diff --git a/Scripts/SecretServer/Slack/Discovery/Slack-Discovery.ps1 b/Scripts/SecretServer/Slack/Discovery/Slack-Discovery.ps1
new file mode 100644
index 0000000..a81e742
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Discovery/Slack-Discovery.ps1
@@ -0,0 +1,227 @@
+<#
+Slack User Role Definitions
+is_admin = Indicates whether the user is an Admin of the current workspace
+is_owner = Indicates whether the user is an Owner of the current workspace.
+is_restricted = Indicates whether or not the user is a guest user.
+is_ultra_restricted = Indicates whether the restricted user is a single-channel guest.
+Is_app_user = Indicates whether the user is an authorized user of the calling app.
+Is_bot = Indicates whether the user is actually a bot user. Bleep bloop. Note that Slackbot is special, so is_bot will be false for it.
+#>
+
+[string]$baseURL = "https://slack.com"
+[string]$api = "$baseURL/api"
+[string]$DiscoveryMode = $args[0] #Select "Default" or "Advanced"
+[string]$OAuthToken = $args[1]
+[string]$adminrole = $args[2]
+[string]$svcacctrole = $args[3]
+
+
+$accessToken = $OauthToken
+
+
+#Script Constants
+[string]$LogFile = "$env:ProgramFiles\Thycotic Software Ltd\Distributed Engine\log\Slack-Discovery.log"
+[int32]$LogLevel = 3
+[string]$logApplicationHeader = "Slack Discovery"
+
+#region Error Handling Functions
+function Write-Log {
+ [CmdletBinding()]
+ param (
+ [Parameter(Mandatory)]
+ [ValidateSet(0,1,2,3)]
+ [Int32]$ErrorLevel,
+ [Parameter(Mandatory,ValueFromPipeline)]
+ [string]$Message
+ )
+ # Evaluate Log Level based on global configuration
+ if ($ErrorLevel -le $LogLevel) {
+ # Format message
+ [string]$Timestamp = Get-Date -Format "yyyy-MM-ddThh:mm:sszzz"
+ switch ($ErrorLevel) {
+ "0" { [string]$MessageLevel = "INF0 " }
+ "1" { [string]$MessageLevel = "WARN " }
+ "2" { [string]$MessageLevel = "ERROR" }
+ "3" { [string]$MessageLevel = "DEBUG" }
+ }
+ # Write Log data
+ $MessageString = "{0}`t| {1}`t| {2}`t| {3}" -f $Timestamp, $MessageLevel,$logApplicationHeader, $Message
+ $MessageString | Out-File -FilePath $LogFile -Encoding utf8 -Append -ErrorAction SilentlyContinue
+ # $Color = @{ 0 = 'Green'; 1 = 'Cyan'; 2 = 'Yellow'; 3 = 'Red'}
+ # Write-Host -ForegroundColor $Color[$ErrorLevel] -Object ( $DateTime + $Message)
+ }
+}
+#endregion Error Handling Functions
+
+
+
+#region Slack instance details
+ # Build headers and get user list
+try {
+
+ $headers = @{
+ "Authorization" = "Bearer $accessToken"
+ "Accept" = "application/json, application/xml"
+ }
+
+# Get All Active Users
+ Write-Log -Errorlevel 0 -Message "Obtaining List of Users"
+ # Specify Slack endpoint uri for Users
+ $uri = "$api/users.list"
+
+ # Specify HTTP method
+ $method = "get"
+
+ # Perform Auth Test
+ $AuthTest = Invoke-RestMethod "$api/auth.test" -Method $method -Headers $headers
+
+ # Send HTTP request
+ $users = Invoke-RestMethod -Headers $headers -Method $method -Uri $uri
+}
+
+catch {
+ $Err = $_
+ Write-Log -ErrorLevel 0 -Message "Failed to retrieve User List"
+ Write-Log -ErrorLevel 2 -Message $Err.Exception
+ throw $Err.Exception
+}
+#endregion Slack instance details
+
+<# ## Use for debug logging on returned user attributes
+
+try {
+ Write-Log -Errorlevel 0 -Message "Parsing List of Users"
+ Write-Log -ErrorLevel 0 -Message "Successfully found $($users.members.Count) Eligible Accounts"
+ $admins = $users.members | where-object is_admin -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($admins.members.Count) Admin Accounts"
+ $owners = $users.members | where-object is_owner -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($owners.members.Count) Owner Accounts"
+ $appuser = $users.members | where-object is_app_user -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($appuser.members.Count) App User Accounts"
+ $guest = $users.members | where-object is_restricted -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($guest.members.Count) Guest Accounts"
+ $limitedguest = $users.members | where-object is_ultra_restricted -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($limitedguest.members.Count) Single Channel Guest Accounts"
+ $botuser = $users.members | where-object is_bot -like "True"
+ Write-Log -ErrorLevel 3 -Message "Successfully found $($botuser.members.Count) Bot User Accounts"
+ }
+catch {
+ $Err = $_
+ Write-Log -ErrorLevel 0 -Message "Failed to parse User List"
+ Write-Log -ErrorLevel 2 -Message $Err.Exception
+ throw $Err.Exception
+ }
+ #>
+
+#region get admin users
+
+function get-adminusers{
+ param(
+ $user
+ )
+ try{
+ Write-Log -ErrorLevel 0 -Message "Parsing List of Admin Users as defined by Admin Roles parameter: $($adminrole)"
+ $isadmin = $false
+
+ foreach($role in $adminrole.split(",")){
+ $filter = $role.split("=")[0]
+ $switch = $role.split("=")[1]
+ if($user.$filter -eq $switch)
+ {
+ $isadmin = $true
+ break
+ }
+ }
+ }
+ catch {
+ $Err = $_
+ Write-Log -ErrorLevel 0 -Message "Failed to parse Admin Role List"
+ Write-Log -ErrorLevel 2 -Message $Err.Exception
+ throw $Err.Exception
+ }
+ return $isadmin
+}
+
+function get-svcacctusers{
+ param(
+ $user
+ )
+ try{
+ Write-Log -ErrorLevel 0 -Message "Parsing List of Service Account Users as defined by Service Account Roles parameter: $($svcacctrole)"
+ $issvcacct = $false
+
+ foreach($role in $svcacctrole.split(",")){
+ $filter = $role.split("=")[0]
+ $switch = $role.split("=")[1]
+ if($user.$filter -eq $switch)
+ {
+ $issvcacct = $true
+ break
+ }
+ }
+ }
+ catch {
+ $Err = $_
+ Write-Log -ErrorLevel 0 -Message "Failed to parse Service Account Role List"
+ Write-Log -ErrorLevel 2 -Message $Err.Exception
+ throw $Err.Exception
+ }
+ return $issvcacct
+}
+#endregion Get Admin Users
+
+#region Main Process
+if($DiscoveryMode -eq "Default")
+{
+
+$foundAccounts = @()
+foreach ($user in $users.members)
+{
+ if($user.team_id -eq $AuthTest.team_id){$WorkspaceName = $AuthTest.team; $WorkspaceURL = $AuthTest.url}
+
+ if($user)
+ {
+ $object = New-Object -TypeName PSObject
+ $object | Add-Member -MemberType NoteProperty -Name Workspace-Name -Value $WorkspaceName
+ $object | Add-Member -MemberType NoteProperty -Name Workspace-URL -Value $WorkspaceURL
+ $object | Add-Member -MemberType NoteProperty -Name Username -Value $user.name
+ $object | Add-Member -MemberType NoteProperty -Name Global-UserId -Value $user.id
+ $object | Add-Member -MemberType NoteProperty -Name Admin-Account -Value $user.is_admin
+ $object | Add-Member -MemberType NoteProperty -Name Workspace-Owner -Value $user.is_owner
+ $object | Add-Member -MemberType NoteProperty -Name Bot-User -Value $user.is_bot
+ $object | Add-Member -MemberType NoteProperty -Name App-User-Account -Value $user.is_app_user
+ $object | Add-Member -MemberType NoteProperty -Name Guest-Account -Value $user.is_restricted
+ $object | Add-Member -MemberType NoteProperty -Name Restricted-Guest-Account -Value $user.is_ultra_restricted
+
+ $foundAccounts += $object
+ }
+ }
+}
+
+if($DiscoveryMode -eq "Advanced")
+{
+
+$foundAccounts = @()
+foreach($user in $users.members)
+{
+ $isadmin = get-adminusers -user $user
+ $issvcacct = get-svcacctusers -user $user
+ if($user.team_id -eq $AuthTest.team_id){$WorkspaceName = $AuthTest.team; $WorkspaceURL = $AuthTest.url}
+
+ $object = New-Object -TypeName PSObject
+ $object | Add-Member -MemberType NoteProperty -Name Workspace-Name -Value $WorkspaceName
+ $object | Add-Member -MemberType NoteProperty -Name Workspace-URL -Value $WorkspaceURL
+ $object | Add-Member -MemberType NoteProperty -Name Username -Value $user.name
+ $object | Add-Member -MemberType NoteProperty -Name Admin-Account -Value $isadmin
+ $object | Add-Member -MemberType NoteProperty -Name Service-Account -Value $issvcacct
+ $object | Add-Member -MemberType NoteProperty -Name Local-Account -Value $true
+
+ $foundAccounts += $object
+
+}
+}
+ #endregion Main Process
+
+ # Use for Debugging Discovery
+ # Add-Content -Path "c:\temp\results.txt" -Value $foundAccounts
+ return $foundAccounts
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/Discovery/readme.md b/Scripts/SecretServer/Slack/Discovery/readme.md
new file mode 100644
index 0000000..7387c91
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Discovery/readme.md
@@ -0,0 +1,133 @@
+# Slack Admin and Service Account Discovery
+
+## Create Discovery Source
+
+This scanner can help perform an Scan for user accounts within a Slack workspace. Account types will be destinguished by the appropriate roles designated by Slack.
+
+### Create SaaS Scan Template
+If this Script has already been created in another Delinea Integration package please skip to the [Create Account Scan Template](#create-account-scan-template)
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Discovery** > **Configuration** > **Scanner Definition** > **Scan Templates**
+- Click **Create Scan Template**
+- Fill out the required fields with the information
+ - **Name:** (Example: SaaS Tenant)
+ - **Active:** (Checked)
+ - **Scan Type:** Host
+ - **Parent Scan Template:** Host Range
+ - **Fields**
+ - Change HostRange to **tenant-url**
+ - Click Save
+ - This completes the creation of the Saas Scan Template Creation
+
+
+### Create Account Scan Template
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Discovery** > **Configuration** > **Scanner Definition** > **Scan Templates**
+- Click **Create Scan Template**
+- Fill out the required fields with the information
+ - **Name:** (Example: Slack Account)
+ - **Active:** (Checked)
+ - **Scan Type:** Account
+ - **Parent Scan Template:** Account(Basic)
+ - **Fields**
+ - Change Resource to **workspace-url**
+ - Add field: Admin-Account (Leave Parent and Include in Match Blank)
+ - Add field: Service-Account (Leave Parent and Include in Match Blank)
+ - Add field: Local-Account (Leave Parent and Include in Match Blank)
+ - Click Save
+ - This completes the creation of the Account Scan Template Creation
+
+### Create Discovery Script
+
+- Log in to Secret Server Tenant
+- Navigate to**ADMIN** > **Scripts**
+- Click on **Create Script**
+- Fill out the required fields with the information from the application registration
+ - Name: ( example -Slack User Account Scanner)
+ - Description: (Enter something meaningful to your Organization)
+ - Active: (Checked)
+ - Script Type: Powershell
+ - Category: Discovery Scanner
+ - Merge Fields: Leave Blank
+ - Script: Copy and paste the Script included in the file [Slack User Account Discoverey.ps1](./Slack-Discovery.ps1)
+ - Click Save
+ - This completes the creation of the Account Discovery Script
+
+### Create SaaS Tenant Scanner
+
+If this Script has already been created in another Delinea Integration package please skip to the [Create Account Scanner Section](#create-slack-account-scanner )
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Discovery** > **Configuration** >
+ - Click **Discovery Configuration Options** > **Scanner Definitions** > **Scanners**
+ - Click **Create Scanner**
+ - Fill out the required fields with the information
+ - **Name:** > SaaS Tenant Scanner
+ - **Description:** (Example - Base scanner used to discover SaaS applications)
+ - **Discovery Type:** Host
+ - **Base Scanner:** Host
+ - **Input Template**: Manual Input Discovery
+ - **Output Template:**: Saas Tenant (Use Temaplte that Was Created in the [SaaS Scan Template Section](#create-saas-scan-template))
+ - Click Save
+ - This completes the creation of the Saas Tenant Scanner
+
+### Create Slack Account Scanner
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Discovery** > **Configuration** >
+ - Click **Discovery Configuration Options** > **Scanner Definitions** > **Scanners**
+ - Click **Create Scanner**
+ - Fill out the required fields with the information
+ - **Name:** (Example - Slack User Account Scanner)
+ - **Description:** (Example - Discovers Slack User accounts according to configured privileged account template )
+ - **Discovery Type:** Account
+ - **Base Scanner:** PowerShell Discovery
+ - **Input Template**: SaaS Tenant (Use Temaplte that Was Created in the [SaaS Scan Template Section](#create-saas-scan-template))
+ - **Output Template:**: Slack Account (Use Template that Was Created in the [Create Account Scan Template Section](#create-account-scan-template))
+ - **Script:** Slack User Account Scanner (Use Script Created in the [Create Discovery Script Section](#create-discovery-script))
+ - **Script Arguments: ``` Advanced $[1]$OAuthToken $[1]$admin-roles $[1]$svcacct-roles ```
+ - Click Save
+ - This completes the creation of the ServiceNow Account Scanner
+
+### Create Discovery Source
+
+- Navigate to **Admin | Discovery | Configuration**
+- Click **Create** drop-down
+- Click **Empty Discovery Source**
+-Enter the Values below
+ - **Name:** (example: Slack Tenant [Workspace Name])
+ - **Site** (Select Site Where Discovery will run)
+ - **Source Type** Empty
+- Click Save
+- Click Cancel on the Add Flow Screen
+- Click **Add Scanner**
+- Find the Saas Tenant Scanner or the Scanner Created in the [Create Saas Tenant Scanner Section](#create-saas-tenant-scanner) and Click **Add Scanner**
+- Select the Scanner just Created and Click **Edit Scanner**
+- In the **lines Parse Format** Section Enter the Source Name (example: Slack Tenant)
+- Click **Save**
+
+- Click **Add Scanner**
+- Find the Slack User Account Scanner or the Scanner Created in the [Create Slack User Account Scanner Section](#create-slack-account-scanner) and Click **Add Scanner**
+- Select the Scanner just Created and Click **Edit Scanner**
+- Click **Edit Scanner**
+- Click the **Add Secret** Link
+- Search for the Privileged Account Secret created in the [Instructions.md file](../Instructions.md)
+- Check the Use Site Run As Secret Check box to enable it
+ **Note Default Site run as Secret had to ne setup in the Site configuration.
+ See the [Setting the Default PowerShell Credential for a Site](https://docs.delinea.com/online-help/secret-server/authentication/secret-based-credentials-for-scripts/index.htm?Highlight=site) Section in the Delinea Documentation
+- Click Save
+- Click on the Discovery Source tab and Click the Active check box
+- This completes the creation of theDiscovery Source
+
+
+### Next Steps
+
+ The Slack Discovery configuration is now complete. The next step is to run a manual discovery scan.
+- Navigate to **Admin | Discovery**
+- Click the **Run Discovery Now** (Dropdown) and select **Run Discovery Now**
+- Click on the **Network view** Button in the upper right corner
+- Click on the newly created discovery source
+- Click the **Domain \ Cloud Accounts** tab to view the discovered accounts
+
diff --git a/Scripts/SecretServer/Slack/Instructions.md b/Scripts/SecretServer/Slack/Instructions.md
new file mode 100644
index 0000000..73011cc
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Instructions.md
@@ -0,0 +1,101 @@
+# Slack Connector Overview
+
+This connectore provides the following functions
+
+- Discovery of Slack User Accounts in a given Workspace
+
+## Not currently available
+- Remote Password Changing Slack users
+- Heartbeats to verify that user credentials are still valid
+
+Follow the Steps below to complete the base setup for the Connector
+
+# Prepare Oauth Authentication
+
+## OAuth Client Credentials Flow in Slack
+
+This connector utilizes an OAuth application in Slack using the bearer token grant type. This flow is typically used for server-to-server API requests where the application itself needs to authenticate and interact with Slack APIs.
+
+### Prerequisites
+
+- Access to a Slack instance with administrative privileges.
+Basic understanding of OAuth Access Token authentication and Slack administration.
+
+## Create an OAuth Application Registry
+
+- Create an OAuth application registry in Slack to provide a source of authentication for programmatic Discovery found [here](https://api.slack.com/start/quickstart).
+
+*** For more information click [here](https://api.slack.com/web#authentication).
+
+- Document the following values as they will be needed in the upcoming sections
+ - OAuthToken value
+ - Grant the OAuth Token Scope: ```user:read```
+
+# Creating secret template for Slack Accounts
+
+### Slack User Account Template
+
+The following steps are required to create the Secret Template for Slack Users:
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Admin / Secret Templates
+- Click on Create / Import Template
+- Click on Import.
+- Copy and Paste the XML in the [Slack User Template.xml File](./Templates/Slack%20User%20Account.xml).
+- Click on Save
+- This completes the creation of the User Account template
+
+### Slack Discovery Account Template
+
+The following steps are required to create the Secret Template for Slack Discovery Account:
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Admin / Secret Templates
+- Click on Create / Import Template
+- Click on Import.
+- Copy and Paste the XML in the [Slack Discovery Account Template.xml File](./Templates/Slack%20Discovery%20Credentials.xml).
+- Click on Save
+- This completes the creation of the User Account template
+
+
+## Create secret in Secret Server for the Slack Discovery Account
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Secrets
+- Click on Create Secret
+- Select the template created in the earlier step [Above](#slack-discovery-account-template).
+- Fill out the required fields with the information from the application registration
+ - Secret Name (for example Slack API Account )
+ - Workspace Name
+ - workspace-url (Slack base workspace url with no trailing slash)
+- The following field values are as created in the [Create an OAuth Application Registry](../Instructions.md/#create-an-oauth-application-registry) Section
+ - OAuthToken
+ - admin-roles
+ - svcacct-roles
+- Click Create Secret
+ - For additional information regarding which admin and service account roles are supported, refer to the table and examples below.
+ - This completes the creation of a secret in Secret Server for the Slack Discovery Account
+
+# Slack Roles as defined by [Slack User Types](https://api.slack.com/types/user)
+## Slack User Role Definitions
+- is_admin = Indicates whether the user is an Admin of the current workspace
+- is_owner = Indicates whether the user is an Owner of the current workspace.
+- is_restricted = Indicates whether or not the user is a guest user.
+- is_ultra_restricted = Indicates whether the restricted user is a single-channel guest.
+- Is_app_user = Indicates whether the user is an authorized user of the calling app.
+- Is_bot = Indicates whether the user is actually a bot user. Bleep bloop. Note that Slackbot is special, so is_bot will be false for it.
+
+Use the following comma-separated syntax to define what constitutes an "Admin" or "Service Account". These fields can be used to tailor your results of discovered users accordingly. **These examples are provided as a way to demonstrate syntax and formatting, not necessarily as a recommendation.**
+### Example 1
+- **admin-roles:** Is_admin=True,Is_Owner=True
+- **svcacct-roles:** Is_app_user=True,Is_bot=True
+### Example 2
+- **admin-roles:** Is_admin=True,is_restricted=False
+- **svcacct-roles:** Is_app_user=True,Is_bot=False,Is_admin=True
+
+
+## Next Steps
+
+Once the tasks above are completed you can now proceed to create a [Discovery Scanner](./Discovery/readme.md).
+
+
diff --git a/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack Heartbeat Placeholder.ps1 b/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack Heartbeat Placeholder.ps1
new file mode 100644
index 0000000..6d92385
--- /dev/null
+++ b/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack Heartbeat Placeholder.ps1
@@ -0,0 +1 @@
+return $true
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack RPC Placeholder.ps1 b/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack RPC Placeholder.ps1
new file mode 100644
index 0000000..8d63ae9
--- /dev/null
+++ b/Scripts/SecretServer/Slack/RemotePasswordChanger/Slack RPC Placeholder.ps1
@@ -0,0 +1 @@
+return $true
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/RemotePasswordChanger/readme.md b/Scripts/SecretServer/Slack/RemotePasswordChanger/readme.md
new file mode 100644
index 0000000..50e67aa
--- /dev/null
+++ b/Scripts/SecretServer/Slack/RemotePasswordChanger/readme.md
@@ -0,0 +1,105 @@
+# Slack Remote Password changer
+
+The steps below show how to Set up and configure a Slack Remote Password Changer.
+
+If you have not already done, so, please follow the steps in the **Instructions.md Document** found [Here](../Instructions.md)
+
+## Disclaimer
+**Currently, Slack does not support remote password changing for user accounts. The scripts provided here are placeholders to enable the functionality within and for Discovery.**
+
+## Create Scripts
+
+### Remote Password Changer Script
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Scripts**
+- Click on **Create Script**
+- Fill out the required fields
+ - **Name**: ( example Slack Remote Password Changer)
+ - **Description**: (Enter something meaningful to your Organization)
+ - **Active** (Checked)
+ - **Script Type**: Powershell
+ - **Category**: Password Changing
+ - **Merge Fields**: Leave Blank
+ - **Script**: Copy and paste the Script included in the file [Slack RPC Placeholder.ps1](./Slack%20RPC%20Placeholder.ps1)
+ - Click Save
+ - This completes the creation of the Remote Password Changing Script
+
+### Heartbeat Script
+
+- Log in to Secret Server Tenant
+- Navigate to **ADMIN** > **Scripts**
+- Click on **Create Script**
+- Fill out the required fields
+ - **Name**: ( example Slack Heartbeat)
+ - **Description**: (Enter something meaningful to your Organization)
+ - **Active** (Checked)
+ - **Script Type**: Powershell
+ - **Category**: Heartbeat
+ - **Merge Fields**: Leave Blank
+ - **Script**: Copy and paste the Script included in the file [Slack Heartbeat Placeholder.ps1](./Slack%20Heartbeat%20Placeholder.ps1)
+ - Click Save
+ - This completes the creation of the Slack Heartbeat Script
+
+## Create Password Changer
+
+- Log in to Secret Server Tenant (if not alreday logged in)
+- Navigate to **ADMIN** > **Remote Password Changing**
+- Click on Options (Dropdown List) and select ***Configure Password Changers**
+- Click on Create Password Changer
+- Click on **Base Password Changer** (Dropdown List) and Select PowerShell Script
+- Enter a Name (Example - Slack Remote Password Changer )
+- Click Save
+ - Under the **Verify Password Changed Commands** section, Enter the following information:
+ - **PowerShell Script** (DropdownList) Select PowerShell Script or the Script that was Creted in the [Heartbeat](#heartbeat-script) Section
+ - **Script Args**:
+ ``` ```
+ - Click **Save**
+
+- Under the **Password Change Commands** Section, Enter the following information:
+ - **PowerShell Script** (DropdownList) Select PowerShell Script or the Script that was Creted in the [remote-password-changer-script](#remote-password-changer-script) Section
+ - **Script Args**:
+ ``` ```
+- Click **Save**
+- This completes the creation of the Remote Password Changer
+
+## Update Slack User template
+
+- Log in to Secret Server Tenant (if not alreday logged in)
+- Navigate to **ADMIN** > **Secret Templates**
+- Find and Select the Slack User Template created in the [Instructions.md Document](../Instructions.md)
+ - Select the **Mapping** Tab
+ - In the **Password Changing** section, click edit and fill out the following
+ - **Enable RPC** Checked
+ - **RPC Max Attempts** 12
+ - **RPC Interval Hours** 8
+ - **Enable Heartbeat** Checked
+ - **Heartbeat Interval Hours** 4
+ - **Password Type to use** Select **Slack Remote Password Changer** or the Password Changer created in the [Create Password Changer Section](#create-password-changer)
+- In the **Password Type Fields** Section, fill out the following
+ - **Domain** workspace-url
+ - **Password** Password
+ - **Username** Username
+- Click Save
+- This completes the Update Slack User template section
+
+## Update Remote Password Changer
+
+- Log in to Secret Server Tenant (if not alreday logged in)
+- Navigate to **ADMIN** > **Remote Password Changing**
+- Click on Options (Dropdown List) and select **Configure Password Changers**
+- Select the Slack Remote Password Changer or the Password Changer created in the [create-password-changer](#create-password-changer) section
+- Click **Configure Scan Template at the bottom of the page**
+- Click Edit
+- Click the **Scan Template to use** (Dropdown List) Select the Slack User template created in the [Instructions.md Document](../Instructions.md)
+- Map the following fields that appear after the selection
+ - **workspace-url** -> Domain
+ - **Username** -> username
+ - **Password** -> password
+ - Leave all other fields blank
+- Click Save
+- This completes the Update Remote Password Changer section
+
+
+
+
diff --git a/Scripts/SecretServer/Slack/Templates/Slack Discovery Credentials.xml b/Scripts/SecretServer/Slack/Templates/Slack Discovery Credentials.xml
new file mode 100644
index 0000000..e569eaa
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Templates/Slack Discovery Credentials.xml
@@ -0,0 +1,113 @@
+
+
+ _Slack Discovery Credentials
+ true
+
+
+ WorkspaceName
+
+ WorkspaceName
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ workspacename
+ false
+
+
+ Workspace URL
+
+ Workspace URL
+ true
+ true
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ true
+ 2
+ false
+ workspace-url
+ false
+
+
+ OAuthToken
+
+ OAuthToken
+ true
+ false
+ true
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ oauthtoken
+ false
+
+
+ admin-roles
+
+ admin-roles
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ admin-roles
+ false
+
+
+ svcacct-roles
+
+ svcacct-roles
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ svcacct-roles
+ false
+
+
+ Credentials used for Slack user discovery.
+ 0
+ 0
+ fa-cogs
+
+
+
+
+ false
+ false
+
+
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/Templates/Slack User Account.xml b/Scripts/SecretServer/Slack/Templates/Slack User Account.xml
new file mode 100644
index 0000000..34c8f1a
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Templates/Slack User Account.xml
@@ -0,0 +1,151 @@
+
+
+ _Slack User Account
+ true
+
+
+ Username
+
+ Username
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ username
+ false
+
+
+ Workspace-Name
+
+ Workspace-Name
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ workspace-name
+ false
+
+
+ Workspace-URL
+
+ Workspace-URL
+ true
+ true
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ true
+ 2
+ false
+ workspace-url
+ false
+
+
+ Password
+
+ Password
+ true
+ false
+ true
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ password
+ false
+
+
+ Admin-Account
+
+ Admin-Account
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ admin-account
+ false
+
+
+ Service-Account
+
+ Service-Account
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ service-account
+ false
+
+
+ Local-Account
+
+ Local-Account
+ true
+ false
+ false
+ false
+
+ false
+
+ -1
+ 2147483647
+ false
+ 2
+ false
+ local-account
+ false
+
+
+ Used for importing Slack user credentials from Discovery
+ 0
+ 0
+ fa-cogs
+
+
+
+
+ false
+ false
+
+
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/Templates/readme.md b/Scripts/SecretServer/Slack/Templates/readme.md
new file mode 100644
index 0000000..5fc0069
--- /dev/null
+++ b/Scripts/SecretServer/Slack/Templates/readme.md
@@ -0,0 +1,63 @@
+# Creating secret templates for Slack Accounts
+
+### Slack User Account Template
+
+The following steps are required to create the Secret Template for Slack Users:
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Admin / Secret Templates
+- Click on Create / Import Template
+- Click on Import.
+- Copy and Paste the XML in the [Slack User Template.xml File](./Slack%20User%20Account.xml)
+- Click on Save
+- This completes the creation of the User Account template
+
+### Slack Discovery Account Template
+
+The following steps are required to create the Secret Template for Slack Discovery Account:
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Admin / Secret Templates
+- Click on Create / Import Template
+- Click on Import.
+- Copy and Paste the XML in the [Slack Discovery Account Template.xml File](./Slack%20Discovery%20Credentials.xml)
+- Click on Save
+- This completes the creation of the User Account template
+
+
+## Create secret in Secret Server for the Slack Discovery Account
+
+- Log in to the Delinea Secret Server (If you have not already done so)
+- Navigate to Secrets
+- Click on Create Secret
+- Select the template created in the earlier step [Above](#slack-discovery-account-template).
+- Fill out the required fields with the information from the application registration
+ - Secret Name (for example Slack API Account )
+ - Workspace Name
+ - workspace-url (Slack base workspace url with no trailing slash)
+- The following field values are as created in the [Create an OAuth Application Registry](../Instructions.md/#create-an-oauth-application-registry) Section
+ - OAuthToken
+ - admin-roles
+ - svcacct-roles
+- Click Create Secret
+ - For additional information regarding which admin and service account roles are supported, refer to the table and examples below.
+ - This completes the creation of a secret in Secret Server for the Slack Discovery Account
+
+
+## Slack Roles as defined by [Slack User Types](https://api.slack.com/types/user)
+### Slack User Role Definitions
+```
+- is_admin = Indicates whether the user is an Admin of the current workspace
+- is_owner = Indicates whether the user is an Owner of the current workspace.
+- is_restricted = Indicates whether or not the user is a guest user.
+- is_ultra_restricted = Indicates whether the restricted user is a single-channel guest.
+- Is_app_user = Indicates whether the user is an authorized user of the calling app.
+- Is_bot = Indicates whether the user is actually a bot user. Bleep bloop. Note that Slackbot is special, so is_bot will be false for it.
+```
+Use the following comma-separated syntax to define what constitutes an "Admin" or "Service Account". These fields can be used to tailor your results of discovered users accordingly. **These examples are provided as a way to demonstrate syntax and formatting, not necessarily as a recommendation.**
+### Example 1
+- **admin-roles:** Is_admin=True,Is_Owner=True
+- **svcacct-roles:** Is_app_user=True,Is_bot=True
+### Example 2
+- **admin-roles:** Is_admin=True,is_restricted=False
+- **svcacct-roles:** Is_app_user=True,Is_bot=False,Is_admin=True
\ No newline at end of file
diff --git a/Scripts/SecretServer/Slack/readme.md b/Scripts/SecretServer/Slack/readme.md
new file mode 100644
index 0000000..8ee1ede
--- /dev/null
+++ b/Scripts/SecretServer/Slack/readme.md
@@ -0,0 +1,15 @@
+
+# Slack Delinea Secret Server Integration
+
+This package is designed to discover Slack User Accounts. It will alos provide a method of determining Administrative and Service accounts based on a configurable criteria. It will provide detailed instructions and the necessary Scripts to perform these functions. Before beginning to implement any of the specific processes it is a requirement to perform the tasks contained in the Instructions.md document which can be found [Here](./Instructions.md)
+
+**NOTE** - Slack does not support Remote Password changing or Heartbeat. There is a placeholder script along with instructions that can be used to create a "Mock" password changer that will allow the importing of discovered accounts.
+
+# Authentication and Authorization Disclaimer
+
+The provided configurations are developed by using a static [user OAuth Access Token](https://api.slack.com/authentication/token-types) for Authentication and Authorization. For a production implementation, it will be up to you to configure an OAuth 2.0 Client Credential for authentication. Due to a user challenge requirement with redirect URI, we have opted to use a static token for this automation integration. For more information regarding OAuth and Slack, please reference [Slack OAuth v2 Authentication](https://api.slack.com/authentication/oauth-v2). For additional Security Best Practices, please reference [Slack API Best Practices for Security](https://api.slack.com/authentication/best-practices).
+
+# Disclaimer
+
+The provided scripts are for informational purposes only and are not intended to be used for any production or commercial purposes. You are responsible for ensuring that the scripts are compatible with your system and that you have the necessary permissions to run them. The provided scripts are not guaranteed to be error-free or to function as intended. The end user is responsible for testing the scripts thoroughly before using them in any environment. The authors of the scripts are not responsible for any damages or losses that may result from the use of the scripts. The end user agrees to use the provided scripts at their own risk. Please note that the provided scripts may be subject to change without notice.
+