Creators will define whether their agent will be available for use in Slack. elvex agents can be connected to sensitive datasources containing confidential company information. When these agents are used in Slack, there's a risk of accidentally exposing this information in public channels or to unauthorized users. The permission system is designed to lower this risk.
β
This document will help you to understand how to control access to your agent through Slack.
Permission Philosophy
elvex follows a security-first approach with Slack integration.
Default to safety: All agents are disabled for Slack by default
Granular control: Permissions are set individually for each agent
Workspace boundaries: Special considerations for shared channels and external workspaces
Identity verification: User matching between elvex and Slack accounts when needed
Agent Slack permission settings
Slack permissions for elvex agents are controlled individually for each agent. To adjust permissions for an agent, navigate to the agent settings, then Slack Settings.
Once expanded, you'll see three possible permissions for your agent:
All Slack users - Any member of your Slack workspace can use this agent. When enabled, this agent will be usable within public channels. This setting is only available for agents with Public visibility.
Match elvex permissions - Slack access will be restricted to elvex users who have permission to use this agent. Only members of your Slack workspace who have also been given access to the agent can use the agent in Slack.
Disabled (Default) - The agent will not be usable from within your Slack workspace. This is the default setting for all new agents.
Channel Access Options
In addition to the general permission settings, you can also control which channels an agent can be used in:
All channels - The agent can be used in any channel within your Slack workspace (subject to the permission model selected above)
Exclusive channels - The agent is limited to specific channels you select
Default Channels
You can also designate an agent as the default responder in specific channels:
When an agent is set as the default for a channel, users can interact with it without explicitly mentioning it
Users simply type their message in the channel, and the default agent will respond
This streamlines interaction in channels dedicated to specific purposes
For detailed configuration instructions, see here.
Permission Models Explained
All Slack Users
This permission model democratizes access to an agent across your entire Slack workspace. It's appropriate for:
General-purpose agents without sensitive data connections
Company-wide tools that everyone should be able to access
Agents that provide public information or services
Private Agents cannot use the "All Slack users" setting as this could potentially allow unauthorized users to access the agent and its connected datasources.
Match elvex Permissions
This model creates a direct link between elvex user permissions and Slack access. It's ideal for:
Agents connected to sensitive datasources
Tools that should only be accessible to specific teams
Maintaining consistent access control across platforms
With this setting, elvex verifies the Slack user's email address against elvex user accounts. Users can only access the agent in Slack if they have permission to use it in elvex.
Agents with this setting can be used in a channel (private or public) or via a Direct Message with the elvex app within Slack.
Disabled
The most restrictive option prevents any Slack access. This is appropriate for:
Highly sensitive agents that should never be used in chat environments
Agents still in development or testing
Internal tools that should only be accessed through the elvex platform
This is the default setting for new agents.
Understanding Shared Channels and Slack Connect
Slack offers two ways to collaborate with external organizations:
Shared Channels - Connect two workspaces together
Slack Connect - Connect up to 250 organizations in a single channel
Both features create important security considerations for your elvex agents:
External users may be present in these channels
Direct messages could be initiated by users outside your organization
Information shared in these channels could leave your organization's boundaries
Multiple external organizations might have access to the same channel (especially with Slack Connect)
The elvex permission system works consistently across both Shared Channels and Slack Connect. The "Allow Shared Channels" setting should be enabled only when you're confident that the agent is appropriate for potential external visibility, regardless of whether you're using traditional Shared Channels or Slack Connect.
When enabled, the same permission model you've selected ("All Slack Users" or "Match elvex Permissions") will apply to both Shared Channels and Slack Connect interactions.
Still having issues? Check the FAQ