Integrate a new Slack source
All detectors are supported, with the exception of these 2 generic detectors, in order to limit the risk of false positives:
Setting up and configuring this integration is limited to users with an Owner or Manager access level. Slack workspace installation is only open to workspaces under the Business plan, but uninstallation is open to all. Alternatively, you can install and test secret detection in Slack with a 30-day trial. Any secret incidents created during this period will remain accessible in your incident dashboard after the trial period.
GitGuardian integrates natively with Slack via a Slack app that you can install on your public and/or private channels of your Slack workspaces. Note that the GitGuardian Slack app only has read access to your channels.
In case your Slack workspace is configured to restrict installations of apps, you will need Workspace Owner rights in your Slack workspace to set up the integration. You can refer to the Slack documentation for more information on managing Slack apps.
Setup your Slack integration
You can install GitGuardian on multiple Slack workspaces to monitor your public and private channels.
Setup your Slack integration for public channels
- Make sure you're logged in the Slack workspace you want to install
- In the GitGuardian platform, navigate to the Sources integration page
- Click on the Install button next to Slack in the Messaging section
- Click on the Install button of the Slack integration page
- Select the Slack workspace you want to add
- Click on the Allow button to accept the permissions requested by GitGuardian
That's it! Our GitGuardian app is now automatically invited on all your public channels. It will now start monitoring all messages shared on your public channels for secrets.
Extend your Slack integration to private channels
By default, the GitGuardian app only accesses public channels. We do not access private channels without your consent. Optionally, you can authorize the GitGuardian Slack app to integrate and monitor your private channels.
To do so, simply invite our GitGuardian app into the desired private Slack channels:
- Navigate to the private Slack channel of your choice
- Go to the Integrations tab of your channel settings
- Click on the Add an App button
- Click on the Add button next to the GitGuardian app
That's it! Our GitGuardian app is now invited to your private channel and ready for monitoring.
To remove the Slack app from a private Slack channel:
- Navigate to the private Slack channel of your choice
- Go to the Integrations tab of your channel settings
- Click on the GitGuardian app
- Select Remove this app from #channel
- Confirm by clicking on the Remove button
That's it! Our GitGuardian app is now removed from your private channel and secret detection is disabled.
Setup Slack for self-hosted GitGuardian
We recommend using dedicated workers for Slack. For more detailed information on scaling and configuration, please visit our scaling page.
If you are using a self-hosted GitGuardian instance, you must first configure a dedicated Slack App so that you own the entire data stream. GitGuardian handles it for you programmatically via the Slack manifest. This will ensure that your Slack App is created with all the appropriate rights.
1. Create a Slack app
You are a GitGuardian Manager and you have the right to create a Slack app
- Navigate to the Slack integration page
- Click on Configure Slack app
- Click on Create Slack app
- Select the Slack workspace on which you will create your new custom Slack app
- Click on Next
- Click on Create
- Go to Settings > Basic Information > App Credentials section
- Get your App Credentials (
App ID
,Client ID
,Client Secret
,Signing Secret
)
That's it! Your Slack app has been created and you can now declare your Slack app in the GitGuardian Platform.
You are a GitGuardian Manager and you don't have the right to create a Slack app
If you don't have the right to create a Slack app, please ask your Slack administrator to do it for you. You can easily forward a request with this procedure:
- Navigate to the Slack integration page
- Click on Configure Slack app
- Click on the Send a request to a Slack administrator link to easily forward your request
- They should in turn provide you with the Slack app credentials to proceed with the rest of the configuration.
You are not a GitGuardian Manager and you received a request to create a Slack app because you have the rights to do so
You received a request to create a new custom Slack app so you can use GitGuardian to scan your Slack workspace for secrets.
- Go to the Slack App creation page
- Select the Slack workspace on which you will create your new custom Slack app
- Click on Next
- Click on Edit Configurations
- Edit the redirect_url and request_url in the manifest to fit with the GitGuardian self-hosted instance URL:
- redirect_url:
- replace:
https://dashboard.gitguardian.com/api/v1/slack/app/install_callback/
- with:
https://<gitguardian.acme.com>/api/v1/slack/app/install_callback/
- replace:
- request_url:
- replace:
https://dashboard.gitguardian.com/api/v1/receiver/slack/
- with:
https://<gitguardian.acme.com>/api/v1/receiver/slack/
- replace:
- redirect_url:
- Click on Next
- Click on Create
- Go to Settings > Basic Information > App Credentials section
- Return the App Credentials to your requester in the secure way of your choice (
App ID
,Client ID
,Client Secret
,Signing Secret
)
That's it! Your Slack app has been created, and the requester will be able to declare the Slack app configuration in the GitGuardian platform. Thank you for your cooperation!
2. Declare your Slack app in the GitGuardian Platform
- Paste your Slack app credentials
- Click on Save and close
That's it! Your Slack app configuration is now ready and you can now setup your Slack integration.
Edit your Slack app configuration
In case you need to edit your Slack app configuration, due to an error when declaring your Slack app credentials or due to a secret rotation, you can do so as follows:
- Click on Edit Slack app
- Update your Slack app credentials
- Click on Save and close
Delete your Slack app configuration
In case you need to delete your Slack app configuration, you can do so as follows:
- Click on Edit Slack app
- Click on Delete configuration
- Confirm by clicking on Delete configuration in the confirmation modal
Deleting your Slack app configuration will uninstall all your Slack integrations. However, all your existing incidents detected on Slack will remain available on your dashboard. Note that deleting the Slack app configuration will only delete the configuration, not the Slack app. If you want to delete your Slack app, you must do so from your Slack workspace.
Uninstall your Slack workspace
To uninstall a Slack workspace:
- In the GitGuardian platform, navigate to the Sources integration page
- Click on the Edit button next to Slack in the Messaging section
- Click on the bin icon next to the Slack workspace to be uninstalled
- Confirm by clicking on the Uninstall button in the confirmation modal
That's it! Your Slack workspace is now uninstalled and the associated secret incidents remain visible in the incident dashboard.
Privacy
Country-specific laws and regulations may require you to inform your Slack users that your channels are being scanned for secrets. Here is a suggestion for a message you may want to use:
As part of our internal information security process, the company scans the Slack channels for potential secrets leaks using GitGuardian. All data collected will be processed for the purpose of detecting potential leaks. To find out more about how we manage your personal data and to exercise your rights, please refer to our employee/partner privacy notice. Please note that only channels relating to the company’s activity and business may be monitored and that users shall refrain from sharing personal or sensitive data not relevant to the channel’s purpose.