Apps are third-party services that have been granted permission to connect to your Slack workspace. Each app has a unique set of permissions that tell you what information the app can access in Slack and how it can use that information. Use this guide to understand app permissions and how to evaluate them.
App permissions overview
An app’s permission scopes depend on the kinds of things it’s supposed to do. Generally, apps can do three things in Slack:
For example, let’s say you’ve installed two different apps to your workspace. The first is a calendar app – such asGoogle Calendar – that helps your team manage their calendars and respond to meeting invitations in Slack. The app may have access to your channels, member profiles and messages to make sure meeting updates and event notifications end up in the right place.
The second is the Twitter app which helps you stay on top of your company’s social activity by channelling notifications from Twitter into Slack. This app only has the ability to post messages to channels you’ve specified.
Evaluate app permissions
There are two things you should consider when evaluating an app’s permissions:
What information it will have access to in Slack, such as member profiles, channel names, messages and files.
What an app can do with the information it can access, such as post messages, modify content and create channels.
If an app is already installed to your workspace, search for it in the App Directory to see details about who installed it and what information the app can access.
When you install an app or approve an app installation, you’ll see a full list of permissions the app is requesting and grant the app permission to view information and take actions in your workspace.
Apps can take actions on behalf of a user or on behalf of the app. For example, an app may request permission to access messages in channels a user belongs to or post messages on their behalf. Apps can also take actions independently of users, such as adding slash commands or posting messages as the app.
Some apps create bot users in Slack. Bots can have access to the same information as workspace members and may be able to take the same actions members can. If an app you’re installing requests the bot scope, that means it’s an older app and its bot may have access to a wide range of actions and information in Slack.
Newer apps will request a narrower set of scopes that allow bots access to specific actions and information which you can review during installation – regardless of whether an app has updated its bot user or not.
View access types
Access types help you understand the kind of information an app can view in Slack. Workspace owners and admins can use a filter in the Slack App Directory to see this information: