Our new Slack App lets you safely share secrets over Slack using a simple slash command. Once an Admin has installed SendSafely for Slack in your Slack Workspace, any SendSafely user can send a secure message by typing /SendSafely into any DM or channel. This slash command posts a private message back to you with a direct link to encrypt a message for the channel using SendSafely.

After clicking the link, you will log in to SendSafely (if not already logged in) and land on the SendSafely for Slack Secure Message screen (see screenshot below). From here you can add a secure message (password, API Key, etc.), choose whether to authenticate recipients and/or enforce access limits.

If you choose NOT to authenticate recipients, your secure package will be accessible to any individual who receives the secure link. These are considered "anonymous" packages and require access limits to be set.

• We recommend setting low access limits to restrict the number of times anonymous packages can be accessed.
• If more than one person is on the channel/conversation, be sure to set this number no lower than the number of channel/conversation participants. 

Clicking the Post button encrypts the message and sends a secure link to the channel.

Channel members can access the secure message by clicking the SendSafely link posted to the channel. Messages automatically expire after 24 hours

Clicking the link opens a new browser window that allows the recipient to view the message from the SendSafely portal. 

First Time Use

The first time you launch the SendSafely for Slack app, you will be asked to grant limited Slack permissions to SendSafely. SendSafely uses these permissions to authenticate recipients. If you deny this request, you can still use SendSafely but the Authenticate Recipients option will be unavailable. If you change your mind in the future, you can re-trigger the below permissions prompt by toggling "Authenticate Recipients" to ON.