What is the Slack Marketplace?
The Slack Marketplace is where you can find apps that integrate the tools you already know and love into Slack. All apps available in the Slack Marketplace have been reviewed and approved by the Slack Marketplace team. If you are planning to use an app built by a third-party developer we strongly recommend using one that has been approved for listing in the Slack Marketplace. Please exercise caution when using any third-party app that has not been approved for the Slack Marketplace.
What does Slack review when a new app is submitted to the Slack Marketplace?
All apps that submit for listing in the Slack Marketplace undergo a review by the Slack Marketplace team to check compliance with our guidelines and policies. During the review, our team:
- Reviews the app’s use case is suitable for the Slack Marketplace
- Reviews listing information, accompanying documentation and links to related pages to ensure their accuracy/functionality.
- Installs the app and tests functionality to ensure the app functions as described and provides a good user experience.
- Tests an app’s endpoints for TLS and request signing verification (used by apps to validate requests they receive are coming from Slack).
- Reviews the data access requested is only what is required for the app to function.
Please note: while we do our best to guarantee the security of our platform, we carry out only a moment-in-time review and do not perform a code review.
What happens once an app is approved for the Slack Marketplace?
Once an app has been approved for listing and published to the Slack Marketplace, the app’s configuration (e.g. scopes, endpoints, listing data) cannot be updated by a developer without resubmitting to the Slack Marketplace team and having the changes reviewed and tested. The changes are only applied after the review is completed and the changes approved. In addition to reviewing changes, we also conduct regular audits to ensure that apps remain compliant with our requirements and guidelines.
In some instances, additional testing, including penetration testing, is carried out at Slack's discretion. Reports from that testing are shared only with the developer of the app.
Where can I find information about an app's security and privacy practices?
Every app that is approved for the Slack Marketplace provides security & compliance information available in the ‘Security & compliance’ tab on their app listing. This details policies relating to data handling, certifications held, as well as how to report security issues. Developers submit this information as part of the app review and self-certify that it is accurate and truthful.
This information is useful for understanding an app/service's security set-up and how it aligns with yours. We always recommend getting in touch with the developers directly if you want to know more. You can find their contact information on their Slack Marketplace listing page.
How can I best manage the apps used in my workspace?
Slack provides several tools to help you manage your company’s usage of apps. You can find out more here.
One last thing
Please note that the review is a snapshot in time of the app functionality. If you encounter any apps listed in the Slack Marketplace that are not functioning as expected or which may be breaking our terms of service, please contact us at feedback@slack.com.
Nice one!
Thanks a lot for your feedback!
Got it!
Thanks for your feedback.
Whoops! We’re having some problems. Please try again later.