Is your Slack app ready for the App Directory?
Please note, your app does not need to be listed in the App Directory for it to work for your own or other Slack workspaces.
Once you've built your app, you can submit it to the App Directory to be used by other Slack workspaces. We review apps to ensure they provide users with a great experience and comply with our API TOS, Developer Policy and Brand Guidelines.
When submitting, you'll see the comprehensive checklist shown below, which covers the most common points of failure during the review. Follow this checklist to help your app go through the review process quickly and smoothly.
- If I’m submitting a new app to the App Directory or resubmitting an app that’s already listed, I confirm it uses granular permissions.
- The scopes requested are the minimum necessary for the service to function. My app does not request broad access to message data or other sensitive information, circumvent Slack's administrative or privacy controls, nor use the following scopes: read, post, client, search:read.
- My app configuration lists all of the requested scopes in every step of the OAuth flow, and I have provided detailed reasons for how each scope is used.
- My app provides a high quality experience in Slack, suitable for the workplace.
- I've installed my app on a new workspace to fully test the installation, onboarding, and functionality of the app before submitting it to the Slack App Directory.
- My app is ready to support a growing number of users once it’s listed in the App Directory and is not currently in private beta.
- Messages from my app use clear, consistent formatting. (Read more about building with blocks. You can also use our Message Builder to see a preview of your messages or find templates for your app.)
- Messages from my app are free of typos and grammatical errors.
- My app only sends direct messages or uses @channel or @here notifications when appropriate.
- My app does not send messages to the #general channel by default or to a user's Slackbot direct message.
- My app never contacts any user using any information obtained from Slack without explicit and separate consent from that user to do so.
- If my app uses a slash command, there’s a way for a user to ask for help or send feedback. For example, the slash command should respond to “/mycommand help” with information about using the app.
- If using the App Home "Messages" tab, my bot responds to users' direct messages. It also uses the app_home_opened event to send a welcome message the first time any user opens this view.
- If using the App Home "Home" tab, any content displayed there is helpful and appropriate for users viewing it.
- My app only requests domain events that are needed to function.
- My app does not facilitate financial transactions in Slack.
- I will revoke all API tokens for my app when it's no longer maintained and communicate deprecation plans to users and the App Directory team.
We have some guidelines on presenting your Slack app in the directory. Please review them before submission.
- My app complies with Slack’s brand guidelines.
- My app doesn’t infringe on any trademark, copyright, or other intellectual property rights.
- My app doesn't have the same name as another app currently listed in the App Directory.
- My app does not use “Slack” in its name or domain name other than to note itself as a third-party integration. (For example, “My Service for Slack” is okay, but “My Slack Service” is not.)
- My app has a high quality, distinctive icon that doesn't resemble Slackbot or the Slack icon.
- My app has a short description of how it works and what it does (10 words or fewer is ideal).
- My app has a clear, detailed, and truthful long description of what it does.
- If included, the Youtube link I've provided links to a video that clearly explains how to use my app in Slack.
- If included, I’ve provided high-quality images that clearly explain how to use my app.
- My app fully supports the languages I have selected.
- I’ve provided accurate pricing information for my app. (If your app is associated with a paid service that's required for the app to function, please choose one of the paid options.)
- My landing page contains a detailed summary of what my app does and how it integrates with Slack. (Please see our landing page guidelines for more information).
- My landing page contains clear instructions for configuring and using my app (e.g., which parts of my app trigger messages in Slack, or which comments a bot responds to).
- My app’s landing page clearly displays the “Add To Slack” button for users to install my app, or it has detailed instructions for accessing the Slack button if it’s behind a login page.
- If included, the direct install URL I’ve provided responds with a 302 redirect back to Slack's authorization URL.
- If connecting Slack with private customer data, my app’s OAuth flow uses a state parameter.
- My app links to a page with clear instructions for contacting our team if someone encounters a problem or needs help.
- Users are not required to create a new account of any kind to contact my team for support.
- I agree to keep my app updated and my support channel active.
- My app meets Slack’s guidelines and API Terms of Service.
- I agree to follow Slack's App Developer Policy and App Directory Agreement.
- We provide users with a mechanism to request to delete, access, and transfer an individual’s data.
- Personal data that is collected and processed is not held or further used unless for reasons that are clearly stated and agreed to in advance to support data privacy.
- Personal data is collected for specified, explicit, and legitimate purposes and kept for no longer than necessary for the purposes of processing.
- If requested by the customer, I am able to demonstrate compliance with all applicable privacy regulations and laws.
- I agree to allow Slack to conduct a security review of my app by terms laid out in both the Slack App Directory Agreement and the Security Review Guide.
- If provided, the security and compliance information I have included is accurate and truthful.
- My app follows our security guidelines.
- My app uses TLS 1.2 or higher for any redirect URIs, web pages, or endpoints.
We'll also need some information to help us review your app
- Test account details for your service: if an account or paid plan is required to access your app, please provide test account details for us. Providing an account with some test data will help us test more quickly.
- Other useful details: if you’re submitting changes to your app, please briefly describe them. If there’s anything else we should know, please let us know.