Skip to main content
Slack Connector
Cindy Chang avatar
Written by Cindy Chang
Updated over 2 months ago

Overview

  • Glean requires authentication to the Slack instance in order to fetch relevant information from Slack.

  • Authentication is done by creating the Glean app in Slack.

  • We create a custom app for each customer. This helps to ensure that webhooks are sent directly to your cloud project.

  • The app requires admin to install it.

  • It’s important to note that all data is stored in the customer’s cloud account and no data leaves the customer environment.

Integration Features

By default Glean will capture the following content:

  • Conversations in public channels (messages, threads, the channel itself).

  • Files shared in public channels

In addition, each user can choose to authorize Glean to index the content of the private channels/DMs that they are a part of - this needs to be enabled on a per-user basis and can be disabled by the admin if desired.

If private messages are enabled by a user, conversations in private channels/DMs that they are part of are added. These objects will be permissioned: only users that would have access to the document in Slack will see these conversations in their Glean search results.

There are a few additional levers we have, e.g. channel redlisting to prevent specific conversation data from being crawled, indexing channels shared with external customers, etc.

API Usage

Glean will use the standard Slack API to ingest all data.

In order to capture changes as quickly as possible, Slack will send us notifications to a Glean endpoint deployed in your cloud infrastructure. These are the “slack events” below. Using events, we respect message deletions as well, so if a message is deleted in Slack, we respond on the order of minutes to prevent that message from being seen in Glean results.

When installing, you can see the specific “scopes” below and Slack’s explanation of each one. There are two categories:

  • Accessing messages and building searchable documents: fetch messages in all conversation types

    • channels:read, groups:read, im:read, mpim:read, files:read, team:read

    • users:read and :emails are used to match glean users making sure permissions are respected

  • Letting the GleanBot post: responding to /commands to answer user prompts

    • bot, commands, chat:write:bot

Setup

Prerequisites

Required permissions for setup

The user setting up this data source must be a Slack Workspace Owner or Slack Workspace Admin. You can check whether you have this permission using this slack guide.

We recommend using or creating a service account for your Slack integration, so that you may control your personal slack results separately from the admin account

Installation Process

  1. Open Slack on web.

  2. Look for your workspace name in the top left. Click your workspace name and find the Slack URL in the menu, ending in .slack.com. The domain is the portion before .slack.com, e.g. if the URL is yourdomain.slack.com, the domain would be yourdomain. Enter the domain in Glean.

  3. The URL you’re on should be of the form app.slack.com/client/T12345678. Copy this last part of the URL and paste it into Glean as the workspace ID. Note the workspace ID will start with T.

Create an app

  1. Visit the Slack API site and click Create New App.

  2. Choose From an app manifest.

  3. Select the same workspace you chose on the previous screen and click Next.

  4. Replace existing YAML comment with the following and click Next.

    _metadata:
    major_version: 1
    minor_version: 1
    display_information:
    name: Glean
    description: Searches across all your apps
    background_color: "#343ced"
    features:
    app_home:
    home_tab_enabled: true
    messages_tab_enabled: true
    messages_tab_read_only_enabled: false
    bot_user:
    display_name: Glean
    always_online: true
    shortcuts:
    - name: Create an Answer in
    type: message
    callback_id: create_answer
    description: Create a new answer in Glean
    - name: Create Announcement in
    type: message
    callback_id: create_announcement
    description: Create a new announcement in Glean
    slash_commands:
    - command: /glean
    url: https://scio-prod-be.glean.com/slack/command
    description: Searches across all your apps
    usage_hint: "[query]"
    should_escape: false
    unfurl_domains:
    - glean.com
    oauth_config:
    redirect_urls:
    - https://scio-prod-be.glean.com/slack/oauth
    - https://scio-prod.askscio.com/slack/oauth
    - https://scio-prod-be.askscio.com/slack/oauth
    scopes:
    user:
    - links:read
    - mpim:read
    - pins:read
    - reactions:read
    - stars:read
    - team:read
    - users.profile:read
    - users:read
    - users:read.email
    - channels:read
    - channels:history
    - groups:history
    - mpim:history
    - files:read
    - groups:read
    - im:read
    - im:history
    bot:
    - app_mentions:read
    - channels:history
    - channels:read
    - chat:write
    - chat:write.public
    - commands
    - groups:history
    - groups:read
    - im:history
    - im:write
    - links:read
    - mpim:history
    - mpim:read
    - reactions:write
    - users:read
    - links:write
    settings:
    event_subscriptions:
    request_url: https://scio-prod-be.glean.com/slack/events
    user_events:
    - channel_created
    - channel_deleted
    - channel_history_changed
    - channel_left
    - channel_rename
    - channel_unarchive
    - file_change
    - file_created
    - file_deleted
    - file_shared
    - file_unshared
    - group_deleted
    - group_history_changed
    - group_left
    - link_shared
    - im_created
    - im_history_changed
    - member_joined_channel
    - member_left_channel
    - message.channels
    - message.groups
    - message.im
    - message.mpim
    - team_join
    bot_events:
    - app_home_opened
    - app_mention
    - link_shared
    - message.im
    - team_join
    interactivity:
    is_enabled: true
    request_url: https://scio-prod-be.glean.com/slack/interaction
    org_deploy_enabled: false
    socket_mode_enabled: false
    token_rotation_enabled: false

  5. Click Create.

Generate a token

  1. Click the Basic Information tab and scroll down until you see App-Level Tokens.

  2. Click Generate Token and Scopes.

  3. Name the token: Glean

  4. Click Add Scope and add the scope authorizations:read.

  5. Click Generate and paste the token into Glean.

Add an icon

  1. Click the Basic Information tab.

  2. Download this logo.

  3. Click Choose File and select the logo you just downloaded above

Connect to Glean

  1. Click the Collaborators tab and add at least one additional administrator from your company.

  2. Copy and paste the following fields from Basic Information into Glean: Client ID, Client Secret, Signing Secret.

  3. Go to OAuth & Permissions from the left navigation and click Install to Workspace.

  4. Click Create Authorization Link and follow the generated link. If the authorization succeeds, you’re all set!

Post Setup

After the initial setup, we will crawl data to get up to speed with your Slack instance’s current state. If things are not behaving as expected, or if you have any issues with this setup, please reach out to support@glean.com.

Did this answer your question?