If you or your IT team are looking for more information about the Slack API scopes required by Fellow, the following article can help.

Granular Permissions in Slack

As of September 15th 2020, Fellow's Slack app is using the the new granular permissions management system. As opposed to generic read/write scopes, this means that we have to request a new scope for each individual action Fellow performs.

There are two types of scopes as part of the new granular permission system:

Bot Token Scopes govern the information that Fellow can access directly as a bot
User Token Scopes govern the Fellow's ability to access user data and act on behalf of the specific user that has authorized it.

List of Requested Scopes

For each scope that we request for our Slack App, we have to provide Slack with a reason behind each scope request as part of Slack's own review process (each change to our application's configuration triggers a new review by Slack).

Below is a list if all of the scopes being requested, along with the Request Reason supplied as part of the app submission.

Bot Token Scopes

Scopes that govern what the Fellow app can access.

app_mentions:read
Description: View messages that directly mention @fellow in conversations that the app is in
Request Reason: To enable interactivity with the bot. Note that this only grants access to messages where Fellow was explicitly mentioned. It does not provide the ability to read other messages.
channels:read
Description: View basic information about public channels in a workspace
Request Reason: Allows users to post meeting notes to a given channel, which is listed in Fellow. Note that this only allows us to see what channels exist. It does not provide the ability to read messages.
chat:write
Description: Send messages as @fellow
Request Reason: Core functionality around bot interactivity. Note that this applies only to channels to which Fellow has been added. It does not provide the ability to read messages.
chat:write.public
Description: Send messages to channels @fellow isn't a member of
Request Reason: Post notes as blocks where relevant. Note that this applies only to public channels.
commands
Description: Add shortcuts and/or slash commands that people can use
Request Reason: Multiple slash commands available, including giving feedback, adding a note, ...
dnd:read
Description: View Do Not Disturb settings for people in a workspace
Request Reason: So we know when not to send messages to users
groups:read
Description: View basic information about private channels that Fellow has been added to
Request Reason: Allows users to post meeting notes to a given channel, which is listed in Fellow. Note that this does not provide the ability to read messages.
im:history
Description: View messages and other content in direct messages that Fellow has been added to
Request Reason: Core functionality around bot interactivity. Note that this only applies to messages sent directly to the Fellow Bot user.
im:read
Description: View basic information about direct messages that Fellow has been added to
Request Reason: Core functionality around bot interactivity. Note that this does not provide the ability to read messages.
im:write
Description: Start direct messages with people
Request Reason: Allow users to post meeting notes to a given DM, from within Fellow. Note that this does not provide the ability to read messages.
links:read
Description: View app.fellow.co, fellow.link, and fellow.app URLs in messages
Request Reason: Check for Fellow URLs so the bot can post meeting notes as blocks
links:write
Description: Show previews of app.fellow.co, fellow.link, and fellow.app URLs in messages
Request Reason: Note unfurling (optionally showing the contents of a note wherever a Fellow link was pasted)
mpim:read
Description: View basic information about group direct messages that Fellow has been added to
Request Reason: Allows users to post meeting notes to a given channel, which is listed in Fellow. Note that this does not provide the ability to read messages.
mpim:write
Description: Start group direct messages with people
Request Reason: Allows users to post meeting notes to a given channel, which is listed in Fellow. Note that this does not provide the ability to read messages.
team:read
Description: View the name, email domain, and icon for workspaces Fellow is connected to
Request Reason: Allow workspace information to be synced to Fellow to reference which workspace is currently connected.
users:read
Description: View people in a workspace
Request Reason: Allow users to find Slack users to send notes to
users:read.email
Description: View email addresses of people in a workspace
Request Reason: To match up Slack users against the relevant Fellow user
workflow.steps:execute
Description: Add steps that people can use in Workflow Builder
Request Reason: To enable app workflow step functionality. Fellow provides a number of workflow steps which can be used to create automations with Slack's workflow builder.

User Token Scopes

Scopes that access user data and act on behalf of users that authorize them.

links:read
Description: View app.fellow.co, fellow.link, and fellow.app URLs in messages
Request Reason: To provide a preview to the meeting agenda when the link is posted on Slack. Note that this does not provide the ability to read messages.
links:write
Description: Show previews of app.fellow.co, fellow.link, and fellow.app URLs in messages
Request Reason: To provide a preview of the meeting agenda when the Fellow link is posted on Slack. Note that this does not provide the ability to read messages.