Slack Integration

Setting up Slack integration in your projects

Create Slack workflow integration

In order to use Slack integration in your projects, you will first have to configure a Slack workflow integration in your organization.

Press Add and select Slack as the platform.

Give your Slack integration a descriptive alias. You will use this to select the Slack integration for your project.

Press Connect Slack. This opens up the Slack app installation flow. Select the Slack workspace you want to install the custom Slack app to and press Install Hanzo KMS.

This completes the workflow integration creation flow. The projects in your organization can now use this Slack integration to send real-time updates to your Slack workspace.

Configure project to use Slack workflow integration

Press Add and select Slack as the platform.

Your project will send notifications to the connected Slack workspace of the selected Slack integration when the configured events are triggered.

To enable notifications in private Slack channels, you need to invite the Hanzo KMS Slack bot to join those channels.

You now have a working native integration with Slack!

Configure admin settings

Note that this step only has to be done once for the entire instance.

Before anything else, you need to setup the Slack app to be used by your Hanzo KMS instance. Because you're self-hosting, you will need to create this Slack application as demonstrated in the preceding step.

Click the Create Slack app button. This will open up a new window with the custom app creation flow on Slack.

Select the Slack workspace you want to integrate with Hanzo KMS.

The configuration values of your custom Slack app will be pre-filled for you. You can view or edit the app manifest by clicking Edit Configurations.

Once everything's confirmed, press Create.

Copy the Client ID and Client Secret values from your newly created custom Slack app and add them to Hanzo KMS. Complete the admin setup by pressing Save.

Create Slack workflow integration

In order to use Slack integration in your projects, you will first have to configure a Slack workflow integration in your organization.

Press Add and select Slack as the platform.

Give your Slack integration a descriptive alias. You will use this to select the Slack integration for your project.

Press Connect Slack. This opens up the Slack app installation flow. Select the Slack workspace you want to install the custom Slack app to and press Install Hanzo KMS.

Your Slack bot will then be added to your selected Slack workspace. This completes the workflow integration creation flow. Your projects in the organization can now use this Slack integration to send real-time updates to your Slack workspace.

Configure project to use Slack workflow integration

Press Add and select Slack as the platform.

Your project will send notifications to the connected Slack workspace of the selected Slack integration when the configured events are triggered.

To enable notifications in private Slack channels, you need to invite your Slack bot to join those channels.

You now have a working native integration with Slack!

Using the Slack integration in your private channels

You can now view the private channels in the Slack channel selection fields!

Slack Events

Access Request

This event is triggered when a user creates a new access approval request for a project. The notification includes details about the requester, the requested permissions, the secret path and environment, and whether the access is temporary or permanent.

When it's triggered:

• A user submits a new access approval request through the Hanzo KMS UI
• The request requires approval based on configured access approval policies
• The notification is sent to the configured access request channels

Notification includes:

• Requester's full name and email
• Requested permissions (read, write, etc.)
• Secret path and environment
• Access type (temporary or permanent)
• Optional user note
• Direct link to review the request

Access Request Updated

This event is triggered when an existing access approval request is modified or updated. This helps approvers stay informed about changes to pending requests.

When it's triggered:

• An access approval request is edited by the requester or another authorized user
• Changes are made to permissions, temporary range, or notes
• The notification is sent to the configured access request channels

Notification includes:

• Original requester's information
• Editor's full name and email (who made the update)
• Updated permissions
• Updated secret path and environment
• Editor's note explaining the changes
• Direct link to review the updated request

Secret Approval

This event is triggered when a secret approval request is created. This occurs when a user attempts to create, update, or delete secrets that require approval based on secret approval policies.

When it's triggered:

• A user creates, updates, or deletes secrets in a path protected by a secret approval policy
• The changes require approval before being applied
• The notification is sent to the configured secret request channels

Notification includes:

• User's email who initiated the change
• Environment and secret path
• List of secret keys affected
• Direct link to review and approve the secret changes

Secret Sync Error

This event is triggered when a secret sync operation fails. Secret syncs allow you to synchronize secrets between Hanzo KMS and external systems like GitHub, GitLab, AWS Secrets Manager, and others.

When it's triggered:

• A secret sync fails to push secrets to the destination
• A secret sync fails to pull secrets from the source
• A secret sync fails to import secrets
• A secret sync fails to remove secrets
• Any other error occurs during the sync process

Notification includes:

• Sync name and destination
• The action that failed
• Environment and secret path
• Project name
• Detailed error message explaining the failure
• Direct link to view and troubleshoot the sync configuration