This article explains how to configure the App Activities integration for Slack
Overview
App Activities provides you with an API-based solution for out-of-band visibility of all activity made by any user in a connected SaaS application. To provide App Activities with visibility of data within an app, you need to set up an integration with the required application. Once you create the integration, if a field has changed or expired, you can edit it from the Resources >Integrations > Integrated Apps page. For more information, see What is Application Control via API with App Activities.
To configure the App Activities integration, you need to:
Configure the integration within the SaaS application
Create the API connector in the CMA
A CASB license is required for App Activities. This license includes app and data control and App Activities via API. For more about purchasing a CASB license, please contact your Cato representative.
Benefits of Connecting Slack
After creating this connector, you can view and monitor activity in your Slack environment, for example:
File upload
Channel modifications
New 3rd-party app integrations
Private message forwarding
This helps you identify and respond to suspicious activity, and you can receive alerts for these activities:
Anomalous activity based on actor attributes (email, IP, etc…)
Malicious file uploads
Configuring the Slack Integration
To configure the Slack integration, create an app.
Prerequisites
Slack Enterprise Grid license
Step 1: Configure the Integration in your Slack Tenant
In the Slack API Portal, identify the OAuth Token to enter into the CMA.
To configure the Slack integration:
In the Slack API Portal, click Create an App.
The Create an app dialog box opens.
Select From scratch.

Add a name for the app and select the workspace you would like to integrate with Cato.

Click Create App.
Navigate to OAuth & Permissions.
In the Scopes Section, click on Add an OAuth Scope add the following scopes as User Token Scopes:
users:read
users:read.email
Auditlogs:read

In the OAuth Tokens section, click Install to <workspace>.
Click Allow.
Copy and save the User OAuth Token so it can be added to the CMA.
Step 2: Create the API Connector in the CMA
After you have set up an integration with the required application, add the details in the CMA.
To create the API connector in the CMA:
From the navigation menu, click Resources > Integrations.
Click the Integrated Apps tab.
Click New.
The New Integration panel opens.
Select the SaaS Application you want to add.
In the Capability drop down select App Activities.
Add the details created during step one.
Click Save.
The app is visible on the Integrated Apps table with a Connected status.
After connecting your APIs, you can track the App activities in the Cloud Activities dashboard. Data may take a few minutes to appear.