Skip to content
  • There are no suggestions because the search field is empty.

How do I integrate with Slack?

This article describes how to set up the Slack integration so you can receive security scan notifications and vulnerability alerts directly in your Slack workspace.

Caution: You must have Slack workspace administrator privileges to set up this integration.

Requirements

Before setting up the integration, you will need to gather the following information from Slack:

Channel ID: The unique identifier for the Slack channel where you want to receive notifications. You can find this in your Slack channel URL. For example, in the URL https://mycompany.slack.com/messages/ABC123, the channel ID is ABC123.

Bot User OAuth Token: An API token generated when you create a bot app in Slack. You will create this during the Slack setup process below.

Step 1: Create a bot app in Slack

Follow these steps to create a new Slack app with the necessary permissions:

  1. Go to the Slack API page at https://api.slack.com/apps.
  2. Click Create New App.
  3. Select From Scratch.
  4. Enter an App name (for example, "Holm Security Alerts").
  5. Select your workspace from the dropdown.
  6. Click Create App.

Step 2: Configure app permissions

Configure the bot to have permission to send messages to your channel:

  1. On the left sidebar, click OAuth & Permissions.
  2. Scroll down to the Scopes section.
  3. Under Bot Token Scopes, click Add an OAuth Scope.
  4. Select chat: write from the list.
  5. At the top of the page, you will see a prompt to install the app. Click Install to Workspace (or Reinstall to Workspace if you've already installed it).
  6. Authorize the app by clicking Allow.

Step 3: Copy your Bot User OAuth Token

After installing the app, you will see your Bot User OAuth Token at the top of the OAuth & Permissions page.

  1. Copy the Bot User OAuth Token (it starts with xoxb-).
  2. Keep this token secure and do not share it.

Step 4: Invite the bot to your Slack channel

The bot must be invited to the channel where you want to receive notifications:

  1. In Slack, open the channel where you want notifications.
  2. Click Details in the top right corner.
  3. Go to the Members section.
  4. Click Add members.
  5. Search for and select your bot app (for example, "Holm Security Alerts").

Tip: If you don't see your bot in the member list, make sure you successfully installed the app in the previous step.

Step 5: Set up integration in Security Center

Now configure the integration in Holm Security:

  1. Log in to Security Center.
  2. Click the Menu icon in the top-right corner.
  3. Click Integrations > Slack.
  4. Check the checkbox to Enable Slack.
  5. Enter the following information:
    • Channel ID - The channel ID you identified in the Requirements section
    • API Token - The Bot User OAuth Token you copied from Slack
  6. Click OK.

Step 6: Configure notification preferences

After enabling the integration, you can configure which notifications you want to receive in Slack:

  1. In the Slack integration settings, enable the notification types you want (for example, scan completion, critical vulnerabilities, etc.).
  2. Click Save.
  3. Done!

You will now receive Slack notifications for the events you have enabled.

Tip: Start with a few key notification types and add more as needed. This helps prevent notification overload.

Troubleshooting

Using User Tokens

If you are using Slack User Tokens instead of Bot Tokens, you may need to add additional permissions to the token. See the related article below for more information.

User token permissions:

Note for the new bot token users

Bot not receiving messages

If the integration is enabled but you're not receiving notifications:

  • Verify the bot has been invited to the channel (see Step 4).
  • Confirm the chat: write permission is enabled in the Slack app settings.
  • Check that notification types are enabled in Security Center (see Step 6).

Please follow these steps to get scan notifications in the Slack channel that you'd like.