Hi all,
I would like to configure the splunk on call slack add on but when an admin wanted to approve the integration, it requested the following permissions:
11 permissions and scopes required
On behalf of the app:
- View messages and other content in public channels that VictorOps has been added to channels:history
- View messages and other content in private channels that VictorOps has been added to groups:history
- Add shortcuts and/or slash commands that people can use commands
- View the name, email domain and icon for workspaces VictorOps is connected to team:read
- Send messages as @victorops chat:write
- Send messages as @victorops with a customised username and avatar chat:write.customize
On behalf of the user:
- View information about a user’s identity identify
- View basic information about public channels in a workspace channels:read
- View basic information about a user’s private channels groups:read
- Manage a user’s public channels and create new ones on a user’s behalf channels:write
- Manage a user’s private channels and create new ones on a user’s behalf groups:writeAll actions on a request will affect the entire workspace
Question 1: Just doing due diligence here, does the last permission "Manage a user’s private channels" give it the ability to read messages on other private channels on the workspace?
reading in the knowledge base it states:
"Note: The scope of private channels is limited to the channels that the person who integrates Splunk On-Call to Slack has access to. If you would like all private channels to be mapped to Splunk On-Call, we recommend creating a “Service Account” that has access to all private channels for this use."
Question 2 - does this mean the app would have access to all channels the admin user who approves to integration by default? Or would they approve it per channel?