As a workspace app, you can interact with incident.io from anywhere within Slack, but we’re careful with the permissions and scopes we require and request the minimum we need to function.
You can find the up-to-date list of permissions in Slack here.
Required scopes on installation
All of the following scopes are requested on first installation of our Slack bot, and are required for our app to run.
app_mentions:readto respond to direct mentions to our bot from Slack usersbookmarks:readto see the bookmarks we set within incident channelsbookmarks:writeto set bookmarks in incident channels (such as the alert that triggered the incident)canvases:writeto create canvases in incident channelschannels:history- to read content in Slack channels we're added to, including messages users pin in their incident channelchannels:manage- to create incident channelschannels-read- to read incident channel nameschat:write- to write messages and updates in channels we have access tochat:write.publicto send announcements to public channels we haven't been added to (such as the incident announcement channel)commandsto add slash commands, such as/incso you can interact with our botfiles:readto read files shared in channels we have access to (such as images in incident channels)groups:readto see private incident channels we are part ofgroups:writeto post to private incident channels we are part ofgroups:historyto read messages in private incident channels we're added toim:historyto read DMs that are sent to the incident botlinks:readto view URLs in messageslinks:writeto show previews of URLs in messages from our botpins:readto read pinned messages so we can save them to the incident timelinepins:writeto write new pins to a Slack channel, such as the incident welcome messagereactions:readto see when users have reacted to messages to trigger an action such as creating followups with ⏩reactions:writeto add reactions to messages, such as marking GitHub pull requests as reviewed ✅teams:readto read your organisations name and iconusers:readto read your organisations usersusers:read.emailto match user accounts with other services, such as GitHubusers.profile:readto read user avatars so they can be displayed in our UIusergroups:readto list all user groups for syncing schedulesusergroups:writeto sync On-call schedules into your Slack user groups
Optional additional scopes
We don't request any of these on installation, but you can choose to provide them later
channels:join- to rejoin incident or announcement channels if we lose access. If this isn't granted, users will have to manually add our bot to any channel they want to interact with us in. If you'd like to configure this, chat to us.
Privileged access scopes
Depending on your Slack workspace settings, bots and regular users may be restricted from taking certain actions. If your organisation's Slack configuration requires admin access for certain operations, you can choose to additionally provide these scopes, otherwise some incident.io features may be degraded.
You can find out more details about each of those scopes here
These scopes are User Scopes, which means you're granting us permission to use them on behalf of a specific user, rather than as our bot.
To use any of these, you need to configure a Slack admin for our bot
These include:
channels:writeto create and archive public incident channels, if this requires admin access in your Slack workspacegroups:writeto create and archive private incident channels, and remove member's access to them if it's revoked within incident.iousergroups:writeto sync On-call schedules into your Slack user groups, if this requires admin access in your Slack workspaceadmin.conversations:writeto convert channels between public and private, to match the visibility of an incident.