Integrate a new Slack source

info

For now, only real-time scanning is supported. Historical scanning will be supported at a later date. All detectors are supported, with the exception of these 2 generic detectors, in order to limit the risk of false positives:

• Generic High Entropy Secret
• Generic Password

Setting up and configuring this integration is limited to users with an Owner or Manager role. Slack workspace installation is only open to workspaces under the Business plan, but uninstallation is open to all. Alternatively, you can install and test secret detection in Slack with a 30-day trial. Any secret incidents created during this period will remain accessible in your incident dashboard after the trial period.

GitGuardian integrates natively with Slack via a Slack app that you can install on your public and/or private channels of your Slack workspaces. Note that the GitGuardian Slack app only has read access to your channels.

In case your Slack workspace is configured to restrict installations of apps, you will need Workspace Owner rights in your Slack workspace to set up the integration. You can refer to the Slack documentation for more information on managing Slack apps.

Setup your Slack integration

You can install GitGuardian on multiple Slack workspaces to monitor your public and private channels.

Setup your Slack integration for public channels

1. Make sure you're logged in the Slack workspace you want to install
2. In the GitGuardian platform, navigate to the Integrations page
3. Click on the Install button on the Slack card in the Messaging section
4. Click on the Install button of the Slack integration page
5. Select the Slack workspace you want to add
6. Click on the Allow button to accept the permissions requested by GitGuardian

That's it! Our GitGuardian app is now automatically invited on all your public channels. It will now start monitoring all messages shared on your public channels for secrets.

Extend your Slack integration to private channels

By default, the GitGuardian app only accesses public channels. We do not access private channels without your consent. Optionally, you can authorize the GitGuardian Slack app to integrate and monitor your private channels.

To do so, simply invite our GitGuardian app into the desired private Slack channels:

1. Navigate to the private Slack channel of your choice
2. Go to the Integrations tab of your channel settings
3. Click on the Add an App button
4. Click on the Add button next to the GitGuardian app

That's it! Our GitGuardian app is now invited to your private channel and ready for monitoring.

To remove the Slack app from a private Slack channel:

1. Navigate to the private Slack channel of your choice
2. Go to the Integrations tab of your channel settings
3. Click on the GitGuardian app
4. Select Remove this app from #channel
5. Confirm by clicking on the Remove button

That's it! Our GitGuardian app is now removed from your private channel and secret detection is disabled.

Setup Slack for self-hosted GitGuardian

If you are using a self-hosted GitGuardian instance, you must first configure a dedicated Slack App so that you own the entire data stream. GitGuardian handles it for you programmatically via the Slack manifest. This will ensure that your Slack App is created with all the appropriate rights.

1. Create a Slack app

You are a GitGuardian Manager and you have the right to create a Slack app

1. Navigate to the Slack integration page
2. Click on Configure Slack app
   
3. Click on Create Slack app
4. Select the Slack workspace on which you will create your new custom Slack app
5. Click on Next
6. Click on Create
7. Go to Settings > Basic Information > App Credentials section
8. Get your App Credentials (App ID, Client ID, Client Secret, Signing Secret)
   

That's it! Your Slack app has been created and you can now declare your Slack app in the GitGuardian Platform.

You are a GitGuardian Manager and you don't have the right to create a Slack app

If you don't have the right to create a Slack app, please ask your Slack administrator to do it for you. You can easily forward a request with this procedure:

1. Navigate to the Slack integration page
2. Click on Configure Slack app
   
3. Click on the Send a request to a Slack administrator link to easily forward your request
4. He or she should in turn provide you with the Slack app credentials to proceed with the rest of the configuration.

You are not a GitGuardian Manager and you received a request to create a Slack app because you have the rights to do so

You received a request to create a new custom Slack app so you can use GitGuardian to scan your Slack workspace for secrets.

1. Go to the Slack App creation page
2. Select the Slack workspace on which you will create your new custom Slack app
3. Click on Next
4. Click on Edit Configurations
5. Edit the redirect_url and request_url in the manifest to fit with the GitGuardian self-hosted instance URL:
   • redirect_url:
     • replace: https://dashboard.gitguardian.com/api/v1/slack/app/install_callback/
     • with: https://<gitguardian.acme.com>/api/v1/slack/app/install_callback/
   • request_url:
     • replace: https://dashboard.gitguardian.com/api/v1/receiver/slack/
     • with: https://<gitguardian.acme.com>/api/v1/receiver/slack/
6. Click on Next
7. Click on Create
8. Go to Settings > Basic Information > App Credentials section
9. Return the App Credentials to your requester in the secure way of your choice (App ID, Client ID, Client Secret, Signing Secret)
   

That's it! Your Slack app has been created, and the requester will be able to declare the Slack app configuration in the GitGuardian platform. Thank you for your cooperation!

2. Declare your Slack app in the GitGuardian Platform

1. Paste your Slack app credentials
2. Click on Save and close
   

That's it! Your Slack app configuration is now ready and you can now setup your Slack integration.

Edit your Slack app configuration

In case you need to edit your Slack app configuration, due to an error when declaring your Slack app credentials or due to a secret rotation, you can do so as follows:

1. Click on Edit Slack app
2. Update your Slack app credentials
3. Click on Save and close
   

Delete your Slack app configuration

In case you need to delete your Slack app configuration, you can do so as follows:

1. Click on Edit Slack app
2. Click on Delete configuration
3. Confirm by clicking on Delete configuration in the confirmation modal

info

Deleting your Slack app configuration will uninstall all your Slack integrations. However, all your existing incidents detected on Slack will remain available on your dashboard. Note that deleting the Slack app configuration will only delete the configuration, not the Slack app. If you want to delete your Slack app, you must do so from your Slack workspace.

Uninstall your Slack workspace

To uninstall a Slack workspace:

1. In the GitGuardian platform, navigate to the Integrations page
2. Click on the Slack card in the Messaging section
3. Click on the bin icon next to the Slack workspace to be uninstalled
4. Confirm by clicking on the Uninstall button in the confirmation modal

That's it! Your Slack workspace is now uninstalled and the associated secret incidents remain visible in the incident dashboard.

Was this page helpful?