Slack

the slack connector allows seamless integration of swimlane turbine with slack's communication platform, enabling automated interactions and workflows within slack channels and conversations slack is a powerful communication platform that allows teams to collaborate effectively in real time the slack turbine connector enables users to automate a variety of slack interactions, such as sending messages, managing channels, and retrieving user information by integrating with swimlane turbine, security teams can streamline incident response communications, coordinate actions across channels, and enhance situational awareness without leaving the security automation workflow prerequisites to effectively utilize the slack connector with swimlane turbine, ensure you have the following prerequisites api key authentication url the base url for slack api requests api key your unique slack api token for authentication http bearer authentication url the base url for slack api requests token a bearer token such as a jwt for secure access capabilities the slack connector has the following capabilities create, archive, and retrieve history of conversations get message permalink invite and remove users from a conversation retrieve current users in a conversation send broadcast messages lookup by email asset setup the asset for this connector requires the following inputs api token bot or user token to set up a slack bot oauth api with the appropriate permissions follow these steps go to the slack api website https //api slack com/ https //api slack com/ click on "your apps" in the top right corner and then click on "create new app " provide a name for your app and select the slack workspace where you want to install the app once the app is created, you'll be redirected to the app's settings page from the app's settings page, navigate to "oauth & permissions" under the "scopes" section for "bot token scopes", add the necessary scopes for the api calls chat✍️ this scope allows your app to send messages to channels and conversations channels🏛️ this scope grants access to conversation history in public channels channels🈴 this scope allows your app to invite users to public channels channels\ manage this scope grants the ability to manage public channels, including archiving, inviting, and kicking users channels📕 this scope provides access to channel and conversation information chat \ write customize this scope allows your app to customize messages with blocks and attachments groups✍️ this scope allows your app to create new channels groups🏛️ this scope grants access to conversation history in private channels groups📕 this scope provides access to private channel information im🏛️ this scope grants access to conversation history in direct messages mpim🏛️ this scope allows your app to view messages and other content in group direct messages that your slack app has been added to im📕 this scope provides access to direct message channel information users📕 this scope allows your app to retrieve user information and so on install the app to your workspace in the app's settings page, go to "oauth & permissions" scroll down to the "oauth tokens for your workspace" section and click on the "install app to workspace" button authorize the app to access your slack workspace by following the prompts obtain your access tokens after installing the app, you'll be provided with access tokens such as "bot user oauth access token" notes slack api documentation or methods link https //api slack com/methods see the following topics for more about user and bot oauth tokens token types https //api slack com/authentication/token typesscopes https //api slack com/scopesweb api https //api slack com/web this connector was last tested against product version 4 12 0 additional notes for lookup by email action, please set the scope parameter to users \ read email configurations api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host string required token api key string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional http bearer authentication authenticates using bearer token such as a jwt, etc configuration parameters parameter description type required url a url to the target host string required token the api key, token, etc string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions broadcast message sends a specified message to a designated slack channel, identified by its unique channel identifier endpoint url api/chat postmessage/ method post input argument name type required description channel string required the channel to send the message to to use the channel name, use /# title string optional parameter for broadcast message reply broadcast string optional parameter for broadcast message username string optional name of the resource parse string optional parameter for broadcast message link names string optional name of the resource text string optional parameter for broadcast message unfurl links string optional url endpoint for the request unfurl media string optional url endpoint for the request icon url string optional url endpoint for the request icon emoji string optional parameter for broadcast message blocks array optional parameter for broadcast message blocks type string optional type of the resource blocks text object optional parameter for broadcast message blocks text type string optional type of the resource blocks text text string optional parameter for broadcast message blocks fields array optional parameter for broadcast message blocks fields type string optional type of the resource blocks fields text string optional parameter for broadcast message blocks elements array optional parameter for broadcast message blocks elements type string optional type of the resource blocks elements text object optional parameter for broadcast message blocks elements text type string optional type of the resource blocks elements text text string optional parameter for broadcast message blocks elements style string optional parameter for broadcast message input example {"channel" "c04j0u2rumt","blocks" \[{"type" "section","text" {"type" "mrkdwn","text" "soc alert \<https //soc dev services us east 1 aws swimlane io/integration%7cswimlane soc new device request> "}},{"type" "section","fields" \[{"type" "mrkdwn","text" " who \nrene vanzijl\@swimlane com"},{"type" "mrkdwn","text" " what review user activity rene van zijl performed login activity from a rarely observed country (spain)"},{"type" "mrkdwn","text" " when \n2022 08 07t09 06 00z"},{"type" "mrkdwn","text" " why \nuser login activity from a rare country"}]},{"type" "actions","elements" \[{"type" "button","text" {"type" "plain text","emoji"\ true,"text" "authorized activity"},"style" "primary","value" "authorized activity"},{"type" "button","text" {"type" "plain text","text" "unknown"},"style" "danger","value" "unknown"}]}]} output parameter type description headers object http headers for the request reason string response reason phrase status code number http status code of the response channel string output field channel ts string output field ts message object response message message bot id string unique identifier message type string type of the resource message text string response message message user string response message message ts string response message message app id string unique identifier message blocks array response message message blocks type string type of the resource message blocks block id string unique identifier message blocks text object response message message blocks text type string type of the resource message blocks text text string response message message blocks text verbatim boolean response message message blocks fields array response message message blocks fields type string type of the resource message blocks fields text string response message message blocks fields verbatim boolean response message message blocks elements array response message message blocks elements type string type of the resource output example {"channel" "string","ts" "string","message" {"bot id" "string","type" "string","text" "string","user" "string","ts" "string","app id" "string","blocks" \[{}],"team" "string","bot profile" {"id" "12345678 1234 1234 1234 123456789abc","app id" "string","name" "example name","icons" {},"deleted"\ true,"updated" 123,"team id" "string"}}} conversations archive archives a specified slack channel, requiring the 'channel' parameter to identify the target conversation endpoint url api/conversations archive method post input argument name type required description parameters channel string required parameters for the conversations archive action input example {"parameters" {"channel" "c0e7ph2ns"}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok error string error message if any output example {"status code" 200,"response headers" {"date" "fri, 16 dec 2022 15 18 40 gmt","server" "apache","x powered by" "hhvm/4 153 1","access control allow origin" " ","referrer policy" "no referrer","x slack backend" "r","x slack unique id" "y5ymudfht5tyqlxlcmoeoqaaebg","strict transport security" "max age=31536000; includesubdomains; preload","access control allow headers" "slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x ","access control expose headers" "x slack req conversations create initiates a new public or private channel based conversation in slack with the provided name endpoint url api/conversations create method post input argument name type required description parameters name string required parameters for the conversations create action parameters is private boolean optional parameters for the conversations create action input example {"parameters" {"name" "test channel23","is private"\ false}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok channel object output field channel channel id string unique identifier channel name string name of the resource channel is channel boolean output field channel is channel channel is group boolean output field channel is group channel is im boolean output field channel is im channel is mpim boolean output field channel is mpim channel is private boolean output field channel is private channel created number output field channel created channel is archived boolean output field channel is archived channel is general boolean output field channel is general channel unlinked number output field channel unlinked channel name normalized string name of the resource channel is shared boolean output field channel is shared channel is org shared boolean output field channel is org shared channel is pending ext shared boolean output field channel is pending ext shared channel pending shared array output field channel pending shared channel pending shared file name string name of the resource channel pending shared file string output field channel pending shared file channel context team id string unique identifier channel updated number output field channel updated channel parent conversation object output field channel parent conversation output example {"status code" 200,"response headers" {"date" "fri, 16 dec 2022 14 33 36 gmt","server" "apache","x powered by" "hhvm/4 153 1","access control allow origin" " ","referrer policy" "no referrer","x slack backend" "r","x slack unique id" "y5ybwkgib4832autrsyc9gaaac4","strict transport security" "max age=31536000; includesubdomains; preload","access control allow headers" "slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x ","access control expose headers" "x slack req conversations history retrieves message and event history for a specified slack channel using its unique identifier endpoint url api/conversations history method get input argument name type required description parameters channel string required parameters for the conversations history action parameters include all metadata boolean optional parameters for the conversations history action parameters inclusive boolean optional parameters for the conversations history action parameters limit number optional parameters for the conversations history action parameters cursor string optional parameters for the conversations history action input example {"parameters" {"channel" "c0e7ph2ns","include all metadata"\ true,"inclusive"\ true,"limit" 2,"cursor" ""}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok messages array response message messages type string type of the resource messages user string response message messages text string response message messages ts string response message messages attachments array response message messages attachments service name string name of the resource messages attachments text string response message messages attachments fallback string response message messages attachments thumb url string url endpoint for the request messages attachments thumb width number unique identifier messages attachments thumb height number response message messages attachments id number unique identifier has more boolean output field has more pin count number count value response metadata object response data response metadata next cursor string response data output example {"ok"\ true,"messages" \[{"type" "string","user" "string","text" "string","ts" "string","attachments" \[]}],"has more"\ true,"pin count" 123,"response metadata" {"next cursor" "string"}} conversations invite invite users to a slack channel by specifying user identifiers and the channel's id endpoint url api/conversations invite method post input argument name type required description parameters channel string required parameters for the conversations invite action parameters user string optional parameters for the conversations invite action input example {"parameters" {"channel" "c0e7ph2ns","user" "uslackbot"}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok error string error message if any output example {"status code" 200,"response headers" {"date" "fri, 16 dec 2022 15 14 14 gmt","server" "apache","x powered by" "hhvm/4 153 1","access control allow origin" " ","referrer policy" "no referrer","x slack backend" "r","x slack unique id" "y5ylruvnb3xwd5fz yysuqaaeae","strict transport security" "max age=31536000; includesubdomains; preload","access control allow headers" "slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x ","access control expose headers" "x slack req conversations kick removes a user from a slack channel by utilizing the provided channel and user identifiers endpoint url api/conversations kick method post input argument name type required description parameters channel string required parameters for the conversations kick action parameters user string required parameters for the conversations kick action input example {"parameters" {"channel" "c0e7ph2ns","user" "uslackbot"}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok error string error message if any output example {"status code" 200,"response headers" {"date" "fri, 16 dec 2022 14 12 52 gmt","server" "apache","x powered by" "hhvm/4 153 1","access control allow origin" " ","referrer policy" "no referrer","x slack backend" "r","x slack unique id" "y5x85lpf1oi2rixfxsehaaaaeby","strict transport security" "max age=31536000; includesubdomains; preload","access control allow headers" "slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x ","access control expose headers" "x slack req conversations list retrieves all channels within a slack team to provide an overview of available conversation spaces endpoint url api/conversations list method get input argument name type required description parameters limit number optional parameters for the conversations list action input example {"parameters" {"limit" 2}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok channels array output field channels channels id string unique identifier channels name string name of the resource channels is channel boolean output field channels is channel channels is group boolean output field channels is group channels is im boolean output field channels is im channels is mpim boolean output field channels is mpim channels is private boolean output field channels is private channels created number output field channels created channels is archived boolean output field channels is archived channels is general boolean output field channels is general channels unlinked number output field channels unlinked channels name normalized string name of the resource channels is shared boolean output field channels is shared channels is org shared boolean output field channels is org shared channels is pending ext shared boolean output field channels is pending ext shared channels pending shared array output field channels pending shared channels pending shared file name string name of the resource channels pending shared file string output field channels pending shared file channels context team id string unique identifier channels updated number output field channels updated channels parent conversation object output field channels parent conversation output example {"ok"\ true,"channels" \[{"id" "12345678 1234 1234 1234 123456789abc","name" "example name","is channel"\ true,"is group"\ true,"is im"\ true,"is mpim"\ true,"is private"\ true,"created" 123,"is archived"\ true,"is general"\ true,"unlinked" 123,"name normalized" "example name","is shared"\ true,"is org shared"\ true,"is pending ext shared"\ true}],"response metadata" {"next cursor" "string"}} conversations members retrieves a list of all members within a specified slack channel, requiring the 'channel' parameter for execution endpoint url api/conversations members method get input argument name type required description parameters channel string required parameters for the conversations members action parameters limit number optional parameters for the conversations members action input example {"parameters" {"channel" "c0e7ph2ns","limit" 2}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok members array output field members response metadata object response data response metadata next cursor string response data output example {"status code" 200,"response headers" {"date" "fri, 16 dec 2022 14 07 50 gmt","server" "apache","x powered by" "hhvm/4 153 1","access control allow origin" " ","referrer policy" "no referrer","x slack backend" "r","x slack unique id" "y5x7tudjgiq ncq0sdiapqaaecw","strict transport security" "max age=31536000; includesubdomains; preload","access control allow headers" "slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x ","access control expose headers" "x slack req get message permalink retrieve a permalink url for a slack message using the channel id and message timestamp endpoint url api/chat getpermalink method get input argument name type required description parameters channel string required the id of the conversation or channel containing the message parameters message ts string required a message's ts value, uniquely identifying it within a channel input example {"parameters" {"channel" "c1234567890","message ts" "1234567890 123456"}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok permalink string output field permalink channel string output field channel output example {"status code" 200,"response headers" {"date" "wed, 16 oct 2024 10 52 06 gmt","server" "apache","vary" "accept encoding","x slack req id" "13dabbfa12beeaefe788b03b2f6ace65","x content type options" "nosniff","x xss protection" "0","pragma" "no cache","cache control" "private, no cache, no store, must revalidate","expires" "sat, 26 jul 1997 05 00 00 gmt","content type" "application/json; charset=utf 8","x oauth scopes" "chat\ write,channels\ history,channels\ join,channels\ manage,channels\ read,chat lookup by email retrieves slack user details by email, using the 'email' parameter to identify the user endpoint url /api/users lookupbyemail method get input argument name type required description parameters email string required parameters for the lookup by email action input example {"parameters" {"email" "spengler\@ghostbusters example com"}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok user object output field user user id string unique identifier user team id string unique identifier user name string name of the resource user deleted boolean output field user deleted user color string output field user color user real name string name of the resource user tz string output field user tz user tz label string output field user tz label user tz offset number output field user tz offset user profile object output field user profile user profile title string output field user profile title user profile phone string output field user profile phone user profile skype string output field user profile skype user profile real name string name of the resource user profile real name normalized string name of the resource user profile display name string name of the resource user profile display name normalized string name of the resource user profile fields object output field user profile fields user profile status text string status value user profile status emoji string status value user profile status emoji display info array status value output example {"ok"\ true,"user" {"id" "12345678 1234 1234 1234 123456789abc","team id" "string","name" "example name","deleted"\ true,"color" "string","real name" "example name","tz" "string","tz label" "string","tz offset" 123,"profile" {"title" "string","phone" "string","skype" "string","real name" "example name","real name normalized" "example name","display name" "example name","display name normalized" "example name","fields" {},"status text" "active","status emoji" "active","status emoji display info" \[] update message updates an existing message in a specified slack channel using the channel id and message timestamp endpoint method post input argument name type required description channel string required parameter for update message message timestamp string required response message title string optional parameter for update message reply broadcast string optional parameter for update message username string optional name of the resource parse string optional parameter for update message link names string optional name of the resource text string optional parameter for update message unfurl links string optional url endpoint for the request unfurl media string optional url endpoint for the request icon url string optional url endpoint for the request icon emoji string optional parameter for update message blocks array optional parameter for update message blocks type string optional type of the resource blocks text object optional parameter for update message blocks text type string optional type of the resource blocks text text string optional parameter for update message blocks fields array optional parameter for update message blocks fields type string optional type of the resource blocks fields text string optional parameter for update message input example {"channel" "c04j0u2rumt","message timestamp" "1673382207 766669","title" "c04j0u2rumt","reply broadcast" "c04j0u2rumt","username" "c04j0u2rumt","parse" "c04j0u2rumt","link names" "c04j0u2rumt","text" "c04j0u2rumt","unfurl links" "c04j0u2rumt","unfurl media" "c04j0u2rumt","icon url" "c04j0u2rumt","icon emoji" "c04j0u2rumt"} output parameter type description headers object http headers for the request reason string response reason phrase status code number http status code of the response channel string output field channel ts string output field ts message object response message message bot id string unique identifier message type string type of the resource message text string response message message user string response message message app id string unique identifier message blocks array response message message blocks type string type of the resource message blocks block id string unique identifier message blocks text object response message message blocks text type string type of the resource message blocks text text string response message message blocks text verbatim boolean response message message blocks fields array response message message blocks fields type string type of the resource message blocks fields text string response message message blocks fields verbatim boolean response message message team string response message message bot profile object response message message bot profile id string unique identifier output example {"channel" "string","ts" "string","message" {"bot id" "string","type" "string","text" "string","user" "string","app id" "string","blocks" \[{}],"team" "string","bot profile" {"id" "12345678 1234 1234 1234 123456789abc","app id" "string","name" "example name","icons" {},"deleted"\ true,"updated" 123,"team id" "string"},"edited" {"user" "string","ts" "string"}}} url verification handshake confirms the integrity of a slack webhook setup by verifying the challenge present in the provided data body content endpoint method post input argument name type required description data body object required response data data body challenge string required response data input example {"data body" {"channel" "c0e7ph2ns"}} output parameter type description headers object http headers for the request reason string response reason phrase status code number http status code of the response output example {"headers"\ null,"reason" "ok","status code" 200} users list retrieves a comprehensive list of users within a slack team, providing insights into current team membership endpoint url api/users list method get input argument name type required description parameters limit number optional parameters for the users list action input example {"parameters" {"limit" 2}} output parameter type description status code number http status code of the response reason string response reason phrase ok boolean output field ok offset string output field offset members array output field members members id string unique identifier members team id string unique identifier members name string name of the resource members deleted boolean output field members deleted members color string output field members color members real name string name of the resource members tz string output field members tz members tz label string output field members tz label members tz offset number output field members tz offset members profile object output field members profile members profile title string output field members profile title members profile phone string output field members profile phone members profile skype string output field members profile skype members profile real name string name of the resource members profile real name normalized string name of the resource members profile display name string name of the resource members profile display name normalized string name of the resource members profile fields object output field members profile fields members profile status text string status value members profile status emoji string status value output example {"ok"\ true,"offset" "string","members" \[{"id" "12345678 1234 1234 1234 123456789abc","team id" "string","name" "example name","deleted"\ true,"color" "string","real name" "example name","tz" "string","tz label" "string","tz offset" 123,"profile" {},"is admin"\ true,"is owner"\ true,"is primary owner"\ true,"is restricted"\ true,"is ultra restricted"\ true}],"cache ts" 123,"response metadata" {"next cursor" "string"}} response headers header description example access control allow headers http response header access control allow headers slack route, x slack version ts, x b3 traceid, x b3 spanid, x b3 parentspanid, x b3 sampled, x b3 flags access control allow origin http response header access control allow origin access control expose headers http response header access control expose headers x slack req id, retry after cache control directives for caching mechanisms private, no cache, no store, must revalidate content encoding http response header content encoding gzip content length the length of the response body in bytes 127 content type the media type of the resource application/json date the date and time at which the message was originated fri, 16 dec 2022 14 33 36 gmt expires the date/time after which the response is considered stale mon, 26 jul 1997 05 00 00 gmt pragma http response header pragma no cache referrer policy http response header referrer policy no referrer server information about the software used by the origin server apache strict transport security http response header strict transport security max age=31536000; includesubdomains; preload vary http response header vary accept encoding via http response header via envoy www iad 8jw8, envoy edge gru h1w1 x accepted oauth scopes http response header x accepted oauth scopes channels \ read ,groups \ read ,mpim \ read ,im \ read ,read x backend http response header x backend main normal main canary with overflow main control with overflow x content type options http response header x content type options nosniff x edge backend http response header x edge backend envoy www x envoy attempt count http response header x envoy attempt count 1 x envoy upstream service time http response header x envoy upstream service time 307 x oauth scopes http response header x oauth scopes chat \ write ,channels \ history ,channels \ join ,channels \ manage ,channels \ read ,chat \ write customize,groups \ write ,groups \ history ,groups \ read ,groups \ write invites,im \ history ,mpim \ history ,im \ read ,mpim \ read ,users \ read ,users \ read email,im \ write ,mpim \ write ,channels \ write invites x powered by http response header x powered by hhvm/4 153 1 x server http response header x server slack www hhvm main iad hsyo x slack backend http response header x slack backend r x slack edge shared secret outcome http response header x slack edge shared secret outcome no match x slack req id http response header x slack req id 3c4ab2323b9e63b96f86dad819412a4f x slack shared secret outcome http response header x slack shared secret outcome no match x slack unique id http response header x slack unique id zw a1qlgb2l9h mwjxcegqaaedq x xss protection http response header x xss protection 0