Slack Setup
This guide walks you through installing the Relynt Slack app in your workspace and configuring approval channels for your organization.
Prerequisites
- A Relynt account with Owner or Admin role
- A Slack workspace where you can install apps
- A Slack channel for approval messages
Install the Relynt Slack app
- In the Relynt dashboard, navigate to Settings → Onboarding
- Click Install Slack App
- You’ll be redirected to Slack’s OAuth consent screen
- Select your workspace and authorize the Relynt app
- After authorization, you’ll be redirected back to the dashboard
Configure the approval channel
- In Settings → Onboarding, select the Slack channel where approval messages should be posted
- The Relynt app must be invited to this channel — the dashboard will prompt you if it isn’t
- Save your channel selection
Choose a channel that your security or ops team monitors actively. Approval messages need timely responses to avoid blocking agent operations.
Test the integration
- Navigate to Settings → Onboarding and click Test Slack Configuration
- A test message will be posted to your configured channel
- Verify the message appears and the buttons are interactive
Create approval-required policies
Create a policy rule that requires approval:
{
"action": "update_deal",
"resource_pattern": "crm:deal:*",
"decision": "require_approval",
"risk_level": "high"
}When an agent triggers this rule, an approval message will be posted to your configured channel.
Approval message anatomy
Each Slack approval message contains:
| Section | Content |
|---|---|
| Header | Agent name, action, and resource |
| Risk level | Color-coded badge (low/medium/high) |
| Payload diff | Key fields from the request payload |
| Reason | Why the policy triggered approval |
| Buttons | Approve and Deny interactive buttons |
Security considerations
Relynt verifies the Slack signing secret on every interactive callback. Never share your Slack signing secret or store it in client-side code.
- Every Slack callback is verified using HMAC-SHA256 with the Slack signing secret
- Approval buttons can only be clicked once — duplicate clicks are rejected
- The Slack user who clicks a button is recorded as the approver in the receipt
- Approval messages are scoped to the organization via the
approval_id
Troubleshooting
| Issue | Solution |
|---|---|
| Messages not appearing | Ensure the Relynt app is invited to the channel |
| Buttons not working | Check that the Slack app’s interactivity URL is configured correctly |
| ”Invalid signature” errors | Verify the Slack signing secret in your Relynt settings |
| Test message fails | Confirm the channel exists and the app has chat:write permission |
Last updated on