Q: What read/write access does Pyn use for the Teams integration?
A: Here is a summary of the permissions.
Pyn bot can send (direct) messages from the bot to employees and read messages they send back. These are the permissions starting with im:
If the Pyn bot is explicitly added to a channel, we can send a message there (but not read anything). The Pyn bot cannot read or join channels. This is chat:write
If someone gives the Pyn bot explicit permission, it can send direct messages on their behalf. This is so the message can come from someone within the company. The employee needs to explicitly give additional permission for this to happen. These are the User Token Scopes
Pynbot can read a list of employees (the directory) along with their emails. The email allows us to match a user in Slack to the employee records we have. There are the permissions starting with team and users.
Pyn is SOC2 Compliant and has a strict security regime. Please contact Pyn Support (support@pynhq.com) with any additional questions or requests for additional security information.