Workspace admin review
Everything a Slack admin needs before approving the install.
This page is for workspace owners and IT reviewers. It covers what Slash Social can access, what it cannot, which OAuth scopes are requested, data stored, retention, and how to reach us for security questions.
Share with your admin
Send this page to a workspace admin.
The link below opens your email client with a pre-written message that includes what the app does, a link to this review page, pricing, and a support contact. Edit before sending.
Open email to adminOpens your default email client. Nothing is sent automatically.
OAuth scopes
What the app can access.
These are the Slack permissions the app requests during install. Each scope is listed alongside the plain-English reason it's needed.
chat:write, chat:write.customize, chat:write.public channels:read, channels:join, channels:history, channels:manage groups:read, groups:history users:read im:read, im:write, im:history mpim:read, mpim:write files:read, files:write commands reactions:read, reactions:write lists:read, lists:write canvases:read, canvases:write links:read, links:write, links.embed:write bookmarks:read, bookmarks:write conversations.connect:read, conversations.connect:write, conversations.connect:manage Boundaries
What the app cannot access.
Slack's permission model gives the app only what is explicitly requested. These things are outside the app's reach regardless of scope.
- Private channels the app has not been explicitly invited to
- Direct messages between users that do not involve the app
- Workspace billing, subscription, or payment data
- Other installed apps or their data
- Message history in channels where the app is not a member
- User email addresses, phone numbers, or extended profile fields
- Admin logs or audit logs outside the Slash Social product
- Files or attachments in channels the app has not joined
Data
What is stored and why.
The app stores only what is needed to operate the workflow. No customer data is sold.
Retention
Retention and deletion.
Workspace data is removed when the app is uninstalled from Slack. Connected social account tokens are invalidated when a team member disconnects the account from within the app or when the app is removed.
For data deletion requests before or after uninstall, use the support form and include your workspace name. We aim to confirm and complete deletion within 30 days.
The full privacy policy describes collection, use, sharing, retention periods, AI processing, subprocessors, and user choices.
Read privacy policy →Security
Questions for the security team.
For security review questions — penetration test reports, SOC 2 status, subprocessor list, DPA requests, or specific scope justifications — use the support form and note the request type. We respond to security review requests within 3 business days.
For urgent security issues, include "Security review" in the subject line.
Ready when your team is
Bring social media operations into Slack.
Start with one brand, one workspace, and the workflows your team already repeats every week.