Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

API Integration with Slack

After performing the API integration for Slack, Skyhigh CASB can monitor user activities in Slack, monitor content that is uploaded into Slack, and evaluate DLP policies.  

Then admins can monitor user activities within Slack, such as one or multiple Slack teams and channels in their enterprise or Org (if they have Enterprise Grid). 

Another option is the Slack Compliance Plan for small organizations that might only have one team. This allows administrators to monitor all types of Slack channels. Admins can also apply DLP policies to content uploaded to Slack. 

NOTE: All threat protection and activity monitoring found in the Threat Protection Dashboard are supported using the API configuration, except for anomalies and threats based on geo-location. This is because Skyhigh CASB does not collect the source IP information.

Prerequisites

As a security admin, before you enable API access make sure the following prerequisites are in order. 

Slack for Teams

  • Credentials for the Admin account in Slack. These credentials are used to enable API integration in Skyhigh CASB.

Slack Compliance Plan

  • Credentials for the Admin account in Slack. These credentials are used to enable API integration in Skyhigh CASB.
  • Slack Workspace/Team Domain URL. This is the unique domain URL of the Slack workspace, for example, https://<team>.slack.com

Slack Enterprise Grid

  • Credentials for the Org Owner in Slack. These credentials are used to enable API integration in Skyhigh CASB.
  • Slack Org Domain URL. This is the unique domain URL of the Slack organization, for example, https://<org>.enterprise.slack.com 
  • Request Slack to enable Skyhigh CASB for your Enterprise Grid. Any Slack Enterprise Grid customer who wants to enable integration with Discovery APIs such as Skyhigh CASB must send a request from the Org Owner email exports@slack.com for their Org to integrate with Skyhigh CASB. This message should also include the URL domain of the needed Org.
  • Team Under the Enterprise Account. Make sure that at least a Team is created under the Enterprise Grid account. 

Enabling the API

  1. Log in to Skyhigh CASB. 
  2. Go to Settings > Service Management.  
  3. From the Service Management page, select Slack from the list of services.  Then click Add Service Instance to add a Slack instance, and give it a unique name.
  4. Click Enable to enable API access. Click Next.  
  5. On the Enable API Review Prerequisites page, review the prerequisites, and then click the checkbox to confirm that you have completed the prerequisites.  Click Next
  6. On the Enable API page, click Provide API Credentials, then click Next.  

If you are using Slack for Teams:

  1. Select click here.
    clipboard_e64095a9e8c6025405cac0af4ceed8ed2.png
  2. To grant API Access, enter the user name and password of the Slack Team Owner and log in.
  3. Review the permissions that Slack grants Skyhigh CASB, and click Authorize.

If you are using Slack Compliance Plan:

NOTE: Slack Compliance Plan is suitable for small organizations (perhaps consisting of one Slack team or workspace) and provides all advanced APIs needed for Skyhigh CASB to monitor user activities for that organization in Slack and apply DLP policies to content that is uploaded to Slack for those teams or organizations.  

  1. In the field Please enter the URL for Slack Enterprise Grid or Slack Compliance Plan, enter your Slack team domain URL and submit.
  2. Enter the credentials of the Team Admin and log in.
  3. Review the permissions that Slack grants Skyhigh CASB, and click Authorize.
  4. Select the Slack team where you want the quarantine channel to be created. (This is where all quarantined files are stored while they are reviewed by the administrator.)

NOTE: There will always be only one team in case of Slack Compliance Plan. 

  1. Review the permissions that Slack grants Skyhigh CASB, and click Authorize.

If you are using Slack Enterprise Grid:

  1. In the field Please enter the URL for Slack Enterprise Grid or Slack Compliance Plan, enter your Slack Enterprise Grid org domain URL and submit.
  2. Enter the credentials of the Org Owner and log in.
  3. Review the permissions that Slack grants Skyhigh CASB, and click Authorize.
  4. Select the Slack team where you want the quarantine channel to be created. (This is where all quarantined files are stored while they are reviewed by the administrator.)
  5. Review the permissions that Slack grants Skyhigh CASB, and click Authorize.

Privacy Policy

For information on Skyhigh Security's policy, see Privacy Policy.

  • Was this article helpful?