Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.iru.com/llms.txt

Use this file to discover all available pages before exploring further.

About Slack

The Slack connector reads workspace membership, channel configuration, user groups, and - on Enterprise Grid - audit log events, then surfaces that information as artifacts in Iru Compliance. Iru authenticates with a bot OAuth token (xoxb-) obtained by installing a Slack app into your workspace. Access is read-oriented for compliance evidence; it does not send messages or change workspace settings through the scopes described here.

How it works

Slack APIs expect the bot token in the Authorization header: 
Authorization: Bearer xoxb-XXXX-XXXX-XXXX
You create an app at api.slack.com, grant Bot token scopes, install the app to the workspace, then copy the Bot User OAuth Token. Expanding scopes requires reinstalling the app, which issues a new token - update Iru whenever that happens.
DetailValue
CategoryCommunications
AuthenticationBearer token (bot OAuth token xoxb-)
Audit logsauditlogs:read is Enterprise Grid only. Without Grid, audit-log-style evidence is not available through this API path.
References: OAuth tokens, Scopes, Audit Logs API.

Prerequisites

  • Workspace Owner or Workspace Admin rights so you can install apps.
  • Ability to sign in to api.slack.com/apps for your workspace.
  • Optional: Enterprise Grid if you need auditlogs:read.
Typical bot scopes for directory and channel evidence
ScopePurpose
users:readRead member profiles
users:read.emailRead member email addresses
channels:readList and read public channels
groups:readList and read private channels (where permitted)
usergroups:readRead user group configuration
auditlogs:readAudit logs (Enterprise Grid only)

Connect Slack to Iru

Slack

1

Create a Slack app

At api.slack.com/apps, select Create New AppFrom scratch. Name the app (for example Iru Compliance) and pick your workspace.
2

Add Bot Token scopes

Open OAuth & Permissions. Under Bot Token Scopes, add each scope from Prerequisites that your controls require. Add auditlogs:read only if you are on Enterprise Grid and need audit evidence.
3

Install the app to your workspace

From OAuth & Permissions, select Install to Workspace (or Reinstall after scope changes). Review permissions and approve.
4

Copy the Bot User OAuth Token

Copy the Bot User OAuth Token (starts with xoxb-). If you change scopes later, reinstall to get a new token. Paste the current token into the Iru connector wizard when Iru Compliance prompts you.

Iru Compliance

1

Open Sources

In Iru Compliance, on the left navigation bar, expand Compliance and select Sources.
Left navigation: Compliance expanded, Sources selected
2

Turn on Slack

Find Slack (set Category to Communications or use Search by name or description). On that card, turn on the toggle. A browser tab or window may open for the connector wizard.
3

Paste the Bot token in the wizard

When the wizard asks for a bearer token, paste the xoxb- Bot User OAuth Token and submit.
4

Confirm the source is Active

When setup succeeds, the Slack card shows Active.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Confirm the token is current, begins with xoxb-, and the app is still installed.
Add the scope under OAuth & Permissions, reinstall the app, copy the new token, and update Iru.
Reinstall the app or rotate credentials; update Iru with the new bot token.
auditlogs:read requires Enterprise Grid. Without it, audit-log API evidence is unavailable.

Considerations

Bot tokens generally do not expire unless your…

Bot tokens generally do not expire unless your workspace enforces rotation - follow Slack’s guidance if rotation is enabled.

Uninstalling the app revokes the token immediately.

Uninstalling the app revokes the token immediately.

Scope increases always require reinstall and a new…

Scope increases always require reinstall and a new token - plan changes during a maintenance window.

See also