Create and share secrets (e.g. passwords, confidential text) to other Slack users in a private message or within channels and get ultimate confidence that only the correct users see the secret.
/secretcommand to open a modal dialog which lets you create a new secret. Configure a title, the channel, authorized users, expiry of access, and whether this should expire after first view./secret @user <secretMessage>Lets you create a secret instantly to one user within that conversation/channel./vaultLets you view non-expired secrets that you are authorised to view.- "Create a Secret" shortcut also shows the modal dialog to create a new secret.
- After creating any secret, a secret would have two buttons.
Reveal Secretwould show a popup to reveal the secret message.Access Logwould show a popup with all users who opened the secret and who got access or were denied.
- You can also configure the default settings for expiry, title and one-time view in the App Home page.
- All secrets are encrypted using OpenPGP standard and are stored as encrypted values in the app's database.
- Every secret is encrypted with a random decode key.
- The decode key is never stored in the app itself but stored as a value within the
Reveal Secretblock button that is sent in the conversation message by the app bot. - When a user reveals a secret, authorization is checked first before the decode key taken will be used to decode any secret
- All secrets that have expired be automatically deleted by their
time-to-liveattribute in AWS DynamoDb.
npm installthe needed npm packages.- copy and rename
.env.sampleto.env. - Obtain the ENVIRONMENT variable using this guide.
- Go to the Slack App page.
- OAuth & Permissions to get the Bot User OAuth Token
- Basic Information to get the Signing Secret
- Slack App Token - this is retrieved when you enable socket mode or from the home config.
- Start development mode using
npm run dev- If you get
ECONNREFUSEDtry commenting away thesocketMode - establish some connection by calling some API from the slack.
- Then, uncomment the
socketMode
- If you get
- Event Subscriptions add in the Request URL (IF not using socket mode)
- Eg.
https://XXXXXX.ngrok.io/slack/events - Make sure is verified.
- Eg.
- In the app config, add the necessary commands and permissions (for write), and events listeners (refer to manifest.yaml)
- If everything works well, type
/secretin the slack chat.- It should have a pop up model.
-
Setup the local dynamodb using
:8000using the following guide -
Ensure that you have the Access Key available in
- Environment variable for
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEY - Or,
AWS_CONFIG.
- Environment variable for
-
Run local dynamodb
docker run -itd -p 8000:8000 --name dev-db amazon/dynamodb-local:latest -jar DynamoDBLocal.jar -sharedDb
-
Run
npm run dbto init create the tables. -
Enable time-to-live on local db
aws dynamodb update-time-to-live --table-name Secret --time-to-live-specification Enabled=true,AttributeName=ttl --endpoint-url http://localhost:8000 --region=sas
Bolt is our framework that lets you build JavaScript-based Slack apps in a flash.
This project is a simple app template to make it easy to create your first Bolt app. Read our Getting Started with Bolt guide for a more in-depth tutorial
app.jscontains the primary Bolt app. It imports the Bolt package (@slack/bolt) and starts the Bolt app's server. It's where you'll add your app's listeners..envis where you'll put your Slack app's authorization token and signing secret.