Which permissions are required for each integration?
Learn the permissions required for each Nightfall integration.
Last updated
Learn the permissions required for each Nightfall integration.
Last updated
Please find the permissions required for each integration, in the table below: Native Integrations:
Slack
You can create private channels in Channel Management Permissions.
To create, Select the default option - Everyone, plus multi-channel guests.
Nightfall Enterprise DLP for Slack uses three user token scopes:
discovery:read
discovery:write
groups:write
Nightfall Enterprise DLP for Slack has 13 Bot Token Scopes:
Channels:join
Channels:read
Chat:write
Commands
Files:read
Files:write
Groups:read
Groups:write
Im:read
Im:write
Mpim:read
Users:read
Users:read.email
Nightfall Pro DLP for Slack has 26 Bot Token Scopes:
Channels:history
Channels:join
Channels:manage
Channels:read
Chat:write
Chat:write.public
Commands
Conversations.connect:read
Files:read
Files:write
Groups:history
Groups:read
Groups:write
Im:history
Im:read
Im:write
Mpim:history
Mpim:read
Mpim:write
Reminders:read
Reminders:write
Team:read
Usergroups:read
Usergroups:write
Users:read
Users:read.email
Nightfall Pro DLP for Slack has nine User Token Scopes:
Admin.conversations:read
Admin.conversations:write
Channels:read
Channels:write
Chat:write
Files:write
Groups:read
Mpim:write
Users:read
Slack Workspace Owner - Pro
Slack Org Owner - Enterprise
Google Drive
The following access permissions are required:
https://www.googleapis.com/auth/admin.directory.user.readonly,
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.group.member.readonly, https://www.googleapis.com/auth/admin.directory.domain.readonly, https://www.googleapis.com/auth/drive
Google Super Admin
Access to the following is required:
User Read
Group Read
Billing Read
Domain Management
Domain Settings
Services > Drive and Docs > Settings: List Companies Shared Drives
Google Service Account
Confluence
Space Permissions:
All - View
Pages - Add
Delete Blog - Add
Delete Comments - Add
Delete Attachments - Add
Delete Space - Admin
Confluence Admin
Jira
Nightfall for Jira can perform the following actions on your behalf:
Create and manage issues: Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues.
View Jira issue data: Read Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs.
View user profiles: View user information in Jira that the user has access to, including usernames, email addresses, and avatars.
Jira Admin
Github
To enable integration, Read access to the following is required:
Code
Commit statuses
Members
Metadata
Github Organization Owner
Salesforce
Nightfall DLP connected app package required the following permissions:
Access to identity url service
Access content resources
Manage user data via APIs
Perform requests at any time
A dedicated user with system administrator privileges in Salesforce can install the connected app package, and grant access to Nightfall via OAuth.
Alert Platforms:
Slack
Slack Workspace Owner
Jira
Jira Admin
For more information on which integrations/platforms would require/recommend a service account, please refer the page below: