Slack is a cloud-based set of proprietary team collaboration tools and services. Slack creates alignment and shared understanding across your team, making you more productive and less stressed. It brings all your team's communication together, giving everyone a shared workspace where conversations are organized and accessible.
This document provides information about the Slack connector, which facilitates automated interactions, with Slack using FortiSOAR™ playbooks. Add the Slack connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list of all channels and users configured in your Slack cloud, retrieving information about a user that is configured in your Slack cloud, sending a message to a channel configured in your Slack cloud, and managing notifications from playbooks (like manual input form) at a granular level.
The FortiSOAR for Slack application (app) builds a bridge for seamless integration with FortiSOAR, allowing you to leverage the power of FortiSOAR as part of your daily communications and threat investigation routines. For more information, see the FortiSOAR for Slack Application document.
Connector Version: 3.2.0
FortiSOAR™ Version Tested on: 7.5.0-4015
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Slack Connector in version 3.2.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-slack
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Slack connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Server URL | URL of the Slack cloud to which you will connect and perform automated operations. |
| OAuth Token | The OAuth Token contains required scopes that are configured for your account for the Slack cloud to which you will connect and perform the automated operations. IMPORTANT: If you require bi-directional integration between FortiSOAR and Slack, then you must use the app template of FortiSOAR For Slack Application for appropriate permissions and to generate an OAuth Token. However, if you require to use only the connector actions, then you can initialize the app from a blank template and generate the OAUTH token as mentioned in the Creating and installing a Slack App in a workspace topic. Permissions required for each action are listed in the Permissions table in this topic. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. Defaults to True. |
| Enable Bot Communication | Select this option if you want to enable bi-directional communication between Slack and FortiSOAR. If you select this option, then in the App Level Token enter the App Level token for the FortiSOAR For Slack App, which contains the required scopes configured for your app. For more information, see the FortiSOAR for Slack Application document. IMPORTANT: The bi-directional communication between Slack and FortiSOAR is supported only on FortiSOAR nodes, i.e., this feature is currently not supported on FSR Agent nodes. Also, bi-directional communication between Slack and FortiSOAR is not supported in an air-gapped environment. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR:
| Function | Description | Annotation and Category |
|---|---|---|
| Get Message History | Fetches the history of messages and events for a specific conversation from your Slack cloud, based on the Channel ID and other input parameters that you have specified. | get_message_history Investigation |
| Create Channel | Creates a new channel in your configured Slack cloud, based on the channel name and other input parameters that you have specified. | create_channel Investigation |
| Get Channels List | Retrieves a list of channels and their details, available in a slack team, from your configured Slack cloud. | get_channels Investigation |
| Search Channel | Retrieves detailed information about a specific channel, based on the channel name that you have specified, from your configured Slack cloud. | get_channel Investigation |
| Get Channel Information | Retrieves information about conversations of a specific channel from your configured Slack cloud, based on the channel ID and other input parameters that you have specified. | get_channel_info Investigation |
| Rename Channel | Renames a channel (conversation) on your configured Slack cloud based on the channel ID and new channel name that you have specified. Note: You can rename a channel only if you are the owner of the channel or if you have admin permissions. |
rename_channel Investigation |
| Invite Users To Channel | Invites users to a specified channel on your configured Slack cloud based on the channel ID and user IDs that you have specified. | invite_user_to_channel Investigation |
| Close Channel | Closes a direct message or multi-person direct message on your configured Slack cloud based on the channel ID that you have specified. | close_channel Investigation |
| Get User List | Retrieves a list of users and their details, available in a slack team, from your configured Slack cloud. | get_users Investigation |
| Get User Information | Retrieves detailed information of a specific user from your configured Slack cloud based on the search criteria that you have specified. | get_user Investigation |
| Send Message | Sends a message to a specific channel configured on your Slack cloud, based on the Channel ID, message, and other input parameters that you have specified. | send_message Investigation |
| Send Manual Input/Approval Form to Slack | Sends a manual input form or approval request to Slack based on the input object that you have specified. | send_input Investigation |
| Upload File | Uploads a file to a specific channel configured on your Slack cloud, based on the Channel ID, message, and other input parameters that you have specified. | upload_file Miscellaneous |
| Create Multi Person Direct Message | Opens a direct message (DM) or a multi-person direct message (MPIM). | create_multi_person_direct_message Investigation |
| Create User Group | Creates a new group with provided users based on the description, handle, channels and other input parameters that you have specified.
NOTE: To avoid a |
create_group Investigation |
| Get User Groups | Retrieves a list of all user groups based on including disabled groups, listing users, and other criteria that you have specified. | get_user_groups Investigation |
| Update Users in User Group | Updates the list of users for a user group based on the user group ID, user emails and other input parameters that you have specified. It replaces all users in a user group with the list of users provided in the Users parameter. | update_users_in_user_group Investigation |
| Add Reactions | Adds an emoticon (emoji) as a reaction to an item based on the emoji name, channel ID, and other input parameters that you have specified. | add_reactions Investigation |
| Get Conversations Replies | Retrieves a list of all messages posted to a conversation based on the channel ID, message timestamp, and other input parameters that you have specified. | get_conversations_replies Investigation |
| Get Emojis | Retrieves a list of all supported emoticons (emojis). | get_emojis Investigation |
| Get Users from User Group | Retrieves a list of all users within a user group based on user group ID, team ID and other input parameters that you have specified. | get_users_from_group Investigation |
| Parameter | Description |
|---|---|
| Channel ID/User ID | Unique ID of the channel, private group, or IM channel whose conversation history you want to fetch from your Slack cloud. |
| Cursor | Paginate through collections of data by setting the cursor parameter to the next_cursor attribute returned by a previous request's response_metadata. By default, the value fetched is the first page of the collection. |
| Inclusive | Include messages with the latest or oldest timestamp in results only when either timestamp is specified. By default, this is set to 0. |
| Start Time | Start DateTime of the messages whose history you want to retrieve from your Slack cloud. |
| End Time | End DateTime of the messages whose history you want to retrieve from your Slack cloud. |
| Limit | The maximum number of items that this operation should return. Note: If you set the Limit parameter, then fewer than the requested number of items might be returned if the limit set is reached, even if the end of the users' list has not been reached. |
The output contains the following populated JSON schema:
{
"ok": "",
"has_more": "",
"messages": [
{
"ts": "",
"team": "",
"text": "",
"type": "",
"user": "",
"blocks": [
{
"type": "",
"block_id": "",
"elements": [
{
"type": "",
"elements": [
{
"text": "",
"type": ""
}
]
}
]
}
],
"client_msg_id": ""
}
],
"pin_count": "",
"response_metadata": {
"next_cursor": ""
},
"channel_actions_ts": "",
"channel_actions_count": ""
}
| Parameter | Description |
|---|---|
| Channel Name | Name of the public or private channel that you want to create on your Slack cloud. |
| Is Private | Select this option to create a private channel on your Slack cloud. If you leave this unchecked then a public (default) channel will be created on your Slack cloud. |
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Create Multi Person Direct Message By | Select one of the following available options to create a multi person direct message:
|
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"is_mpim": "",
"is_private": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_pending_ext_shared": "",
"pending_shared": [],
"context_team_id": "",
"updated": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"shared_team_ids": [],
"pending_connected_team_ids": [],
"is_member": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Exclude Archived | Select this option, i.e., set it as true, to exclude archived channels from the list of channels retrieved from your configured Slack cloud.By default, this is set as false. |
| Maximum Records | The maximum number of records you want this operation to return. By default, this is set as 0. |
| Channel Types | Types of channels that you want to retrieve from your configured Slack cloud. You can choose from the following options: Public Channel, Private Channel, Group messaging, or Direct Messages. |
| Cursor | Paginate through collections of data by setting the cursor parameter to the next_cursor attribute returned by a previous request's response_metadata. By default, the value fetched is the first page of the collection. |
The JSON output contains a list of all channels along with their details, such as id, creator name, and purpose, present in a Slack team, retrieved from your configured Slack cloud.
The output contains the following populated JSON schema:
{
"ok": "",
"channels": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
],
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel to Search | Name of the channel whose details you want to retrieve from your configured Slack cloud. |
| Type of Search | Type of filter option that you want to apply to the search operation. You can choose from the following options: Exact, Contains, Starts With, or Ends With. |
The JSON output contains detailed information about a channel such as ID, creator name, and purpose, retrieved from your configured Slack cloud, based on the channel name that you have specified.
The output contains the following populated JSON schema:
{
"status": "",
"message": "",
"data": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
]
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the channel (conversations) you want to retrieve from your configured Slack cloud. |
| Include Locale | Select this checkbox, i.e., set it to true to include the locale of the specified conversations retrieved from your configured Slack cloud. By default, this is set to false, i.e., the checkbox is unchecked. |
| Include Number Of Members | Select this checkbox, i.e., set it to true, to include the member count of the specified conversations retrieved from your configured Slack cloud. By default, this is set to false, i.e., the checkbox is unchecked. |
The output contains the following populated JSON schema:
{
"ok": "",
"channels": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
],
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the channel you want to rename on your configured Slack cloud. |
| Channel Name | The new name that you want to assign to the specified channel on your configured Slack cloud. |
The output contains the following populated JSON schema:
{
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
}
},
"ok": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the public or private channel to which you want to invite specified users. |
| User IDs | Comma-separated list of user IDs that you want to invite to the specified channel. Note: You can list a maximum of 1000 users. |
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the direct message (channel) or multi-person direct message you want to close on your configured Slack cloud. |
The output contains the following populated JSON schema:
{
"ok": "",
"no_op": "",
"already_closed": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Maximum Records | The maximum number of records you want this operation to return. By default, this is set as 0. |
| Cursor | Set this parameter to a next_cursor attribute returned by a previous request's response_metadata. |
The JSON output contains a list of all members along with their profile details, such as last name, phone number, ID, and team ID, present in a Slack team, retrieved from your configured Slack cloud.
The output contains the following populated JSON schema:
{
"ok": "",
"members": [
{
"id": "",
"team_id": "",
"name": "",
"deleted": "",
"color": "",
"real_name": "",
"tz": null,
"tz_label": "",
"tz_offset": "",
"profile": {
"title": "",
"phone": "",
"skype": "",
"real_name": "",
"real_name_normalized": "",
"display_name": "",
"display_name_normalized": "",
"fields": "",
"status_text": "",
"status_emoji": "",
"status_expiration": "",
"avatar_hash": "",
"always_active": "",
"first_name": "",
"last_name": "",
"image_24": "",
"image_32": "",
"image_48": "",
"image_72": "",
"image_192": "",
"image_512": "",
"status_text_canonical": "",
"team": ""
},
"is_admin": "",
"is_owner": "",
"is_primary_owner": "",
"is_restricted": "",
"is_ultra_restricted": "",
"is_bot": "",
"is_app_user": "",
"updated": ""
}
],
"cache_ts": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"transfer-encoding": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| User ID | Select the option using which you want to search for a particular user on your configured Slack cloud. You can choose from the following options: Alias, Username, or User ID If you choose Alias, then you must specify the following parameters:
|
The JSON output contains detailed information about the user such as name, real name, profile details, and team ID, retrieved from your configured Slack cloud, based on the user ID that you have specified.
The output contains the following populated JSON schema:
{
"status": "",
"message": "",
"data": [
{
"id": "",
"team_id": "",
"name": "",
"deleted": "",
"color": "",
"real_name": "",
"tz": "",
"tz_label": "",
"tz_offset": "",
"profile": {
"title": "",
"phone": "",
"skype": "",
"real_name": "",
"real_name_normalized": "",
"display_name": "",
"display_name_normalized": "",
"status_text": "",
"status_emoji": "",
"status_expiration": "",
"avatar_hash": "",
"image_original": "",
"is_custom_image": "",
"email": "",
"first_name": "",
"last_name": "",
"image_24": "",
"image_32": "",
"image_48": "",
"image_72": "",
"image_192": "",
"image_512": "",
"image_1024": "",
"status_text_canonical": "",
"team": ""
},
"is_admin": "",
"is_owner": "",
"is_primary_owner": "",
"is_restricted": "",
"is_ultra_restricted": "",
"is_bot": "",
"is_app_user": "",
"updated": "",
"has_2fa": ""
}
]
}
| Parameter | Description |
|---|---|
| Channel ID/User ID | Unique ID of the channel, private group, or IM channel to which you want to send the message on your configured Slack cloud. You can enter either an encoded ID or a name in this field. Note: To get the current users' context in the case of the FortiSOAR for Slack app, use vars.bot_context.user_id, for the current users' ID, and vars.bot_context.channel_id for the ID of the Slack channel that has triggered the playbook. As an example, you can refer to the sample playbooks included in 02 - Use Case - FortiSOAR for Slack playbook collection, which is shipped with the FortiSOAR For Slack solution pack. |
| Send via Email Address | (Optional) To send the message using an Email, then enter the email address of the users to whom you want to send the message. |
| Message | The message that you want to send to the channel that you have specified on your configured Slack cloud. |
| Blocks | (Optional) A JSON-based array of structured blocks presented as a URL-encoded string. For more information on Blocks, see the Block Kit documentation. |
| Attachments | (Optional) A JSON-based array of structured attachments. For example:
[
{
"fallback": "ReferenceError - UI is not defined",
"text": "ReferenceError - UI is not defined",
"fields": [
{
"title": "Project",
"value": "Awesome Project",
"short": true
},
{
"title": "Environment",
"value": "production",
"short": true
}
],
"color": "#F35A00"
}
]
Note: For more information on how to set attachments, see https://api.slack.com/docs/message-attachments. |
| Thread TS | (Optional) The Threat TS ID if you are sending the message as part of a threaded message. |
NOTE: Use the Send Message action to send customized messages directly to Slack users. For example, you can use the https://app.slack.com/block-kit-builder/ utility to create or get your own block code and then send beautifully formatted messages to Slack! Once you get your code block using the block kit builder, you can drop that code in the Blocks parameter.
The JSON output contains details of the message sent to the Slack channel that you have specified. Message details such as bot id, type, text, and attachment details, are included in the JSON output.
The output contains the following populated JSON schema:
{
"ok": "",
"channel": "",
"ts": "",
"message": {
"bot_id": "",
"type": "",
"text": "",
"user": "",
"ts": "",
"team": "",
"bot_profile": {
"id": "",
"deleted": "",
"name": "",
"updated": "",
"app_id": "",
"icons": {},
"team_id": ""
}
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Input | The FortiSOAR Manual Input object that can either be an input form or an approval request, which you want to send to Slack and get the users' response. |
NOTE: The Send Manual Input/Approval Form to Slack action internally prepares the mapping code for the form object as expected by Slack and renders that form in Slack. However, if you want to send customized messages directly to Slack users, then you use the Send Message action. For example, you can use the https://app.slack.com/block-kit-builder/ utility to create or get your own block code and then send beautifully formatted messages to Slack! Once you get your code block using the block kit builder, you can drop that code in the Blocks field of the Send Message action.
The output contains the following populated JSON schema:
{
"ok": "",
"channel": "",
"ts": "",
"message": {
"bot_id": "",
"type": "",
"text": "",
"user": "",
"ts": "",
"team": "",
"bot_profile": {
"id": "",
"deleted": "",
"name": "",
"updated": "",
"app_id": "",
"icons": {},
"team_id": ""
}
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
Note: You can upload only those files that are directly accessible from FortiSOAR™ to the Slack channels on your configured Slack cloud.
| Parameter | Description |
|---|---|
| Channel ID | (Optional) Comma-separated list of channel names or IDs to which you want to upload the file on your configured Slack cloud. Note: If you do not provide any channel ID, then the files will be stored in the Files section of your configured Slack Cloud. |
| Title | (Optional) Title of the file that you want to upload to the specified Slack channels. |
| File Name | (Optional) Name of the file that you want to upload to the specified Slack channels. |
| File Type | (Optional) Type of the file that you want to upload to the specified Slack channels. |
| File Reference | Type of file reference that you will be providing for the file that you want to upload to the specified Slack channels. You can choose from the following options: Attachment ID or File IRI.
|
| Comment | (Optional) Initial comment to add to the file that you want to upload to the specified Slack channels. |
The JSON output contains details of the file uploaded to the Slack channel that you have specified. File details such as file name, file type, timestamp, groups, and comments count, are included in the JSON output.
The output contains the following populated JSON schema:
{
"ok": "",
"file": {
"id": "",
"created": "",
"timestamp": "",
"name": "",
"title": "",
"mimetype": "",
"filetype": "",
"pretty_type": "",
"user": "",
"mode": "",
"editable": "",
"is_external": "",
"external_type": "",
"username": "",
"size": "",
"url_private": "",
"url_private_download": "",
"thumb_64": "",
"thumb_80": "",
"thumb_360": "",
"thumb_360_gif": "",
"thumb_360_w": "",
"thumb_360_h": "",
"thumb_480": "",
"thumb_480_w": "",
"thumb_480_h": "",
"thumb_160": "",
"permalink": "",
"permalink_public": "",
"edit_link": "",
"preview": "",
"preview_highlight": "",
"lines": "",
"lines_more": "",
"is_public": "",
"public_url_shared": "",
"display_as_bot": "",
"channels": [],
"groups": [],
"ims": [],
"initial_comment": {},
"num_stars": "",
"is_starred": "",
"pinned_to": [],
"reactions": [
{
"name": "",
"count": "",
"users": []
}
],
"comments_count": ""
}
}
| Parameter | Description |
|---|---|
| Group Name | Specify a unique name for the user group being created. |
| Description | (Optional) Specify a short description of the user group being created. |
| Handle | (Optional) Specify the mention handle of the user group being created.
NOTE: The mention handle must be unique among channels, users, and user groups. |
| Channels | (Optional) Specify comma-separated IDs of channels where the group members are to be added, by default. |
| Include Count | (Optional) Select to include the count of users in each user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"usergroup": {
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"user_count": ""
}
}
| Parameter | Description |
|---|---|
| Include Count | (Optional) Select to include the count of users in each user group. |
| Include Disabled | (Optional) Select to include results containing disabled User Groups. |
| Include Users | (Optional) Select to include results containing the list of users for each retrieved user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": true,
"usergroups": [
{
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"user_count": ""
}
]
}
| Parameter | Description |
|---|---|
| User Group ID | Specify the encoded ID of the user group being updated. |
| User Emails | Specify a comma-separated email addresses of users to update in the user group. |
| Include Count | (Optional) Select to include the count of users in each user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"usergroup": {
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"users": [],
"user_count": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | Specify the ID of the channel where the message was posted to add a reaction. |
| Message Timestamp | Specify the timestamp of the message to add a reaction. |
| Reaction Name | Specify the reaction (emoji) name to add to the message. |
The output contains the following populated JSON schema:
{
"ok": ""
}
| Parameter | Description |
|---|---|
| Include Categories | (Optional) Select to include a list of categories and emojis within them. |
The output contains the following populated JSON schema:
{
"ok": "",
"emoji": {}
}
| Parameter | Description |
|---|---|
| Channel ID | Specify the ID of the conversation from which to fetch the thread. |
| Timestamp | Specify a the timestamp of an existing message with 0 or more replies. The time stamp is also the unique identifier of that message. For example: 1234567890.123456 |
| Include All Metadata | (Optional) Select to return all metadata associated with the message. |
| Inclusive | (Optional) Select to include messages with oldest or latest timestamps in results. This parameter is ignored if Start Time or an End Time is specified. |
| Start Time | (Optional) Select a time to fetch messages created after this Unix timestamp. |
| End Time | (Optional) Select a time to fetch messages created before this Unix timestamp. |
| Limit | (Optional) Specify the maximum number of items to return. Default value is 1000.
NOTE:Fewer than the requested number of items may be returned, even if the end of the users list hasn't been reached. |
| Create Attachments | (Optional) Select this option to create attachments in FortiSOAR of images present in message replies. |
The output contains the following populated JSON schema:
{
"messages": [
{
"type": "",
"user": "",
"text": "",
"thread_ts": "",
"reply_count": "",
"subscribed": "",
"last_read": "",
"unread_count": "",
"ts": ""
}
],
"has_more": "",
"ok": "",
"response_metadata": {
"next_cursor": ""
}
}
| Parameter | Description |
|---|---|
| User Group ID | Specify the encoded ID of the User Group for which to list users. |
| Include Disabled | (Optional) Select to include results containing disabled User Groups. |
| Team ID | (Optional) Specify an encoded team ID where the user group exists.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"users": []
}
The Sample - Slack - 3.2.0 playbook collection comes bundled with the Slack connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Slack connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.
IMPORTANT: If you require bi-directional integration between FortiSOAR and Slack, then you must use the app template of FortiSOAR For Slack Application for appropriate permissions. However, if you require to use only the connector actions, then you can initialize the app from a blank template as mentioned in the Creating and installing a Slack App in a workspace topic. Permissions required for each action are listed in the Permissions table in this topic.
Create an App dialog, select the From Scratch option.
Name app & choose workspace dialog, enter the name for your app and choose the workspace for which you creating this app, then click Create App.
Scopes section:
Add all necessary permissions that you want to give to your app and save your changes. The following table lists the permissions required for each action of the connector:
| Action Name | Permissions List (Bot Token) | Permissions List (User Token) |
|---|---|---|
| Create Channel | admin.conversations:write |
admin.conversations:write |
| Send Message | chat:write |
chat:writechat:write:userchat:write:bot |
| Get Message History | channels:historygroups:historyim:historympim:history |
channels:historygroups:historyim:historympim:history |
| Get Channels List | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Search Channel | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Get Channel Information | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Rename Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Invite User To Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Close Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Get User List | users:read |
users:read |
| Get User Information | users:read |
users:read |
| Upload File | files:write |
files:writefiles:write:user |
| Create Multi Person Direct Message | channels:managegroups:writeim:writempim:write |
channels:writegroups:writeim:writempim:write |
| Create User Group | usergroups:write |
usergroups:write |
| Update Users in User Group | usergroups:write |
usergroups:write |
| Add Reactions | reactions:write |
reactions:write |
| Get Conversations Replies | channels:history |
channels:history |
| Get Users from User Group | usergroups:read |
usergroups:read |
| Get Emojis | emoji:read |
emoji:read |
| Get User Groups | usergroups:read |
usergroups:read |
Go to Basic Information and click Install to Workspace.
At global level you can enable form submission confirmation via notification rule in settings – by editing Slack > Notify For External Manual Input notification rule.
However, for a more granular control following configurations are available at playbook level:
To make playbook level configurations for Slack input form, following changes are required in a playbook's manual input step:
JSON. This step ensures that multiple settings can be handled through a JSON input.Slack Configuration. The playbooks recognize and trigger appropriate actions only if they find this field label.
{
"require_confirmation_on_submission": true,
"playbook_resume_error_message": "",
"input_submitted_successfully_message": "",
"message_for_button": {
"Yes": {
"input_submitted_successfully_message": "",
"confirmation_message": ""
},
"No": {
"input_submitted_successfully_message": "",
"confirmation_message": ""
}
}
}
The following table explains the supported keys in the playbook configuration JSON, their types, and description of their values:
| Key | Type | Description |
|---|---|---|
require_confirmation_on_submission |
Boolean | Specify if a confirmation is required upon submission of a manual input form on Slack. |
playbook_resume_error_message |
String | Specify a custom error message when the playbook fails to resume. |
input_submitted_successfully_message |
String | Specify a custom message when the input form is submitted successfully. |
message_for_button |
Object | Custom messages for Yes button actions. |
| Custom messages for No button actions. | ||
Yes |
||
input_submitted_successfully_message |
String | Specify a custom message to display when the user clicks Yes and the input form is submitted successfully. |
confirmation_message |
String | Specify a custom confirmation message when a user clicks YES. |
No |
||
input_submitted_successfully_message |
String | Specify a custom message to display when the user clicks No and the input form is submitted successfully. |
confirmation_message |
String | Specify a custom confirmation message when a user clicks NO. |
As an example, refer the playbook Send Slack Input Form to Slack User under Playbooks > Collections > Sample - Slack - 3.2.0.
Slack is a cloud-based set of proprietary team collaboration tools and services. Slack creates alignment and shared understanding across your team, making you more productive and less stressed. It brings all your team's communication together, giving everyone a shared workspace where conversations are organized and accessible.
This document provides information about the Slack connector, which facilitates automated interactions, with Slack using FortiSOAR™ playbooks. Add the Slack connector as a step in FortiSOAR™ playbooks and perform automated operations, such as retrieving a list of all channels and users configured in your Slack cloud, retrieving information about a user that is configured in your Slack cloud, sending a message to a channel configured in your Slack cloud, and managing notifications from playbooks (like manual input form) at a granular level.
The FortiSOAR for Slack application (app) builds a bridge for seamless integration with FortiSOAR, allowing you to leverage the power of FortiSOAR as part of your daily communications and threat investigation routines. For more information, see the FortiSOAR for Slack Application document.
Connector Version: 3.2.0
FortiSOAR™ Version Tested on: 7.5.0-4015
Authored By: Fortinet
Certified: Yes
Following enhancements have been made to the Slack Connector in version 3.2.0:
Use the Content Hub to install the connector. For the detailed procedure to install a connector, click here.
You can also use the yum command as a root user to install the connector:
yum install cyops-connector-slack
For the procedure to configure a connector, click here.
In FortiSOAR™, on the Content Hub (or Connector Store) page, click the Manage tab, and then click the Slack connector card. On the connector popup, click the Configurations tab to enter the required configuration details.
| Parameter | Description |
|---|---|
| Server URL | URL of the Slack cloud to which you will connect and perform automated operations. |
| OAuth Token | The OAuth Token contains required scopes that are configured for your account for the Slack cloud to which you will connect and perform the automated operations. IMPORTANT: If you require bi-directional integration between FortiSOAR and Slack, then you must use the app template of FortiSOAR For Slack Application for appropriate permissions and to generate an OAuth Token. However, if you require to use only the connector actions, then you can initialize the app from a blank template and generate the OAUTH token as mentioned in the Creating and installing a Slack App in a workspace topic. Permissions required for each action are listed in the Permissions table in this topic. |
| Verify SSL | Specifies whether the SSL certificate for the server is to be verified or not. Defaults to True. |
| Enable Bot Communication | Select this option if you want to enable bi-directional communication between Slack and FortiSOAR. If you select this option, then in the App Level Token enter the App Level token for the FortiSOAR For Slack App, which contains the required scopes configured for your app. For more information, see the FortiSOAR for Slack Application document. IMPORTANT: The bi-directional communication between Slack and FortiSOAR is supported only on FortiSOAR nodes, i.e., this feature is currently not supported on FSR Agent nodes. Also, bi-directional communication between Slack and FortiSOAR is not supported in an air-gapped environment. |
The following automated operations can be included in playbooks and you can also use the annotations to access operations from FortiSOAR:
| Function | Description | Annotation and Category |
|---|---|---|
| Get Message History | Fetches the history of messages and events for a specific conversation from your Slack cloud, based on the Channel ID and other input parameters that you have specified. | get_message_history Investigation |
| Create Channel | Creates a new channel in your configured Slack cloud, based on the channel name and other input parameters that you have specified. | create_channel Investigation |
| Get Channels List | Retrieves a list of channels and their details, available in a slack team, from your configured Slack cloud. | get_channels Investigation |
| Search Channel | Retrieves detailed information about a specific channel, based on the channel name that you have specified, from your configured Slack cloud. | get_channel Investigation |
| Get Channel Information | Retrieves information about conversations of a specific channel from your configured Slack cloud, based on the channel ID and other input parameters that you have specified. | get_channel_info Investigation |
| Rename Channel | Renames a channel (conversation) on your configured Slack cloud based on the channel ID and new channel name that you have specified. Note: You can rename a channel only if you are the owner of the channel or if you have admin permissions. |
rename_channel Investigation |
| Invite Users To Channel | Invites users to a specified channel on your configured Slack cloud based on the channel ID and user IDs that you have specified. | invite_user_to_channel Investigation |
| Close Channel | Closes a direct message or multi-person direct message on your configured Slack cloud based on the channel ID that you have specified. | close_channel Investigation |
| Get User List | Retrieves a list of users and their details, available in a slack team, from your configured Slack cloud. | get_users Investigation |
| Get User Information | Retrieves detailed information of a specific user from your configured Slack cloud based on the search criteria that you have specified. | get_user Investigation |
| Send Message | Sends a message to a specific channel configured on your Slack cloud, based on the Channel ID, message, and other input parameters that you have specified. | send_message Investigation |
| Send Manual Input/Approval Form to Slack | Sends a manual input form or approval request to Slack based on the input object that you have specified. | send_input Investigation |
| Upload File | Uploads a file to a specific channel configured on your Slack cloud, based on the Channel ID, message, and other input parameters that you have specified. | upload_file Miscellaneous |
| Create Multi Person Direct Message | Opens a direct message (DM) or a multi-person direct message (MPIM). | create_multi_person_direct_message Investigation |
| Create User Group | Creates a new group with provided users based on the description, handle, channels and other input parameters that you have specified.
NOTE: To avoid a |
create_group Investigation |
| Get User Groups | Retrieves a list of all user groups based on including disabled groups, listing users, and other criteria that you have specified. | get_user_groups Investigation |
| Update Users in User Group | Updates the list of users for a user group based on the user group ID, user emails and other input parameters that you have specified. It replaces all users in a user group with the list of users provided in the Users parameter. | update_users_in_user_group Investigation |
| Add Reactions | Adds an emoticon (emoji) as a reaction to an item based on the emoji name, channel ID, and other input parameters that you have specified. | add_reactions Investigation |
| Get Conversations Replies | Retrieves a list of all messages posted to a conversation based on the channel ID, message timestamp, and other input parameters that you have specified. | get_conversations_replies Investigation |
| Get Emojis | Retrieves a list of all supported emoticons (emojis). | get_emojis Investigation |
| Get Users from User Group | Retrieves a list of all users within a user group based on user group ID, team ID and other input parameters that you have specified. | get_users_from_group Investigation |
| Parameter | Description |
|---|---|
| Channel ID/User ID | Unique ID of the channel, private group, or IM channel whose conversation history you want to fetch from your Slack cloud. |
| Cursor | Paginate through collections of data by setting the cursor parameter to the next_cursor attribute returned by a previous request's response_metadata. By default, the value fetched is the first page of the collection. |
| Inclusive | Include messages with the latest or oldest timestamp in results only when either timestamp is specified. By default, this is set to 0. |
| Start Time | Start DateTime of the messages whose history you want to retrieve from your Slack cloud. |
| End Time | End DateTime of the messages whose history you want to retrieve from your Slack cloud. |
| Limit | The maximum number of items that this operation should return. Note: If you set the Limit parameter, then fewer than the requested number of items might be returned if the limit set is reached, even if the end of the users' list has not been reached. |
The output contains the following populated JSON schema:
{
"ok": "",
"has_more": "",
"messages": [
{
"ts": "",
"team": "",
"text": "",
"type": "",
"user": "",
"blocks": [
{
"type": "",
"block_id": "",
"elements": [
{
"type": "",
"elements": [
{
"text": "",
"type": ""
}
]
}
]
}
],
"client_msg_id": ""
}
],
"pin_count": "",
"response_metadata": {
"next_cursor": ""
},
"channel_actions_ts": "",
"channel_actions_count": ""
}
| Parameter | Description |
|---|---|
| Channel Name | Name of the public or private channel that you want to create on your Slack cloud. |
| Is Private | Select this option to create a private channel on your Slack cloud. If you leave this unchecked then a public (default) channel will be created on your Slack cloud. |
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Create Multi Person Direct Message By | Select one of the following available options to create a multi person direct message:
|
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"is_mpim": "",
"is_private": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_pending_ext_shared": "",
"pending_shared": [],
"context_team_id": "",
"updated": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"shared_team_ids": [],
"pending_connected_team_ids": [],
"is_member": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Exclude Archived | Select this option, i.e., set it as true, to exclude archived channels from the list of channels retrieved from your configured Slack cloud.By default, this is set as false. |
| Maximum Records | The maximum number of records you want this operation to return. By default, this is set as 0. |
| Channel Types | Types of channels that you want to retrieve from your configured Slack cloud. You can choose from the following options: Public Channel, Private Channel, Group messaging, or Direct Messages. |
| Cursor | Paginate through collections of data by setting the cursor parameter to the next_cursor attribute returned by a previous request's response_metadata. By default, the value fetched is the first page of the collection. |
The JSON output contains a list of all channels along with their details, such as id, creator name, and purpose, present in a Slack team, retrieved from your configured Slack cloud.
The output contains the following populated JSON schema:
{
"ok": "",
"channels": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
],
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel to Search | Name of the channel whose details you want to retrieve from your configured Slack cloud. |
| Type of Search | Type of filter option that you want to apply to the search operation. You can choose from the following options: Exact, Contains, Starts With, or Ends With. |
The JSON output contains detailed information about a channel such as ID, creator name, and purpose, retrieved from your configured Slack cloud, based on the channel name that you have specified.
The output contains the following populated JSON schema:
{
"status": "",
"message": "",
"data": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
]
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the channel (conversations) you want to retrieve from your configured Slack cloud. |
| Include Locale | Select this checkbox, i.e., set it to true to include the locale of the specified conversations retrieved from your configured Slack cloud. By default, this is set to false, i.e., the checkbox is unchecked. |
| Include Number Of Members | Select this checkbox, i.e., set it to true, to include the member count of the specified conversations retrieved from your configured Slack cloud. By default, this is set to false, i.e., the checkbox is unchecked. |
The output contains the following populated JSON schema:
{
"ok": "",
"channels": [
{
"id": "",
"name": "",
"is_channel": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"creator": "",
"name_normalized": "",
"is_shared": "",
"is_org_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"members": [],
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"previous_names": [],
"num_members": ""
}
],
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the channel you want to rename on your configured Slack cloud. |
| Channel Name | The new name that you want to assign to the specified channel on your configured Slack cloud. |
The output contains the following populated JSON schema:
{
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
}
},
"ok": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the public or private channel to which you want to invite specified users. |
| User IDs | Comma-separated list of user IDs that you want to invite to the specified channel. Note: You can list a maximum of 1000 users. |
The output contains the following populated JSON schema:
{
"ok": "",
"channel": {
"id": "",
"name": "",
"is_channel": "",
"is_group": "",
"is_im": "",
"created": "",
"is_archived": "",
"is_general": "",
"unlinked": "",
"name_normalized": "",
"is_shared": "",
"parent_conversation": "",
"creator": "",
"is_ext_shared": "",
"is_org_shared": "",
"shared_team_ids": [],
"pending_shared": [],
"pending_connected_team_ids": [],
"is_pending_ext_shared": "",
"is_member": "",
"is_private": "",
"is_mpim": "",
"last_read": "",
"is_open": "",
"topic": {
"value": "",
"creator": "",
"last_set": ""
},
"purpose": {
"value": "",
"creator": "",
"last_set": ""
},
"priority": ""
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | The ID of the direct message (channel) or multi-person direct message you want to close on your configured Slack cloud. |
The output contains the following populated JSON schema:
{
"ok": "",
"no_op": "",
"already_closed": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
Note: All the input parameters are optional. However, if you do not specify any parameter, then no filter criterion is applied and an unfiltered list is returned.
| Parameter | Description |
|---|---|
| Maximum Records | The maximum number of records you want this operation to return. By default, this is set as 0. |
| Cursor | Set this parameter to a next_cursor attribute returned by a previous request's response_metadata. |
The JSON output contains a list of all members along with their profile details, such as last name, phone number, ID, and team ID, present in a Slack team, retrieved from your configured Slack cloud.
The output contains the following populated JSON schema:
{
"ok": "",
"members": [
{
"id": "",
"team_id": "",
"name": "",
"deleted": "",
"color": "",
"real_name": "",
"tz": null,
"tz_label": "",
"tz_offset": "",
"profile": {
"title": "",
"phone": "",
"skype": "",
"real_name": "",
"real_name_normalized": "",
"display_name": "",
"display_name_normalized": "",
"fields": "",
"status_text": "",
"status_emoji": "",
"status_expiration": "",
"avatar_hash": "",
"always_active": "",
"first_name": "",
"last_name": "",
"image_24": "",
"image_32": "",
"image_48": "",
"image_72": "",
"image_192": "",
"image_512": "",
"status_text_canonical": "",
"team": ""
},
"is_admin": "",
"is_owner": "",
"is_primary_owner": "",
"is_restricted": "",
"is_ultra_restricted": "",
"is_bot": "",
"is_app_user": "",
"updated": ""
}
],
"cache_ts": "",
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"transfer-encoding": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| User ID | Select the option using which you want to search for a particular user on your configured Slack cloud. You can choose from the following options: Alias, Username, or User ID If you choose Alias, then you must specify the following parameters:
|
The JSON output contains detailed information about the user such as name, real name, profile details, and team ID, retrieved from your configured Slack cloud, based on the user ID that you have specified.
The output contains the following populated JSON schema:
{
"status": "",
"message": "",
"data": [
{
"id": "",
"team_id": "",
"name": "",
"deleted": "",
"color": "",
"real_name": "",
"tz": "",
"tz_label": "",
"tz_offset": "",
"profile": {
"title": "",
"phone": "",
"skype": "",
"real_name": "",
"real_name_normalized": "",
"display_name": "",
"display_name_normalized": "",
"status_text": "",
"status_emoji": "",
"status_expiration": "",
"avatar_hash": "",
"image_original": "",
"is_custom_image": "",
"email": "",
"first_name": "",
"last_name": "",
"image_24": "",
"image_32": "",
"image_48": "",
"image_72": "",
"image_192": "",
"image_512": "",
"image_1024": "",
"status_text_canonical": "",
"team": ""
},
"is_admin": "",
"is_owner": "",
"is_primary_owner": "",
"is_restricted": "",
"is_ultra_restricted": "",
"is_bot": "",
"is_app_user": "",
"updated": "",
"has_2fa": ""
}
]
}
| Parameter | Description |
|---|---|
| Channel ID/User ID | Unique ID of the channel, private group, or IM channel to which you want to send the message on your configured Slack cloud. You can enter either an encoded ID or a name in this field. Note: To get the current users' context in the case of the FortiSOAR for Slack app, use vars.bot_context.user_id, for the current users' ID, and vars.bot_context.channel_id for the ID of the Slack channel that has triggered the playbook. As an example, you can refer to the sample playbooks included in 02 - Use Case - FortiSOAR for Slack playbook collection, which is shipped with the FortiSOAR For Slack solution pack. |
| Send via Email Address | (Optional) To send the message using an Email, then enter the email address of the users to whom you want to send the message. |
| Message | The message that you want to send to the channel that you have specified on your configured Slack cloud. |
| Blocks | (Optional) A JSON-based array of structured blocks presented as a URL-encoded string. For more information on Blocks, see the Block Kit documentation. |
| Attachments | (Optional) A JSON-based array of structured attachments. For example:
[
{
"fallback": "ReferenceError - UI is not defined",
"text": "ReferenceError - UI is not defined",
"fields": [
{
"title": "Project",
"value": "Awesome Project",
"short": true
},
{
"title": "Environment",
"value": "production",
"short": true
}
],
"color": "#F35A00"
}
]
Note: For more information on how to set attachments, see https://api.slack.com/docs/message-attachments. |
| Thread TS | (Optional) The Threat TS ID if you are sending the message as part of a threaded message. |
NOTE: Use the Send Message action to send customized messages directly to Slack users. For example, you can use the https://app.slack.com/block-kit-builder/ utility to create or get your own block code and then send beautifully formatted messages to Slack! Once you get your code block using the block kit builder, you can drop that code in the Blocks parameter.
The JSON output contains details of the message sent to the Slack channel that you have specified. Message details such as bot id, type, text, and attachment details, are included in the JSON output.
The output contains the following populated JSON schema:
{
"ok": "",
"channel": "",
"ts": "",
"message": {
"bot_id": "",
"type": "",
"text": "",
"user": "",
"ts": "",
"team": "",
"bot_profile": {
"id": "",
"deleted": "",
"name": "",
"updated": "",
"app_id": "",
"icons": {},
"team_id": ""
}
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
| Parameter | Description |
|---|---|
| Input | The FortiSOAR Manual Input object that can either be an input form or an approval request, which you want to send to Slack and get the users' response. |
NOTE: The Send Manual Input/Approval Form to Slack action internally prepares the mapping code for the form object as expected by Slack and renders that form in Slack. However, if you want to send customized messages directly to Slack users, then you use the Send Message action. For example, you can use the https://app.slack.com/block-kit-builder/ utility to create or get your own block code and then send beautifully formatted messages to Slack! Once you get your code block using the block kit builder, you can drop that code in the Blocks field of the Send Message action.
The output contains the following populated JSON schema:
{
"ok": "",
"channel": "",
"ts": "",
"message": {
"bot_id": "",
"type": "",
"text": "",
"user": "",
"ts": "",
"team": "",
"bot_profile": {
"id": "",
"deleted": "",
"name": "",
"updated": "",
"app_id": "",
"icons": {},
"team_id": ""
}
},
"headers": {
"date": "",
"server": "",
"x-slack-req-id": "",
"x-oauth-scopes": "",
"x-accepted-oauth-scopes": "",
"access-control-expose-headers": "",
"x-slack-backend": "",
"x-content-type-options": "",
"expires": "",
"cache-control": "",
"x-xss-protection": "",
"vary": "",
"pragma": "",
"access-control-allow-headers": "",
"strict-transport-security": "",
"referrer-policy": "",
"content-encoding": "",
"access-control-allow-origin": "*",
"content-length": "",
"content-type": "",
"x-via": ""
}
}
Note: You can upload only those files that are directly accessible from FortiSOAR™ to the Slack channels on your configured Slack cloud.
| Parameter | Description |
|---|---|
| Channel ID | (Optional) Comma-separated list of channel names or IDs to which you want to upload the file on your configured Slack cloud. Note: If you do not provide any channel ID, then the files will be stored in the Files section of your configured Slack Cloud. |
| Title | (Optional) Title of the file that you want to upload to the specified Slack channels. |
| File Name | (Optional) Name of the file that you want to upload to the specified Slack channels. |
| File Type | (Optional) Type of the file that you want to upload to the specified Slack channels. |
| File Reference | Type of file reference that you will be providing for the file that you want to upload to the specified Slack channels. You can choose from the following options: Attachment ID or File IRI.
|
| Comment | (Optional) Initial comment to add to the file that you want to upload to the specified Slack channels. |
The JSON output contains details of the file uploaded to the Slack channel that you have specified. File details such as file name, file type, timestamp, groups, and comments count, are included in the JSON output.
The output contains the following populated JSON schema:
{
"ok": "",
"file": {
"id": "",
"created": "",
"timestamp": "",
"name": "",
"title": "",
"mimetype": "",
"filetype": "",
"pretty_type": "",
"user": "",
"mode": "",
"editable": "",
"is_external": "",
"external_type": "",
"username": "",
"size": "",
"url_private": "",
"url_private_download": "",
"thumb_64": "",
"thumb_80": "",
"thumb_360": "",
"thumb_360_gif": "",
"thumb_360_w": "",
"thumb_360_h": "",
"thumb_480": "",
"thumb_480_w": "",
"thumb_480_h": "",
"thumb_160": "",
"permalink": "",
"permalink_public": "",
"edit_link": "",
"preview": "",
"preview_highlight": "",
"lines": "",
"lines_more": "",
"is_public": "",
"public_url_shared": "",
"display_as_bot": "",
"channels": [],
"groups": [],
"ims": [],
"initial_comment": {},
"num_stars": "",
"is_starred": "",
"pinned_to": [],
"reactions": [
{
"name": "",
"count": "",
"users": []
}
],
"comments_count": ""
}
}
| Parameter | Description |
|---|---|
| Group Name | Specify a unique name for the user group being created. |
| Description | (Optional) Specify a short description of the user group being created. |
| Handle | (Optional) Specify the mention handle of the user group being created.
NOTE: The mention handle must be unique among channels, users, and user groups. |
| Channels | (Optional) Specify comma-separated IDs of channels where the group members are to be added, by default. |
| Include Count | (Optional) Select to include the count of users in each user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"usergroup": {
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"user_count": ""
}
}
| Parameter | Description |
|---|---|
| Include Count | (Optional) Select to include the count of users in each user group. |
| Include Disabled | (Optional) Select to include results containing disabled User Groups. |
| Include Users | (Optional) Select to include results containing the list of users for each retrieved user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": true,
"usergroups": [
{
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"user_count": ""
}
]
}
| Parameter | Description |
|---|---|
| User Group ID | Specify the encoded ID of the user group being updated. |
| User Emails | Specify a comma-separated email addresses of users to update in the user group. |
| Include Count | (Optional) Select to include the count of users in each user group. |
| Team ID | (Optional) Specify an encoded team ID where the user group has to be created.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"usergroup": {
"id": "",
"team_id": "",
"is_usergroup": "",
"name": "",
"description": "",
"handle": "",
"is_external": "",
"date_create": "",
"date_update": "",
"date_delete": "",
"auto_type": "",
"created_by": "",
"updated_by": "",
"deleted_by": "",
"prefs": {
"channels": [],
"groups": []
},
"users": [],
"user_count": ""
}
}
| Parameter | Description |
|---|---|
| Channel ID | Specify the ID of the channel where the message was posted to add a reaction. |
| Message Timestamp | Specify the timestamp of the message to add a reaction. |
| Reaction Name | Specify the reaction (emoji) name to add to the message. |
The output contains the following populated JSON schema:
{
"ok": ""
}
| Parameter | Description |
|---|---|
| Include Categories | (Optional) Select to include a list of categories and emojis within them. |
The output contains the following populated JSON schema:
{
"ok": "",
"emoji": {}
}
| Parameter | Description |
|---|---|
| Channel ID | Specify the ID of the conversation from which to fetch the thread. |
| Timestamp | Specify a the timestamp of an existing message with 0 or more replies. The time stamp is also the unique identifier of that message. For example: 1234567890.123456 |
| Include All Metadata | (Optional) Select to return all metadata associated with the message. |
| Inclusive | (Optional) Select to include messages with oldest or latest timestamps in results. This parameter is ignored if Start Time or an End Time is specified. |
| Start Time | (Optional) Select a time to fetch messages created after this Unix timestamp. |
| End Time | (Optional) Select a time to fetch messages created before this Unix timestamp. |
| Limit | (Optional) Specify the maximum number of items to return. Default value is 1000.
NOTE:Fewer than the requested number of items may be returned, even if the end of the users list hasn't been reached. |
| Create Attachments | (Optional) Select this option to create attachments in FortiSOAR of images present in message replies. |
The output contains the following populated JSON schema:
{
"messages": [
{
"type": "",
"user": "",
"text": "",
"thread_ts": "",
"reply_count": "",
"subscribed": "",
"last_read": "",
"unread_count": "",
"ts": ""
}
],
"has_more": "",
"ok": "",
"response_metadata": {
"next_cursor": ""
}
}
| Parameter | Description |
|---|---|
| User Group ID | Specify the encoded ID of the User Group for which to list users. |
| Include Disabled | (Optional) Select to include results containing disabled User Groups. |
| Team ID | (Optional) Specify an encoded team ID where the user group exists.
NOTE: Team ID is a required parameter if organization level token is used in configuration. |
The output contains the following populated JSON schema:
{
"ok": "",
"users": []
}
The Sample - Slack - 3.2.0 playbook collection comes bundled with the Slack connector. This playbook contains steps using which you can perform all supported actions. You can see the bundled playbooks in the Automation > Playbooks section in FortiSOAR™ after importing the Slack connector.
Note: If you are planning to use any of the sample playbooks in your environment, ensure that you clone those playbooks and move them to a different collection since the sample playbook collection gets deleted during the connector upgrade and delete.
IMPORTANT: If you require bi-directional integration between FortiSOAR and Slack, then you must use the app template of FortiSOAR For Slack Application for appropriate permissions. However, if you require to use only the connector actions, then you can initialize the app from a blank template as mentioned in the Creating and installing a Slack App in a workspace topic. Permissions required for each action are listed in the Permissions table in this topic.
Create an App dialog, select the From Scratch option.
Name app & choose workspace dialog, enter the name for your app and choose the workspace for which you creating this app, then click Create App.
Scopes section:
Add all necessary permissions that you want to give to your app and save your changes. The following table lists the permissions required for each action of the connector:
| Action Name | Permissions List (Bot Token) | Permissions List (User Token) |
|---|---|---|
| Create Channel | admin.conversations:write |
admin.conversations:write |
| Send Message | chat:write |
chat:writechat:write:userchat:write:bot |
| Get Message History | channels:historygroups:historyim:historympim:history |
channels:historygroups:historyim:historympim:history |
| Get Channels List | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Search Channel | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Get Channel Information | channels:readgroups:readim:readmpim:read |
channels:readgroups:readim:readmpim:read |
| Rename Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Invite User To Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Close Channel | channels:managegroups:writeim:writempim:write |
groups:writeim:writempim:writechannels:write |
| Get User List | users:read |
users:read |
| Get User Information | users:read |
users:read |
| Upload File | files:write |
files:writefiles:write:user |
| Create Multi Person Direct Message | channels:managegroups:writeim:writempim:write |
channels:writegroups:writeim:writempim:write |
| Create User Group | usergroups:write |
usergroups:write |
| Update Users in User Group | usergroups:write |
usergroups:write |
| Add Reactions | reactions:write |
reactions:write |
| Get Conversations Replies | channels:history |
channels:history |
| Get Users from User Group | usergroups:read |
usergroups:read |
| Get Emojis | emoji:read |
emoji:read |
| Get User Groups | usergroups:read |
usergroups:read |
Go to Basic Information and click Install to Workspace.
At global level you can enable form submission confirmation via notification rule in settings – by editing Slack > Notify For External Manual Input notification rule.
However, for a more granular control following configurations are available at playbook level:
To make playbook level configurations for Slack input form, following changes are required in a playbook's manual input step:
JSON. This step ensures that multiple settings can be handled through a JSON input.Slack Configuration. The playbooks recognize and trigger appropriate actions only if they find this field label.
{
"require_confirmation_on_submission": true,
"playbook_resume_error_message": "",
"input_submitted_successfully_message": "",
"message_for_button": {
"Yes": {
"input_submitted_successfully_message": "",
"confirmation_message": ""
},
"No": {
"input_submitted_successfully_message": "",
"confirmation_message": ""
}
}
}
The following table explains the supported keys in the playbook configuration JSON, their types, and description of their values:
| Key | Type | Description |
|---|---|---|
require_confirmation_on_submission |
Boolean | Specify if a confirmation is required upon submission of a manual input form on Slack. |
playbook_resume_error_message |
String | Specify a custom error message when the playbook fails to resume. |
input_submitted_successfully_message |
String | Specify a custom message when the input form is submitted successfully. |
message_for_button |
Object | Custom messages for Yes button actions. |
| Custom messages for No button actions. | ||
Yes |
||
input_submitted_successfully_message |
String | Specify a custom message to display when the user clicks Yes and the input form is submitted successfully. |
confirmation_message |
String | Specify a custom confirmation message when a user clicks YES. |
No |
||
input_submitted_successfully_message |
String | Specify a custom message to display when the user clicks No and the input form is submitted successfully. |
confirmation_message |
String | Specify a custom confirmation message when a user clicks NO. |
As an example, refer the playbook Send Slack Input Form to Slack User under Playbooks > Collections > Sample - Slack - 3.2.0.