Fostr’s Slack integration enables prompts and workflow engagement directly inside your messaging environment. This page covers how user access and workspace-level permissions are managed to ensure the right visibility and control.

Credentials and Access

To activate the Slack integration, a set of OAuth and app credentials is required. These credentials are issued during Slack app installation and govern how Fostr communicates with the workspace.

Required credentials include:

• Client ID
• Client Secret
• Signing Secret
• Verification Token (Optional during legacy migration)

All credentials are configured at the tenant level. Once an administrator authorizes the connection, all users within the workspace inherit the integration without requiring individual setup.

Credentials are encrypted at rest in Fostr’s backend and recorded in the Customer Slack Integration Recordset. Access is governed strictly by Fostr’s role-based permissions.

During the install flow, Slack will prompt the admin to approve the necessary OAuth scopes. Typical permissions include:

• channels:history
• chat:write
• commands
• incoming-webhook

These must be granted for Fostr to send messages, respond to context prompts, and power slash command actions.

Note: Each Slack workspace must be treated as a distinct tenant instance. Every workspace requires its own credential set and corresponding record entry within Fostr.

Permissions and Visibility

When active, the Slack integration allows Fostr to deliver workflow context and responses directly inside the workspace.

Data surfaced may include:

• Prompted responses such as OODA loops or follow‑ups
• Smart action buttons (accept/decline, complete, assign)
• System messages from Fostr
• Task and event confirmations
• Summaries from workflows presented as context blocks

Visibility:

• Any message generated by Fostr is visible within the Slack channel or thread where it appears.
• Messages are not private by default unless sent via a direct message (DM).
• Slack’s channel membership model continues to govern who can view activity. Granular visibility rules are not managed within Fostr.

User identity:

• Slack User IDs are used for routing and matching.
• Email addresses or personal identifiers are not required.

Data Access