The Slack adapter requires different scopes and tokens for fetching different asset types.
| Asset Type (if available) | Scope(s) | API Endpoint(s) | Token |
|---|
| Users | users:read | https://docs.slack.dev/reference/methods/users.list/ https://docs.slack.dev/reference/methods/users.info/
| |
| admin.users:read | https://docs.slack.dev/reference/methods/admin.users.list/ | Admin token is required to fetch Slack users with an Enterprise token |
| admin.teams:read | https://docs.slack.dev/reference/methods/admin.teams.admins.list/ https://docs.slack.dev/reference/methods/admin.teams.list/
| Admin token is required to fetch Slack users with an Enterprise token |
| channels:read, groups:read, im:read, mpim:read | https://docs.slack.dev/reference/methods/conversations.list/ https://docs.slack.dev/reference/methods/conversations.members/
| |
| admin | https://docs.slack.dev/reference/methods/team.billableinfo | |
| users:read.email | https://docs.slack.dev/reference/methods/users.lookupbyemail | |
| Groups | usergroups:read | https://docs.slack.dev/reference/methods/usergroups.list/ | |
| Accounts, Roles | admin.roles:read | https://docs.slack.dev/reference/methods/admin.roles.listAssignments/ | Admin token is required to fetch Slack Roles |
| Application Resources, User Extensions, SaaS Applications | admin | https://docs.slack.dev/reference/methods/team.integrationLogs/ | |
| admin.invites:read (View a workspace's invites and invite requests) | http://docs.slack.dev/reference/methods/admin.inviteRequests.list - List pending workspace invite requests http://docs.slack.dev/reference/methods/admin.inviteRequests.approved.list - List approved invite requests http://docs.slack.dev/reference/methods/admin.inviteRequests.denied.list - List denied invite requests | |
| auditlogs:read (View actions from channels, files, apps, user events, and admin events) | http://docs.slack.dev/reference/methods/audit/v1/logs | Only for Enterprise Grid Organization editions |
| team.billing:read (Fetch billing information) | https://docs.slack.dev/reference/methods/team.billing.info | Only for Enterprise Grid Organization editions |
Based on the API endpoints defined in SlackSettingsEndpoints, the following OAuth scopes are required to fetch Application Settings.
📘Note
- Some high-privilege settings cannot be fetched with an API token. These settings require you to provide an Account Sub Domain, User Name, Password, and MFA Secret when connecting the adapter in Axonius.
- Enterprise Grid accounts cannot use Bot Tokens.
See Slack Enforcement Actions for the full list or permissions required for Slack Enforcement Actions.