Security and Privacy
Authentication and Integrations
Token Handling
Data Scope
Team Access Model

Security and Privacy

Authentication and Integrations

GitHub and Slack integrations use OAuth flows.
Request signatures are validated for Slack and GitHub webhooks.
OAuth state and PKCE protections are used in the Slack-initiated GitHub flow.

For detailed Slack OAuth scopes and rationale, see Slack Permissions.

Token Handling

Integration tokens are stored server-side.
Reconnect flows are supported when tokens expire or are revoked.

Data Scope

GitNotifier stores only data needed to deliver notifications and preferences (for example, account mapping and reminder/mute preferences).

Team Access Model

Only the admin needs to complete initial app setup.
Team members connect later via invitation or Slack App Home flow.

Troubleshooting

⌘I