Learn the permissions required for each Nightfall integration.
Please find the permissions required for each integration, in the table below: Native Integrations:
| Integrations | Permissions Required | Roles Required for install |
|---|---|---|
Alert Platforms:
| Alert Platform | Permissions Required for Install |
|---|---|
For more information on which integrations/platforms would require/recommend a service account, please refer the page below:
Slack
You can create private channels in Channel Management Permissions.
To create, Select the default option - Everyone, plus multi-channel guests.
Nightfall Enterprise DLP for Slack uses three user token scopes:
discovery:read
discovery:write
groups:write
Nightfall Enterprise DLP for Slack has 13 Bot Token Scopes:
Channels:join
Channels:read
Chat:write
Commands
Files:read
Files:write
Groups:read
Groups:write
Im:read
Im:write
Mpim:read
Users:read
Users:read.email
Nightfall Pro DLP for Slack has 26 Bot Token Scopes:
Channels:history
Channels:join
Channels:manage
Channels:read
Chat:write
Chat:write.public
Commands
Conversations.connect:read
Files:read
Files:write
Groups:history
Groups:read
Groups:write
Im:history
Im:read
Im:write
Mpim:history
Mpim:read
Mpim:write
Reminders:read
Reminders:write
Team:read
Usergroups:read
Usergroups:write
Users:read
Users:read.email
Nightfall Pro DLP for Slack has nine User Token Scopes:
Admin.conversations:read
Admin.conversations:write
Channels:read
Channels:write
Chat:write
Files:write
Groups:read
Mpim:write
Users:read
Slack Workspace Owner - Pro
Slack Org Owner - Enterprise
Google Drive
The following access permissions are required:
https://www.googleapis.com/auth/admin.directory.user.readonly,
https://www.googleapis.com/auth/admin.directory.group.readonly, https://www.googleapis.com/auth/admin.directory.group.member.readonly, https://www.googleapis.com/auth/admin.directory.domain.readonly, https://www.googleapis.com/auth/drive
Google Super Admin
Access to the following is required:
User Read
Group Read
Billing Read
Domain Management
Domain Settings
Services > Drive and Docs > Settings: List Companies Shared Drives
Google Service Account
Confluence
Space Permissions:
All - View
Pages - Add
Delete Blog - Add
Delete Comments - Add
Delete Attachments - Add
Delete Space - Admin
Confluence Admin
Jira
Nightfall for Jira can perform the following actions on your behalf:
Create and manage issues: Create and edit issues in Jira, post comments as the user, create worklogs, and delete issues.
View Jira issue data: Read Jira project and issue data, search for issues, and objects associated with issues like attachments and worklogs.
View user profiles: View user information in Jira that the user has access to, including usernames, email addresses, and avatars.
Jira Admin
Github
To enable integration, Read access to the following is required:
Code
Commit statuses
Members
Metadata
Github Organization Owner
Salesforce
Nightfall DLP connected app package required the following permissions:
Access to identity url service
Access content resources
Manage user data via APIs
Perform requests at any time
A dedicated user with system administrator privileges in Salesforce can install the connected app package, and grant access to Nightfall via OAuth.
Slack
Slack Workspace Owner
Jira
Jira Admin