from the date a workspace was created until present time.
Data exported via the Discovery API comes in JSON format. If a different format is required, the Discovery API can be connected to a third-party e-discovery or DLP app.
Have questions or need more information? Get in touch with your account executive or send our Support team a note.
- The primary org owner and org owners.
- Available on the Enterprise Grid subscription