Skip to main content

Integration · Team messaging

Shipped — production

ClarityLift + Slack

Slack is the primary deployment surface for ClarityLift. Public channel signals only, never DMs.

Signals derived from Slack

Team friction

Disengagement patterns

Communication health

Culture drift

Retention signals

Strategic alignment

Silence

OAuth scopes ClarityLift requests

Every scope below has a documented purpose tied to a specific step in the data flow. ClarityLift never requests scopes it does not use.

channels:read

List public channels and their members

channels:history

Read messages in connected public channels

groups:read

List private channels the bot is added to (admin-controlled)

groups:history

Read messages in connected private channels (admin-added)

team:read

Resolve workspace identity for tenant scoping

users:read

Resolve user ids to internal workspace member records for the consent gate

users:read.email

Match Slack users to ClarityLift admin accounts (admin opt-in)

reactions:read

Receive reaction_added events; reactions carry as much signal as text

chat:write

Send the one-time consent DM to each employee at install with a link to /my-data

Data flow, end to end

  1. 1Admin installs the ClarityLift Slack app via OAuth.
  2. 2Admin selects which public channels to connect. Private channels require explicit add-bot action by an admin.
  3. 3Slack delivers events for messages in connected channels via the Events API webhook.
  4. 4ClarityLift verifies the request signature using HMAC-SHA256 over `v0:<timestamp>:<rawBody>` keyed by the Slack signing secret.
  5. 5The DM gate rejects any event with `is_dm=true` before classification — structurally prevented in code.
  6. 6The consent gate resolves the sender against the workspace member roster. Non-consenting employees are dropped before any LLM call.
  7. 7The classifier runs against the message and surfaces a HealthSignal at the team level — never at the individual level.
  8. 8Aggregate signals are stored. Raw message text is not persisted.

What ClarityLift does NOT read on Slack

The privacy posture is led by what is excluded, not what is included.

  • Direct messages between individuals — never read, ever.
  • Group DMs — out of scope by design.
  • Channel content from teams below the 10-member group floor.
  • Personal account content of any kind.
  • Slack DMs (im) — rejected at the DM gate.
  • Slack group DMs (mpim) — scopes are not requested.
  • Files shared via Slack — file content is not ingested.
  • Slack Connect external channels — by default not connected without explicit admin action.

Retention

ClarityLift never persists Slack message text. Aggregate signals (signal type, severity, team id, timestamp) are persisted. The webhook event metadata is stored for replay safety with a 30-day TTL. Customers can hard-delete the workspace at any time, which cascades through every derived row.

Privacy considerations specific to Slack

  • Slack workspace admins control which channels are connected — ClarityLift cannot self-extend scope.
  • The Slack app bundle requires admin approval at install time, not user-by-user consent.
  • Slack Enterprise Grid: each workspace within the grid is a separate tenant in ClarityLift.
  • For Slack Connect channels (cross-org): default is excluded. Connecting them requires a deliberate admin action with a warning about cross-tenant exposure.

What the customer does at install time

  1. 1.Workspace admin installs the ClarityLift app.
  2. 2.Admin selects channels to connect (default: none — opt-in per channel).
  3. 3.Admin sets the org-wide consent mode (default Path 3 — explicit employee opt-in via DM).
  4. 4.Optional: admin invites the bot to private channels they want included.

Other integrations

Microsoft Teams

Team messaging

Google Workspace

Email + collaboration

See all integrations →

See ClarityLift running against your Slack workspace.

Get Early AccessRead the privacy architecture