8 Tips for Managing Team Permissions on Slack

Travis Good
April 27, 2021

Slack is the operating system of many companies. As such, securing it is imperative for Slack admins. We put together a basic list of 8 tips to help Slack admins securely manage their Slack instances.

#1: Understand the Basic Role System

On Slack, each member of the company is assigned a role. If you aren’t using Slack Enterprise Grid, these roles include:

  • Workspace Primary Owner
  • Workspace Owner
  • Workspace Administrator
  • Full Member

The Workplace Primary Owner is the only one who can transfer ownership or delete the Slack instance. Owners share all other responsibilities, while Administrators can perform a variety of administrative duties.

By default, Workspace Owners and Workspace Admins have access to all role permissions on Slack and can manage members. Full Members have access to most permissions by default, but cannot rename a channel, delete a channel, or convert a channel to private. 

Additionally, there is one other role in the basic plan: Invited Members. These are individuals who have been given an invitation to join the Slack instance but have not yet done so.

#2: Enterprise Grid Role Differences

While Enterprise Grid isn’t necessary for every company, it does expand the roles system significantly.

First, two new roles are added under Enterprise Grid: Multi-Channel Guests and Single-Channel Guests. Both of these have limited access within Slack but are differentiated by the number of channels they can view.

Additionally, Enterprise Grid adds three System Roles: the Channels Admin, Roles Admin, and Users Admin. These roles are given default permissions to manage the portion of Slack in their title.

#3: Create User Groups

User Groups are a crucial method of streamlining communication. Adding members to user groups allows you to:

  • Mention the user group (@usergroup) in a message, which notifies everyone in it.
  • Add the user group to channels, which will give all members automatic access.

You can create and edit user groups by clicking choosing User Groups from the web admin dashboard.

#4: Enterprise Grid User Group Differences

Under Enterprise Grid, you are given the ability to manage multiple Slack instances. While this generally does not impact user groups a ton, it does mean that each group is unique to an individual instance. Consequently, it’s important to remember to create the same groups across different instances if you want consistency.

#5: Quickly Add User Groups to New Channels

You can mention a user group in a new channel to give members within it access to it. If, for example, you type @engineer in the new channel, all members with that group will be given access to that channel.

#6: Create Default User Groups

In Slack, there is a function to create two default user groups: admin and owner. To do so,navigate to the Settings and administration menu of the web admin dashboard, go to Permissions, go to User Groups, and check the corresponding boxes. This creates roles for those members, with all the associated permissions.

#7: Manage Default User Permissions

By default, various permissions are allowed for all members in Slack. This includes editing and deleting their own messages, using mentions like @channel or @everyone, and many others. However, if you would like to edit or restrict these default user permissions, you can do so by going into the web admin dashboard

#8: When in Doubt, Visit the Slack Help Center

While this article provides an overview of common tips and problems, it is far from complete in terms of a guide for Slack admins. For any other problems, we encourage you to visit the Slack Help Center. Slack does a good job of providing with guides and knowledge base articles in securing Slack instances.