Security and permissions

Secure Stripe alerts in Slack, with narrow access.

ChargeBell connects Stripe to Slack for one specific job: turning payment events into useful alerts. The permission boundary stays deliberately small and visible.

Start freeNo card required · setup takes about 2 minutes
Permission boundary
Stripeevents
Slackalerts
Payment events flow through
Money movement never does

Stripe boundary

We watch the events. You keep control of the account.

Stripe remains the source of truth. ChargeBell uses the official OAuth connection to receive and enrich the events you choose to monitor, without taking operational control of your payments.

What ChargeBell can do

  • Receive payment and subscription events
  • Read the fields needed to format an alert
  • Calculate fee-aware amounts and MRR movement

What ChargeBell can never do

  • Move funds or initiate payouts
  • Create charges or subscriptions
  • Issue refunds or change customer data

Slack permissions

Enough access to deliver, not to listen.

ChargeBell asks Slack for channel discovery, message delivery, and the /chargebell command. It does not request permission to read message history.

chat:write

Post ChargeBell alerts as the installed bot.

channels:read

List public channels so an admin can select a destination.

groups:read

List private channels only when the bot already belongs to them.

commands

Install and respond to the ChargeBell slash command.

Connection lifecycle

Access is explicit from connect to disconnect

  1. 01

    You approve OAuth

    Stripe or Slack shows the requested access before an organization owner or admin approves it.

  2. 02

    ChargeBell delivers

    Credentials are stored for the organization and used only to receive events and deliver configured alerts.

  3. 03

    You can disconnect

    Remove either integration from ChargeBell. Active credentials and connection records are removed or revoked.

The workspace is the security boundary

ChargeBell is multi-tenant by organization. Connections, alert rules, delivery history, settings, and billing are scoped to that organization.

Role-gated changes

Owners and admins manage integrations, rules, team membership, billing, and workspace settings.

Isolated records

Domain data is keyed to an organization instead of being shared across a user's workspaces.

Protected transport

OAuth and application traffic use HTTPS, and credentials are not exposed to the browser.

Auditable outcomes

Delivery history records what was attempted and whether each destination succeeded.

Need the legal detail?

The Privacy Policy explains collection, retention, providers, disconnection, and user rights in full.

Read the Privacy Policy

Clear answers

Security questions, answered

Can ChargeBell move money or issue refunds?

No. ChargeBell's Stripe connection is used to read the payment events needed for alerts. It cannot create charges, move funds, issue refunds, or change your Stripe account.

Can ChargeBell read our Slack messages?

No. ChargeBell does not request Slack message-history scopes. It lists available channels, posts alert messages, and supports the ChargeBell slash command.

What happens when we disconnect an integration?

ChargeBell removes the active credentials and connection records needed to keep using that integration. Limited non-secret and delivery history records may remain according to the Privacy Policy.

Who can change integrations and security settings?

Organizations are the tenant boundary. Connection, alert-rule, team, billing, and workspace-setting mutations require an owner or administrator role.

Safe to try

Connect with a boundary you can explain.

Approve the integrations, choose the channels, and send a test alert. You stay in control of Stripe, Slack, and the connection itself.

Create your workspace