SendSafely

Articles in this section

Installing the SendSafely Slack App

Follow

This guide is aimed at helping users understand how to integrate SendSafely into your organization’s Slack workspace.

 
  • Please note that SendSafely is not in the Slack marketplace, the instructions below are for configuring a private app listing into your Slack workspace
  • Ensure you have admin workspace privileges for installing a private app in Slack
  • Ensure you are an admin in your SendSafely portal
  • Only one instance of the SendSafely app may be installed in the same workspace, if you have previously installed other versions, please uninstall before continuing

Instructions

It is recommended you have two browser tabs open for these steps. 

Generate SendSafely App in Slack (Browser tab 1)

1. In browser tab 1 - Go to https://api.slack.com/apps 

2. Click on ‘Create New App’

Slack Api - Your apps.png

3. Select the 'From a Manifest' option.

image-20240827-184232.png

4. Select the workspace you would like to install SendSafely in

5. Copy & Paste the app manifest from below into the open input tab ('JSON')

{
    "display_information": {
        "name": "SendSafely for Slack",
        "description": "Send secure messages over Slack using end-to-end encryption.",
        "background_color": "#022369",
        "long_description": "Send secure messages over Slack using our company's SendSafely portal. Messages are protected using end-to-end encryption and are only visible to members of the channel or conversation they are sent on."
    },
    "features": {
        "bot_user": {
            "display_name": "SendSafely for Slack",
            "always_online": false
        },
        "slash_commands": [
            {
                "command": "/sendsafely",
                "url": "https://www.sendsafely.com/slack/",
                "description": "Launches SendSafely message encryption",
                "should_escape": false
            }
        ]
    },
    "oauth_config": {
        "redirect_urls": [
            "https://www.sendsafely.com/slack/install/ "
        ],
        "scopes": {
            "user": [
                "groups:read",
                "channels:read",
                "im:read",
                "mpim:read"
            ],
            "bot": [
                "commands",
                "users:read",
                "users:read.email"
            ]
        }
    },
    "settings": {
        "org_deploy_enabled": false,
        "socket_mode_enabled": false,
        "token_rotation_enabled": false
    }
}
 
 

Create App from Manifest.png

6. Verify the summary information is correct and click 'Create'

Review OAuth Scopes.png

7. Note the App ID, Client ID, Client Secret, and Signing Secret, you will need this for tab 2 below.
(Basic Information Tab - Slack should have redirected you here)

image-20240827-185423.png

8. Leave this screen open and proceed to tab 2 below

Link Slack App to SendSafely account (Browser tab 2)

1. Log into your SendSafely account in your SendSafely portal

2. Click on 'Apps and Integrations' from the account dropdown menu

image-20240827-180627.png

3. Find the SendSafely for Slack tile Click 'Configure', then click 'Continue to step 2'.

Slack Tile.png

 

4. Copy and Paste the information from Browser tab 1 and click 'Install'

SendSafely Slack App config.png

5. Slack will request the following permissions be granted to SendSafely for Slack. Click 'Allow'. The SendSafely for Slack app is now available to team members.

 

Per.png

 

User Permissions

Once installed by an Admin, Slack users can launch the SendSafely app using the /SendSafely command in any Slack message or channel. The first time a user launches the SendSafely for Slack app, they will be asked to grant limited Slack permissions to SendSafely.

User Permissions.png

SendSafely uses these additional user level permissions to obtain the email address of members in the message or channel. The email address is only used to authenticate recipients via a one time pin code sent via email.

This multi-level approval (admin + individual approval) is required by Slack for apps that request access to sensitive information, such as channel member’s email addresses. While an admin initially approves the app for Workspace installation, that approval does not grant access to the email addresses in an individual's direct message or group conversation. If a user wishes to use SendSafely’s Authenticate Recipient feature (which requires access to conversation member’s email address), they must individually grant our app permission to do so. Note: those permissions only provide SendSafely with meta-data on the conversation (such as the members of the conversation). It does not allow the app (or SendSafely) access to the actual messages. Once a user grants this permission they will not be prompted again.

If users deny this request, they can still use SendSafely, but the recipient authentication option will be unavailable.

Authenticate Recipients.png

Using SendSafely with Slack Connect

Slack Connect is used to communicate with users in external Slack Workspaces (i.e. Workspaces owned by other organizations). The SendSafely Slack app can be used to post secure messages to these External Connections.

Please note that the SendSafely Authenticate Recipients feature requires those external Slack Workspaces allow outside organizations to view member email addresses. If your External Connection does not allow email address to be shared, the SendSafely Recipient Authentication feature will be disabled. Senders can still secure their message with access limits.

For reference, email sharing with external organizations is controlled in the Slack Admin Settings as shown below. 

Workspaces Settings - Slack Connect.png

Related articles

Comments

0 comments

Article is closed for comments.