Skip to main content

Slack Application Credentials

Description

General

  • Documentation: https://api.slack.com
  • Summary: Slack is a business communication platform. It offers chat rooms in the form of channels organized by topics as well as private groups and direct messaging. Users can create Slack applications to automate some actions in workspaces. This detector focuses on catching Slack application credentials as they allow to take certain actions at the app level across organizations. They are different from Slack user tokens that are also detected by GitGuardian.
  • IPs allowlist: IP allowlisting is supported only for internal application integrations. Read this documentation for more details.
  • Scopes: Credentials' scopes depend on the corresponding application.

Revoke the secret

To revoke the credentials, go to the App dashboard and after selecting the application, click on regenerate next to the Client Secret key field.

Check for suspicious activity

Monitoring suspicious activity of keys is not mentioned in Slack's documentation.

Details for Slack app keys

  • Family: Api

  • Category: Messaging system

  • Company: Slack

  • High recall: False

  • Validity check available: False

  • Minimum number of matches: 2

  • Occurrences found for one million commits: 2.05

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions:
- ^(cs|x|p|s|r|m)?html5?~?$
- ^[aps]?cssc?~?$
- ^lock$
- ^mdx?~?$
- ^storyboard(c|er)?~?$
- ^xib$
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: false
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- slack

Examples

- text: |
slack_id: 1489795176992.3423523385524
slack_secret: b42f065f429d8ae6727736f47ad814fb
client_id: '1489795176992.3423523385524'
client_secret: b42f065f429d8ae6727736f47ad814fb

- text: |
SLACK_CLIENT_ID = '730191371696.2410579736080'
SLACK_CLIENT_SECRET = 'f30df63fbca93862b6f4b678418c2519'
client_id: '730191371696.2410579736080'
client_secret: 'f30df63fbca93862b6f4b678418c2519'

How can I help you ?