We have created a Custom Integrations Incoming WebHooks configuration so that we can post notification from our CI pipeline into our slack channel. This works great so far, but today a colleague accidentally broke it by changing the target channel. Fortunately, there was a notification about this in our channel ("removed an integration from this channel: incoming-webhook"), so we were able to revert this quickly. But things would have been worse if the colleague only had regenerated the webhook URL... Naturally, we'd like to avoid this.
So, I am wondering if it is possible to restrict write access to our Incoming WebHooks configuration?
There seems to be a restriction if the target channel is private ‒ but I'd prefer that we can leave our channel public.
Today I got a response from Slack support, and they say that they don't have a fine-grained permission model for controlling access to specific configurations. The only options are "everyone can change the configuration" or "only one person can edit the configuration".
The "only one" option is enabled by changing the "Post to Channel" property to a private channel (or direct message). Note that this doesn't mean that the configuration is restricted to the specified channel. Custom Integrations Incoming WebHooks allow the sender to override the channel, so the configuration may still be used to post to public channels.