Slack
1. Create a Slack app
Section titled “1. Create a Slack app”api.slack.com/apps → Create New App → From scratch.
Under OAuth & Permissions, add scopes:
chat:write— send messageschannels:read— list channelschannels:history— read channel historysearch:read— search messagesusers:read— resolve user IDs to names
Redirect URL: https://tappass.example.com/providers/slack/callback
2. Configure on TapPass server
Section titled “2. Configure on TapPass server”SLACK_CLIENT_ID=<id>SLACK_CLIENT_SECRET=<secret>SLACK_SIGNING_SECRET=<signing-secret>3. Install into your workspace
Section titled “3. Install into your workspace”tappass provider connect slack --agent chat-bot# opens Slack's install flowOperations
Section titled “Operations”| Operation | Op group | Endpoint |
|---|---|---|
send_message | write | POST /chat.postMessage |
list_channels | read | GET /conversations.list |
channel_history | read | GET /conversations.history |
search_messages | read | GET /search.messages |
get_user | read | GET /users.info |
# Send a messageagent.call_provider( provider="slack", operation="send_message", params={"channel": "#support", "text": "Ticket 123 escalated"},)
# Read recent historymessages = agent.call_provider( provider="slack", operation="channel_history", params={"channel": "C0123456", "limit": 50},)Example policy
Section titled “Example policy”Prevent an agent from posting to any #exec-* channel:
package tool_decision
deny[msg] { input.provider == "slack" input.operation == "send_message" startswith(input.params.channel, "#exec-") msg := "cannot post to exec channels"}PII redaction
Section titled “PII redaction”Outbound Slack messages are scanned for PII (email, SSN, credit card) before posting. Configure what gets masked in config/policies/detection.yaml:
detection: outbound: - provider: slack action: mask # or "block" categories: [pii.email, pii.phone, pii.financial]