Updates to the Slack platform
We improve the Slack platform every day by releasing new features, squashing bugs, and delivering fresh documentation. This changelog is an account of what's happened.
We tweet about most of these updates from @slackapi, but we also offer this wonderfully antiquated RSS feed. Slack, the service and product, has its own changelog too.
Use the slash command: /feed subscribe https://api.slack.com/changelog.rss to receive these updates in a Slack channel of your choosing.
As previously announced, apps & integrations created after today, November 30, 2021, must use rtm.connect instead of the deprecated rtm.start when connecting to the RTM API. Learn more about this and what's next for existing users of rtm.start.
We are deprecating all channels.*, groups.*, im.*, and mpim.* Web API methods in favor of their Conversations API replacements. Migrate to conversations.* as soon as possible, as these deprecated methods will retire on February 24, 2021. Read on.
One of our earliest API methods is taking a well-deserved retirement on September 30, 2022. For existing apps, rtm.start will instead return an equivalent response to rtm.connect. Beginning November 30, 2021, newly created apps and integrations will only be able to use rtm.connect. Learn more.
Reach a whole new world of workspaces: build an app that can be deployed across an entire Enterprise org.
Be informed about specific changes to users' data. One of three events will now be dispatched alongside the user_change event: user_huddle_changed, user_profile_changed, or user_status_changed.
The file may be deleted, but the record of the event won't be. You can now monitor file_deleted audit events with the Audit Logs API.
Messages are how people communicate in Slack, message metadata is how apps communicate with apps! Read on to learn about how to spark more automation with your app throughout Slack.
Mentioning a private channel in a slash command when your app manifest flag should_escape is false now correctly formats the channel identifier. Previously, the API would return HTML entities (< and >) that had to be manually converted into their character counterparts.
Help users find links, messages, and files germane to a channel's distinctive purpose with the Bookmarks API.
The admin.users.unsupportedVersions.export API allows you to export users using unsupported software within your workspace. Read on to learn more.
Block Kit button elements can now utilize the optional accessibility_label field, which allows you to write longer descriptive text for a button. Learn more.
The admin.apps.requests.cancel method allows admins to cancel app approval requests within a workspace or Enterprise Grid. Learn more.
If you still use rtm.connect or rtm.start to connect to Slack, you'll notice that all WebSocket URLs now begin with wss://wss-primary.slack.com.
As previously announced, apps & integrations created after today, November 30, 2021, must use rtm.connect instead of the deprecated rtm.start when connecting to the RTM API. Learn more about this and what's next for existing users of rtm.start.
Block elements can now utilize the focus_on_load field within Block kit messages, which allows you to pick one specific Block element to auto focus on. Learn more.
The default Slack Connect invitation type when using conversations.inviteShared has changed. Invites are now sent to limit the recipient's actions to only sending messages. The new external_limited argument can be used to control which invitation type is sent.
We're starting to roll out a new, opt-in beta UI that lets you configure and reconfigure apps using manifests. We're also launching new App Manifest APIs to let you create and manage all your apps programmatically. Learn more.
One of our earliest API methods is taking a well-deserved retirement on September 30, 2022. For existing apps, rtm.start will instead return an equivalent response to rtm.connect. Beginning November 30, 2021, newly created apps and integrations will only be able to use rtm.connect. Learn more.
Introducing two API methods that return information about workspaces previously only available in rtm.start: team.billing.info and team.preferences.list.
Slack Developer Tools now offers the Platform Guide, an interactive and introductory education experience for developers interested in learning the basics of building a Slack app within a Slack app.
Pick a time, any time. The timepicker block element is released out of beta and available to use in your spiffy apps. Click here to add the timepicker to your timeless Block Kit messages.
The link_shared event is changing, bringing unfurls—allowing users to see what's in a link—into the message composer. Read more on magic unfurls for uninstalled apps in the message composer.
In the app approval APIs, you may now distinguish the apps built within your organization from those developed externally—or by Slack—with the developer_type field.
Legacy workspace apps are now completely retired. They won't function anymore and eventually will be completely removed from our databases. If you run into trouble, please reach out.
The link_shared event is changing to bring a little more magic to app unfurls. Read up on the changes, which roll out to free teams on September 1, here.
Modern Sign in with Slack uses the OpenID Connect protocol to make signing in with Slack faster and more flexible. Try it today.
Refresh your access tokens regularly with token rotation, available for opt-in now.
You can now manage Slack Connect directly for your organization using an app. Read up on the Slack Connect APIs.
We gave this dusty place a new coat of paint. Enjoy our updates to api.slack.com to help you navigate, discover, and absorb content more easily. Almost everything should be where you’d expect it.
Use manifests to create and manage apps from saveable, shareable, and relatable YAML and JSON. Try out some sample manifests in our new guided tutorials.
Apps using classic message attachments have an updated look. Attachment images now have a hover menu and will mostly appear to the right of text. Click here to review the new design. Consider using Block Kit to have more control over how images render.
We're teaching old blocks new tricks. Starting April 20, 2021 input blocks are now able to exist within messages, allowing you to gather information more swiftly within conversation. Learn more about how to extend your Block kit messages.
Apps may now broadcast messages to users via direct message without handling unnecessary or unsupported conversation and slash commands. Starting March 29, 2021, this feature will be default for all newly-created Slack apps. Get started by visiting the App Home tab of your existing Slack apps.
Newly created private channel IDs now always begin with the letter C, just like public channel IDs already do. The Conversations API will tell you whether a conversation is private or not with the is_private boolean field.
Legacy workspace apps, deprecated since October 2018, will retire on August 24, 2021. Learn if and how this may impact your apps.
The admin.analytics.getFile method now returns daily data about conversations in public channels. Members analytics remain available. Explore what's happening on your grid workspaces.
Three deprecations take effect today, February 24. First, new apps may no longer pass tokens as query parameters. Second, Conversations API methods are now required over their typed counterparts: channel.*, group.*, im.*, and mpim.*. Third, event payloads no longer contain full lists of authed_users or authed_teams—instead, use a new method to learn the full list of authorizations an event is visible to. We know keeping up with best practices for Slack apps is a lot to handle—thank you for allowing us to make the platform better. Keep reading.
If your app makes use of user emails, be on the lookout for relay email addresses. When users sign into Slack via Apple, their emails may appear as anonymized relay addresses. Relatedly, Sign in with Slack won't work with these users.
Now you can decorate your ephemeral messages requesting authorization with Block Kit using chat.unfurl. Learn more about our continued improvements to message unfurling.
When a user initiates a private channel share via Slack Connect, the channel's ID changes. Subscribe to channel_id_changed to learn the new IDs for the private channels visible to your app.
Your app can now count its workflow steps with the help of four new events: workflow_published, workflow_unpublished, workflow_deleted, and workflow_step_deleted. Use these events to stay informed on workflows—from unpublished to published and back again—that make use of steps powered by your app.
Socket Mode supplies your app with events and interactive feature payloads over a dynamic WebSocket URL. Read more on the new way to skip static, public HTTP endpoints—now supported by all SDKs.
Submissions to the App Directory now require Security & Compliance information. Read more in our submission guidelines.
Reach a whole new world of workspaces: build an app that can be deployed across an entire Enterprise org.
Apps created after February 24, 2021 will no longer be able to send token as a query parameter. All existing apps require no changes. Learn more.
Apps will now be able to unfurl links anywhere in Slack. Learn more.
The admin.analytics.getFile method returns compressed JSON files with workspace member analytics for the day of your choice—now available for Enterprise.
App modals can now be 'popped out' by users, giving them their own resizable, movable window. No app changes are needed, we just wanted to pop in with an update.
To simplify time input for users, we added a new time picker element to Block Kit.
Block Kit checkboxes and radio buttons are now available to use in messages. Quickly and conversationally collect information from users by including them inline.
Gather data from users directly from your App Home—input blocks can now be added to Home tabs. Additionally, input blocks can now dispatch block_actions payloads when someone interacts with them. Read about the new dispatch_actions flag.
We refreshed the look of your app's listing in the App Directory. Among the changes: a Features tab shows your app's entry points—like shortcuts and slash commands.
We updated our developer policy and API terms of service to clarify language around export controls and international data transfers. Here are the changes.
Alongside upcoming changes to the Events API, you'll find numerous new features: a new authorizations field delivered with events, a new method for listing installations, a new scope—even a new token type for working across an entire organization.
Starting February 24, 2021, event payloads will no longer contain full lists of authed_users or authed_teams. Instead, you can call a separate method if you need a full list of parties an event is visible to. Read up on the upcoming changes here.
On September 29, 2020, view_submission and block_actions payloads will begin including full state for messages, modal, and App Home views. Learn more.
On September 15, 2020, you'll no longer need to worry about different global and local IDs for Enterprise users. Users will have a single, global ID across an Enterprise org, which may begin with either U or W. Read more.
In responses from the search.messages method, four fields—next, next_2, previous, and previous_2—that sometimes appeared are now deprecated and will no longer appear in responses, beginning December 3, 2020. Let us know of your questions or concerns.
Get a handle on creating channels, setting preferences, and connecting new workspaces—all with a single app. Use the APIs for channel management, available to Enterprise Grid organizations.
We slightly changed your App Home's appearance by refreshing the default text style and how hint text is displayed. We hope you'll enjoy it.
Users may now mute and unmute their conversations with apps like they can with other channel types. When a user mutes a conversation with your app, the messages you send are still delivered and a colorful badge will continue to surface in their channel list. However, users will not receive a direct operating system or browser notification on delivery.
Slash command invocations will now include an api_app_id parameter with your Slack app's ID. This parameter will better assist you in handling commands from multiple applications or environments.
New header blocks let you provide stronger delineation between groups of content in your app surfaces. Stay ahead of the game by learning how they work.
Expand Workflow Builder's capabilities by creating reusable, custom steps that any builder can add to their workflows. Workflow steps from apps is now in open beta. What’s your app’s next step?
Previously, when a user mentioned an app that wasn't party to the conversation, the user could Invite the app to the conversation, Let Them Know, or Do Nothing. The Let Them Know button didn't work. We've fixed that mistake by removing the button, and updated our documentation on the app_mention event as well.
Mark messages unread for users with conversations.mark. Bespoke clients and personal utilities should use this method sparingly.
The URL where users manage existing installations of Slack apps is changing to https://app.slack.com/apps-manage/. You might not even notice the difference, but we’re letting you know just in case.
You can now present your app's pricing information in your listing in the App Directory.
With Slack Connect, channels connect multiple workspaces and organizations with ease. Here's an overview of how to develop apps for channels between organizations.
A change to user_change events: we've fixed a bug where these events dispatched to subscriptions from all workspaces in externally-shared channels. Now, user_change events are dispatched only to the home workspace of an externally-shared channel.
If you create a new Slack app and use deprecated methods like channels.info, im.list, mpim.history, or groups.archive, you'll now receive a method_deprecated error. Existing apps will receive warnings but still have until February 24th, 2021 to migrate to the Conversations API. Learn more.
Maintain a membership allowlist for private channels using admin.conversations.restrictAccess.addGroup, admin.conversations.restrictAccess.removeGroup, & admin.conversations.restrictAccess.listGroups methods, now available for Enterprise organizations. Update: These methods were renamed but the old names will continue to work. Black lives matter.
We recently updated Block Kit Builder with additional preview options and more convenient ways to copy, paste, and dispatch payloads. There's more beauty to it too.
The deadline for all Slack apps to use the Conversations API—instead of its antecedents—has moved from November 2020 to February 24th, 2021. Newly created Slack apps won't be able to use channels.*, im.*, mpim.*, or groups.* methods beginning June 10th, 2020. Warnings will soon be included as part of deprecated responses. Learn more.
Use the Calls API to hook your calls natively into Slack. Catch up on Calls.
Legacy tester tokens may no longer be created. Existing tokens may continue to be used, regenerated, or revoked. Tokens left unused for three months or more will be regularly revoked. Learn more from our February 2020 announcement.
Complete your IDP groups with custom default channels, courtesy of the admin.usergroups.* API methods.
Starting July 1st, 2020, rate limits will apply to all SCIM methods. Please make sure any apps using the SCIM APIs remain within these limits and humbly handle HTTP 429 responses.
A more direct route to messaging in response to modals: the new default_to_current_conversation field allows your conversation_select and multi_conversation_select menus to be pre-populate the currently open conversation.
The shortcuts button is now available for all Slack workspaces, so we're taking global shortcuts out of beta.
Previously, OAuth Redirect URLs could contain anchors (#). We've fixed that mistake, and anchors are no longer allowed.
Beginning June 10th, 2020, all newly created Slack apps will be unable to use the deprecated methods in channels.*, im.*, mpim.*, and groups.*. Existing apps have until February 24th, 2021 to migrate to the Conversations API. Learn more.
Visually highlight destructive actions by using the new style parameter in confirmation objects.
Give app installers good reason to trust your app: submit security and compliance information to the App Directory today.
SCIM API endpoints now have clear, explicit rate limits. Read all about them here.
Tune out the noise—you can now use filters with conversation lists in select and multi-select menus. Learn more and start filtering.
Give users clear entry points to your Slack app with Shortcuts. App Actions are now called message shortcuts. They're joined by new global shortcuts that allow users to initiate interactivity from anywhere in Slack. Learn more here.
The IDs returned by our APIs have grown longer. They are now up to 11 characters long, and could grow longer in future. Please audit your Slack apps, and verify any assumptions about the length of IDs for users, channels, and other objects.
We didn't turn off the replies array field found in threaded parent messages on October 18th, 2019 like we said we would. The new date is March 31st, 2020. Please use the reply_users, reply_users_count, and latest_reply fields instead.
Fair is fair: radio buttons now support mrkdwn formatting, just like checkboxes.
New guidelines for App Directory submissions have arrived to help ready your app for the world.
Using two new scopes, your Slack app can adjust its message authorship and post in any public channel.
The creation of legacy test tokens is now deprecated and will permanently retire on May 5th, 2020. Learn more about using Slack apps to build firmly scoped integrations.
Starting February 18, 2020, unexpected results using the SCIM API when rapidly updating data on the same user or group will become a thing of the past.
It's a win for webhooks: you can skip the small stuff and trigger a workflow with a web request.
Check another item off your Block Kit wishlist - we've added a checkbox group element to modals and Home tabs for your multiple choice input needs.
You can submit information to the App Directory on your app's privacy policy, data retention, security tests, and compliance with major laws. Read our blog post on the new Security & Compliance feature, now in open beta.
New Slack apps, with subtler permissions and more intuitive behavior, are now the default when you create an app. Get started by building or migrating.
Your app's new Home tab is out of beta. Design a comfortable place for users to get work done using Block Kit Builder and publish them for users using views.publish. Get started by diving into the Home tab docs.
Give users a key to directly open your Home tab. Read our updated deep-linking guide to see how you can create links to specific tabs in your App Home.
We are deprecating all channels.*, groups.*, im.*, and mpim.* Web API methods in favor of their Conversations API replacements. Migrate to conversations.* as soon as possible, as these deprecated methods will retire on February 24, 2021. Read on.
We didn't set out to produce almost 700 pages of documentation but you can search it all now on api.slack.com/search.
New Slack apps may now be submitted to the App Directory. Check out our guide to migrating your existing app to use new, granular permissions.
Place useful limits on multi-select menus using the new max_selected_items parameter.
Your App home is going mobile — you can now interact with an app's Home tab from iOS and Android clients. We recently published a new App home tutorial to help you build, or you can read the Home tab docs.
Help users make informed decisions when considering your app by listing the languages it's fluent in and any pricing model that applies to it. You can provide this info as part of the Slack app directory submission process.
You can now use Block Kit radio buttons in modals, in addition to Home tabs.
We're removing the misleading and undocumented guest_channels field from user profile objects belonging to guest users. The users.conversations method is an accurate way to query the channels a guest user belongs to.
Slack has but one REST API, the SCIM API, and it's now fully standards-compliant with SCIM 1.1 when using the HTTP PATCH method to update user records.
Your apps have always needed a better home, right in Slack. Now apps with bot users can use Block Kit with a new surface called the Home tab. Learn how to use this new space to provide users with a persistent place for dynamic experiences.
Radio is alive and well in Block Kit. Obtain a simple, singular choice from users using our new radio button elements.
Craft a workspace faster than a cup of coffee and fill it with users, admins, and owners. Check out the APIs for creating workspaces and managing users, now available for Enterprise Grid organizations.
New Slack apps can act independently of a user token. Build a bot user powered by only the specific permissions it needs. Check out our open beta for newly created Slack apps.
Announcing new pastures for Block Kit beyond messaging: trigger dynamic modal interfaces to provide linked user experiences invoked from messages, actions, or slash commands.
Embrace procrastination — allow users choose from multiple options in interactive workflows. Use new multi-select menus in all your Block Kit surfaces.
This autumn or soon thereafter, users will begin editing messages using a WYSIWYG (what you see is what you get) interface. When they do, their posted messages will appear slightly different throughout our APIs. Learn more.
Two new events, channel_shared and channel_unshared, now notify your app when a channel is shared or unshared.
A single admin app can now approve or restrict other app installs across an entire Enterprise Grid org. Get a little meta, and a lot more time-efficient, with the APIs for app management.
As previously announced, pins.add will stop accepting file and file comment IDs beginning August 22, 2019. Similarily, reactions.add will no longer allow file and file comment parameters. Nowadays, apps and users pin & react to messages about files instead.
On March 4, 2020, we'll require all apps, custom integrations, bots, and users communicating with Slack to use TLS version 1.2 or higher. There will be a 24 hour test deprecation on February 19th, 2020. Read more details on why and how to upgrade.
Channel names have grown up: instead of a maximum length of 21 characters, channel names may now feature a full 80 character label.
Enterprise Grid admins may now use the admin.users.session.reset method to wipe a user session, logging out a user whose device may have been stolen or compromised. Learn more about the new method, as well as the new scope required to use it.
Your app may now encounter channels shared between workspaces on Enterprise Grid. As a result, it's even more important to use the Conversations API methods to safely handle channels both shared and unshared.
Using the SCIM API's GET /Users or /Groups methods? Their count parameters will no longer accept values above 1000 beginning August 30, 2019. Learn how to prepare.
As announced on March 25, the dnd.teamInfo method now requires the users parameter. An explicit list of users helps you, and us, avoid slow API calls.
As previously announced, the files.comments.add and files.comments.edit methods are retiring today. Also, files may no longer be pinned to channels. The pins.add method will no longer accept files or file comments beginning August 22, 2019.
Better built-ins. Nifty type hints. Easier RTM event handling. Build for the future with the new Python SDK V2.0.0, lovingly crafted with Python 3.
Parent messages in a thread will no longer explicitly list their replies. Instead of a large replies array containing threaded message replies, we'll provide a lighter-weight list of reply_users, plus a reply_users_count and the latest_reply message. These new fields are already available. We'll remove the replies array on October 18, 2019 March 31st, 2020. Read up on threaded messages here.
Make your app a better listener with the app_home_opened event. When a user enters a conversation with your app, you can trigger a friendly onboarding flow, a whimsical welcome message, or a deep-dive into dialog. Read more.
Retrieve all active incidents, rather than just the most recent one, using version 2.0.0 of the Slack Status API. Read more.
Buttons in message blocks have gained some color. Use the new style field to visually compel and alert users.
We're returning a more descriptive limit_required error when you call users.list or channels.list for teams containing tens of thousands of responses. To avoid the peril of errors entirely, use pagination.
Taking a novel approach to pagination, the v5 release of our Slack SDK for Node.js supports Node v8 LTS and above. It also splits the client into three separately installable packages optimized for speed and bundle size. Work with other languages or frameworks? Browse other tools built for you.
When querying dnd.teamInfo, the users argument is required beginning June 3, 2019. Future-proof your app by explicitly listing which users you wish to see Do Not Disturb settings for.
Harness a hint of time travel for your app. Schedule messages for delivery at the time of your choosing.
We're starting to enforce (more firmly) the 5GB file upload limit for workspaces on a Free plan. Some API endpoints will yield tombstoned files with the content redacted. Read more.
We're retiring the files.comments.add and files.comments.edit methods on May 22nd, 2019. Learn more.
We're loosening up limits on dialogs. You can use five extra elements (ten total) and lovingly label them with longer lengths of letters.
When your exacting maths require the precise number of members party to a particular conversation, use the new include_num_members parameter with conversations.info.
Build better messages with Block Kit, a set of building blocks for simple messages and vast, interactive workflows. And, build messages better with Block Kit Builder.
We're limiting legacy tester tokens by revoking them when they're left unused for several months. As a pleasant counterpoint, our method testers let you bring your own token now.
Apps endure, even when their installing user leaves the team—as long as the app doesn't perform actions on behalf of the installing user. Read up on the new behavior, which rolls out to free, paid, and Enterprise Grid teams over the next week.
Conversation objects associated with shared channels now feature a conversation_host_id field, indicating the workspace or enterprise grid organization that "hosts" the shared channel.
We're erasing the shares attribute from "shared channel" conversation objects. In methods like conversations.history and the Events and RTM APIs, enjoy a lighter-weight list of the shared_team_ids representing the teams across which the conversation is shared.
Post replies in a thread with incoming webhooks: the thread_ts parameter now puts your webhook reply in its proper place.
The data structure of messages received from our APIs will change with the launch of Block Kit early next year. In return you'll be able to add newer, clearer visual components to make your app's messages magnificent. Even if you aren't using it, your apps may be affected by the additions. Learn more.
Apps may now restrict Web API requests to as many as 10 IP address ranges. Learn more about IP whitelisting for internal integrations.
The developer preview for workspace apps has ended. We're taking the components of workspace apps and breaking them apart: applying them in phases to existing as well as new apps. Read more about the motivation behind ending the preview.
As public channels become private, they now retain their original channel ID. Legacy methods like groups.list and channels.list don't support these transitional channel types and Conversations API methods must be used instead. Learn more.
Whatever flavor of workspace token you're using, you can now expect the same invalid_auth error code when the token is invalid. You'll receive this error whether the token is expired, revoked, or just plain wrong. Use our OAuth 2.0-based token refresh system to refresh expired tokens safely.
Workspace apps may now continuously rotate shorter-lived tokens without downtime. Our OAuth 2.0-based token refresh system is strongly recommended for all workspace apps. Expiring and rotating tokens is required for all distributed workspace apps. Already manage a distributed workspace app? Please implement token rotation by January 15, 2019. Learn more.
Clear clever custom statuses like clockwork. Learn how apps can add expiration dates when setting custom statuses for people.
We're postponing planned changes around scope requirements for app and bot access to email addresses. The new date is in autumn, on October 16th, 2018. If you haven't already prepared, read on.
Verifying requests from Slack just got easier: our Node Interactive Messages SDK, Node Events API SDK, and Python Events API SDK now verify request signatures automatically. Learn more.
"40k ought to be enough characters for any message." - Slack Platform Gatekeepers. Messages are now limited to 40,000 characters. Learn more about these planned changes.
Your workspace app can use the new apps.uninstall method to uninstall itself from a single workspace, revoking all tokens associated with it. To revoke a workspace token without uninstalling the app, use auth.revoke.
It's official: workspace apps can reach out to and converse with anyone using the new conversations.app_home:create scope. No more fumbling with conversation IDs or different methods: just plug the user's ID into chat.postMessage and go.
If your workspace app posts ghostly messages with chat.postEphemeral, you may have noticed a no_permission error thrown instead of channel_not_found when your app isn't a member of the target conversation. Turns out we actually could find the channel after all.
We updated our Slack App Developer Policy and API Terms of Service to provide more detailed guidance, but we have not made material changes. The new policy is effective August 31, 2018. Together, we keep Slack a safe, private and secure platform for work. Learn more.
Pagination rules the nation and the Slack API. These methods newly support cursors: files.info, groups.list, im.list, mpim.list, reactions.list, and stars.list. For apps created after August 7, 2018, results will be returned in perfect, piecemeal pages by default. Learn more about pagination.
With Slack Developer Tools you can now quickly look up documentation, investigate the structure of messages, and more, all inside of Slack.
Commenting on files is now just like replying to a message. All developers working with file objects, events, or comments should read on to learn more, much more, about file threads.
HTTP requests originating from Slack now support Mutual TLS. Use Mutual TLS to attain the highest level of confidence that requests from Slack are, in fact, authentic. Read more.
Get ready to lend users a hand and start working on their behalf. Now workspace apps can ask for permission to read & write personalized settings like reminders, custom status, and profile data. Learn more about working for users.
Our recently launched message actions are now available for use in all Enterprise Grid workspaces and any Shared Channels within them.
Confidently verify a request originates from Slack by validating our new request signatures. The signing process replaces the use of verification tokens, now deprecated. Learn more.
We expect file threads to arrive after July 19, 2018. Do you manage a Slack app relying heavily on files or file comments? Join our pilot program and prepare your app for file threads ahead of the transition. Learn more about what's changing.
Learn when private channels are deleted with the new group_deleted event, now available for the Events and RTM APIs.
The Conversations API now supports workspace apps, using three simplified scopes: conversations:history, conversations:read, and conversations:write. We recommend upgrading your apps in developer preview to the Conversations API as soon as possible. Learn more.
Beginning October 16, 2018 the users:read.email scope is required to retrieve the email field from user profiles while using user or workspace tokens. Consult our previous announcements on this topic from 2016 and 2017 for migration tips and some historical perspective.
Adding contextual actions lets users send specific messages to your app at will. Here are some amazing things our partners do with actions. This blueprint demonstrates the ineffable synergy of using actions and dialogs together.
We're compiling a humble library of JSON schema about the Events API into a kind of open specification called AsyncAPI.
Newly-issued bot user token strings are a little longer than before. Building for the ages? Plan for token strings containing up to 255 characters.
Apps participating in our developer preview using the Events API will need to subscribe to message.app_home events for a focused feed of messages between your app and the people who interface with them through the app home. These messages aren't delivered to message.im subscriptions now. Learn more.
File threads, a replacement for file comments, is on the way! Learn about the changes ahead, some of them may break apps relying on file comments behavior and some apps may need to request additional scopes when working with files.
Measure drop off and send helpful follow ups when users cancel dialogs with these opt-in cancellation notifications.
Have a bot user token you don't need or want to use anymore? Now you can use xoxb- tokens with auth.revoke.
We're still tidying up the character limits on the text field of posted messages and gradually lowering its maximum. On April 25th, we began truncating messages greater than 500,000 characters. As of July 12, the maximum is 100,000. We'll begin truncating messages greater than 40,000 characters in August 2018. Learn more.
Your workspace token-based apps in developer preview must now request the files:write scope to upload & manage files instead of files:write:user. Existing access grants are backfilled. Know your read & write rights.
Working with workspace token-based apps as part of our preview? Please start using oauth.access instead of oauth.token during installation. Read on to learn why and about new features.
Some bots are users too. Now you can find a bot user's user_id with bots.info.
Enhance your dialogs with dynamic form elements "borrowed" from message menus. Learn more.
Rediscover the conversations you're party to with users.conversations.
We corrected and clarified the behavior of users.profile.set to only allow admins of paid teams to update email address profile fields.
We added a type field to the requests dispatched to your Options Load URL, used in message menus and— well, it doesn't work anywhere else yet but we'll have a dialog about that one day...
This significant upgrade to the Slack SDK for Node.js modernizes one of the most widely-used Javascript libraries on our platform with strong typing, more intuitive method signatures, and comfortingly predictable release cycles. It also sheds its aging DataStore, which has not evolved in tandem with the realities of building apps for today's workspaces. Learn more about upgrading in our announcement.
We are continuing to decrease the maximum number of results returned by members arrays returned in channels.* and rtm.start, with the limit currently set to 500 results. conversations.members provides paginated access instead. Read this October 2017 announcement for detail.
Web API methods will be enhanced with tiered rate limiting beginning March 7, 2018, with most methods gaining greater limits than ever before. Learn more about this week's incremental rollout of rate limit tiers.
Now you can follow up after users submit your dialogs. Use the new response_url attached to any dialog_submission to send messages after submission.
Now users can respond to dialog textarea elements with up to 3,000 riveting, carefully-chosen characters.
Events API rate limiting has matured, now allowing apps up to 30,000 event deliveries per workspace per hour. Having trouble keeping up? Event deliveries will only be disabled when apps drop below a 5% successful response rate. Learn more.
The users.setActive method was recently rendered irrelevant by our efforts to modernize our message servers. Use users.setPresence and/or connect via RTM to proclaim a user's presence instead. We'll remove this no-op method entirely on May 8, 2018.
Catch up on recent changes to presence in the RTM and Web APIs and changes to come, including the deprecation of users.list's presence parameter. Read on.
Having trouble connecting to the RTM API lately? WebSocket URIs may contain querystring parameters & some libraries don't like that. Find out more.
Workspace token apps in developer preview now must request the chat:write scope to post messages. Existing access grants are backfilled. Read on, developer previewers!
Active listening made easier: Subscribe to app_mention events to exclusively receive messages mentioning your app or bot.
Now shared channels can be made private and the implications are well worth considering, especially if assuming channel IDs beginning with C are public. Read on.
For those moments when your app knows a user's email address but hasn't met them on Slack yet: now apps with users:read.email can use users.lookupByEmail and skip wading through users.list.
Turn your links into buttons by adding link buttons to your messages.
Storyboard, mock, and play make believe with these useful design templates starring your favorite platform features.
Use chat.getPermalink to easily exchange a message ts for a permalink URL.
Why couldn't bot users use bots.info? We don't know but now they can too.
Help people get back to work by deep linking to your Slack app or directly to a channel.
When a workspace migrates to Enterprise Grid, existing users are given a second global user ID. Now you can bulk convert those with migration.exchange and turn off your app's translation layer, living the dream of one user ID per user.
Do what you like with this OpenAPI 2.0 specification of our Web API. Relatedly, most methods now contain more helpful response examples. More specs and coverage on the way. Read on about our API spec.
Send JSON when posting to Web API write methods. Gone are the days of perfunctory errors when sending lovingly crafted JSON to chat.postMessage and other methods. Read on.
We broadened support for presenting your tokens as a "bearer token" in Authorization HTTP headers with the Web API. Learn more.
We removed the latest, unread_count, and unread_count_display fields from limited contexts of the new Conversations API. They weren't really supposed to be there. You won't find them spuriously lurking in the shadows again. We don't anticipate any issues but let us know if you find any.
The members array found in many Web API methods like channels.list and rtm.start is now truncated. We continue to lower the maximum results returned. Please Use conversations.members to manage memberships instead. Read on to learn more.
Scheduled changes and feature retirements to the Slack platform are now easier to find in our forward-looking calendar of upcoming changes.
The RTM API's presence_change event requires presence_sub subscriptions beginning November 15, 2017. Read on.
Ask users for more structured form-based information with Dialogs.
Now you can customize your app's experience by the locale and language preferred by users, channels, and other conversational constructs. Start practicing your Klingon. 🖖 Learn how.
Shared Channels let Slack apps collaborate with users across different organizations.
The Conversations API is a collection of more than 15 Web API methods normalizing the way apps deal with channels, direct messages, and more. Never rely on the first character of a channel ID again.
The role of @username is changing on the platform but we're making the transition as backwards-compatible as possible. Read on for important updates.
We are clarifying two terms encountered throughout Slack, "team" (the people you talk to in Slack) and "workspace" (the place you do work). You'll find many team references updated to workspace across Slack and API documentation. With artifacts like the team object, field, and parameters scattered through the platform, you'll often still encounter team while reading and programming.
No more sad panda 🐼 because we fixed it — Now the outgoing webhook response payload includes a thread_ts attribute so you know if the message is triggered in a thread!
Batten down the hatches! Further secure your internal integrations by restricting token use of Web API methods to specific IP addresses you trust: IP whitelisting is here.
Improve your custom unfurling flows with these enhancements to authenticated unfurls and chat.unfurl.
No longer the sole domain of slash commands and interactive messages, now apps can emit their own ghostly ephemeral messages with chat.postEphemeral.
Temporary rollback: We've reinstated access to the email attribute for bot and user tokens. On August 1, 2017 we proceeded with limiting email access to user tokens with users:read.email, originally announced in November 2016 and again, with a revised plan in April 2017.
Our developer preview for a new kind of Slack app based on workspace tokens is open. Learn how to work with workspace tokens and about our new Permissions API. Our announcement covers the story behind the token.
With so many token types decorating our platform, this guide to token types has become a necessity.
Now we allow you to learn more about OAuth permission scopes and methods, events, and token types each supports with this helpful OAuth scope library.
Shuttle Slack app installers to the installation flow more swiftly from the app directory with a Direct Install URL.
Buried somewhere in this RTM announcement, we told you about the latest field departing from channel objects returned in the long rtm.start preamble. Those fields are gone. Turns out we also removed unread_count_display and unread_count too. If you're suffering from a sense of loss over these unread count fields, please drop us a line. You can still find them in channels.info.
Your app has a home in Slack. Read all about it!
Teams now have the option to limit Slack app installation only to apps listed in the Slack app directory.
We're introducing a unified cursor-based pagination model to many of our Web API methods beginning with but one: now you can drink from users.list one delicious sip at a time.
Get an event when more members join your User Group or when — uh-oh, it loses members with subteam_members_changed.
Do you work with presence_change events in the RTM API? Learn about new ways to subscribe and consolidate presence events here.
We've compiled a collection of Best Practices around building fantastic Slack app user experiences. Your users will be stoked!
We've turned a light on for you and your development team: App Blueprints are like recipes for building the internal integrations your team needs to succeed.
We've corrected a long-standing bug where user or @channel-type mentions in back-tick fenced code blocks would trigger notifications. They won't now.
We've made very minor improvements to our OAuth-based installation process. You may notice a shifted pixel here and there but no app-facing functionality has changed.
Just like subscribing to your app's own newsletter: App Events tell the story of your app's lifecycle. Learn when your app is uninstalled with app_uninstalled, or when user and bot tokens are revoked with tokens_revoked. Pause and resume activity when teams migrate to Enterprise Grid with grid_migration_started and grid_migration_finished.
We undocumented the mysterious user_id_mapping_old_to_new field described in the Enterprise Grid documentation. It doesn't actually exist and never has, oops!
Slackbot wants to help spread the word about your cool Slack app. Add a little HTML to your site and we'll suggest your app when your links are mentioned. Learn how to make your app discoverable.
You'll soon see fewer message.channel_join and message.channel_leave message subtype events in the Events API and RTM API. Instead, you'll find these new refreshingly direct and informative events: member_joined_channel and member_left_channel. Here's the whole scoop.
That old channels.list API method has a new parameter: exclude_members. Some teams are so big and some channels have so many members that listing them all in a single API response along with every other channel is just outright impractical. Cull unneeded data easily accessed with channels.info by excluding members fields.
We'd like you to stop using rtm.start and start using rtm.connect instead. rtm.connect boots quickly and works well with the most gigantic teams and enterprises of the galaxy.
It's spring cleaning time for email. We're winding down the grandfathering introduced for apps using users:read created before January 4th, 2017. After August 1st, 2017 your apps must request users:read.email to gain that access. See this post for more detail. This retirement has been delayed with no date yet rescheduled.
Observe the custom status of team members with users.profile.get. Update a user's custom status with users.profile.set. Learn how to sync status with calendars, cubicles, conference calls, and bathroom stalls.
More ways to make messages interactive than before: introducing message menus. Define your options statically, dynamically, even personally — or use our handy conversation, channel, and user pickers. Don't forget your field guide.
As with the humans operating them, user objects change over time. With the new updated field, decisively learn last time a user object transformed. Look for it in methods including (but not limited to) users.list and users.info. It's an integer value depicting seconds since the epoch.
We're introducing new, multimedia ways for bots and apps to express themselves in the app directory. Follow our new guidelines to make a great impression with potential installers.
Provide users posting links with all the context and interactivity they need, right in Slack. Introducing Slack app unfurling. Here's the announcement!
Beginning March 9, 2017, events transmitted via the Events API will include event_id and event_time fields. event_id is globally unique across all teams while the event_time is when the event dispatched, in integer-based epoch time. Use these fields as you like, but there's nothing you need to do to prepare for this eventuality.
We made it easier to create and manage your Slack apps. And if you're building internal integrations for your own team, there's a better way to install your app without worrying about the OAuths. Check it out.
Looking for custom integrations? They're documented as legacy now. They still work like you're used to but we'd prefer you built your internal integrations as part of a Slack app instead.
Minor field changes coming to channels.history file messages and skype user profile fields. Read all about it.
You have the tools and the talent — now you have the opportunity: Learn how to develop for Slack Enterprise Grid. Here's the announcement for the suits.
Now your app can read, write, and party with message threads. Rolling out to teams over the next few days, message threads are a perfect place to tuck your wonderful workflows. Here's our announcement.
This new year's resolution is a minor slash command revolution: a backwards-compatible, familiar, and decisive means to resolve user IDs, channel IDs, and links from references in slash command invocations. Learn how to turn on this helpful, long-requested feature.
Now everyone's bot is present and accounted for. Events API-only bots can toggle online presence by visiting their app management command center. Details worth catching up on: bot user presence.
We made it so Slack apps have a profile within Slack like humans do — Here's an announcement tweet.
Let's extend a warm welcome to new app_id fields now appearing in our APIs. app_id is now found in rtm.start & bots.info. You'll also find app_id in the bot_added & bot_changed events. What's an app_id? It's the alphanumeric string found in the URL bar while managing your Slack apps.
We've added a new OAuth permission scope called users:read.email. Apps created after January 4th, 2017 will need to request this additional scope to gain access to team member email fields when using users.list and users.info. Existing Slack apps with users:read are automatically grandfathered to include these fields. Here's even more detail on that.
Now you'll find links to practical tutorials and thoughtful articles displayed beside relevant documentation found here on api.slack.com. Discover new articles or browse them by topic in our new Tutorials hub. Written something great? Tell us about it!
Our developer relations team has renewed Slack's adoption of key open source tooling: Slack Developer Kits. Discover our Python & node.js SDKs in their new home on our community index.
Your elaborate Slack apps are no longer shackled to but just one team member. Now you can invite other team members to be App Collaborators to share in the fun and responsibility. Here's what our web log has to say about it: Build together with App Collaborators
We will soon add an additional response_metadata node to our JSON responses; we'll put warnings there first and other useful stuff later. More details are available.
Newly issued OAuth token strings are longer than they were before, as we informed you about last month. Let us know if this vexes you.
Now you can use the users.profile:write OAuth permission scope to reset and upload profile images using users.deletePhoto and users.setPhoto.
We've dramatically improved the process of submitting a Slack App for inclusion in our Slack App Directory. You'll find a helpful, interactive checklist when first submitting your app. When you're ready to iterate further, you can simply create a secondary beta application. If a core piece of your app's functionality changes (like requesting new OAuth permission scopes), we'll happily review your app again. Read all about it on the platform blog.
Ever needed to send a user to Slack directly from your app? Here's how to deep link and make native Slack clients part of your app's workflow: Open key teams, channels, and conversations. Or, defer to search results using the slack:// URI scheme.
The character length of token strings is getting longer. Find out how long they'll get and how to future-proof yourself for changes in the future.
You may encounter an occasional user ID beginning with the letter W. We've released a new version of node-slack-sdk to correct a related bug. Read more about these changes.
Introducing the Events API, a new way for Slack apps to receive event types previously available only to the real time messaging API. Subscribe to the events your app needs and have them delivered right to your server as they happen. Build a bot or event-driven app without worrying about websockets, and scale it like a web app. Read more about the Events API in our blog post, Subscribe to the Events API.
Until now, it's been easy to accidentally send messages flush with hundreds of message attachments. We've begun limiting the number of message attachments per message to 100. For approaches like chat.postMessage, incoming webhooks, and chat.update, and response_urls you will receive a too_many_attachments error. Unfortunately, we are unable to serve you an error when sending messages as part of a slash command or message buttons invocation response.
If you're interested in listing your Slack App in our directory, you'll want to review our new Slack App Directory Agreement and consider our Security Review Process. Find these and other policies in our new Slack App developer policy hub.
We've corrected a bug where incoming webhooks could post messages in "#general" even 1) if that channel restricts posts and 2) the user owning the webhook was not allowed to post there. This new behavior will only prevent recently created webhooks from posting to restricted "#general" channels, so if your old webhooks are relying on this quirk, they'll be fine for now.
Now your applications can read and write defined team profile fields for individual team members. The users.profile:write scope allows you to edit fields with users.profile.set. The users.profile:read scope empowers you to discover available fields with team.profile.get and retrieve user profiles with users.profile.get.
Slack apps can now add action-invoking interactive buttons to messages, allowing you to simplify workflows and encourage users to take decisive action from within Slack.
For better readability, syntax highlighting has been added to code blocks throughout our documentation.
We've corrected the behavior of stars.list so that it only returns stars belonging to the owner of the presented token. The user parameter may still be used if the provided user ID belongs to the user utilizing the token.
Team administrators may now use tokens with the admin scope to request information about the billable status of team members using the team.billableInfo API method.
Now that bot_id appears in the real-time messaging API and Web API, you need a better way to look up bot users. Use the new bots.info method to query bot/application information by ID. It requires the users:read scope.
Additional real time messaging API events will begin including the event_ts timestamp field later this June. Find out what to expect.
Now you can put down a footer on your message attachments. Use the footer, footer_icon, and ts fields to tie content across time and space.
For the few of you out there using outdated tokens, we've made some changes to authorship behavior when using chat.postMessage.
Error conditions in incoming webhooks are due for an improvement. Read all about how blanket HTTP 500s will become more fine-grained, purposeful error conditions. Shipped on June 16, 2016.
Recently introduced bugs in our iOS & Android apps cause message attachment fields marked as "short" to wrongly render long anyway. Our fixes may take a couple weeks to reach each platform.
Sign team members into your website, service, or application with Sign in with Slack, based on the same OAuth 2.0 flow used by the Add to Slack button. Read more about it in this announcement.
We've added two new API methods: users.identity works with Sign in with Slack and auth.revoke revokes hallway privileges for access tokens. Actually, it revokes the whole token.
For those who don't know why they should build on Slack: https://slack.com/developers
Bot user tokens may now use files.info to look up information about files they have access to by virtue of their channel memberships. Also, very helpful for adapting to upcoming file events changes.
Manage your Slack apps joyously with our updated app edit pages.
File events are changing in the real time messaging API beginning May 16th. Here are details on everything that will change, and the upcoming ability for files.info to be used by bot users.
As previously announced, we've added a bot_id field to relevant API responses. Let us know if you run into any issues.
We released a family of API methods to create and manage reminders. Meet reminders.list, reminders.info, reminders.add, reminders.delete, and of course reminders.complete.
We fixed an unfortunate bug where a team member could inadvertently uninstall a whole Slack App from their team by removing a single incoming webhook associated with that instance of the app.
Find out what we're building! Announcing our Platform Roadmap.
Need ideas for building on Slack? Try the Ideaboard.
Another way to keep up with the Slack Platform: Install the API News App to receive occasional, important notifications about the platform.
Your bot users author their own messages, now they can edit them too. Bot user tokens may now use chat.update, like humans do.
Now chat.postMessage will better intuit your intent when you don't explicitly specify the as_user parameter. Let us know if we're guessing wrong!
One day soon our Web API will warn you when something is only slightly wrong with your requests. Read all about API warnings.
Be welcoming. Be kind. Look out for each other. This is the Code of Conduct for the Slack Developer community.
Now bot users can use methods requiring the dnd:read scope, like dnd.info and dnd.teamInfo. Your bots'll be more polite than a protocol droid!
Home in on hosting for your app or integration with this collection of hosting providers.
Craft your fancy messages in real time with the new Message Builder!
Users can now rename Bot Users they've installed as Slack Apps. More naming, more claiming. No more terrible twos.
We finally updated the slackhq/slack-api-docs repository, reflecting recently introduced and quite ancient documentation updates and new features.
reaction_added & reaction_removed events now include an item_user field indicating the user that created the original content everyone's raving about.
Published this changelog you're reading right now. So that you can know about all this stuff. Tell your friends.
New Web API methods: share files publicly with files.sharedPublicURL or make them private again with files.revokePublicURL.
files.comments.add, files.comments.edit, and files.comments.delete are now available to bot users.
Quickly find the right tools for your project with our new listing of often-used open source libraries.
The handy test token generator previously found in the Web API documentation now stands proud with its very own page.
Need help? We have some tips for you.
api.slack.com's sidebar is now better organized by topic.
url and url_download are no longer part of file objects
Enjoy our evolving collection of Frequently Asked Questions (and answers!)
Responses to Incoming Webhook requests now include channel_id
Make sure you're ready before submitting your Slack App for review by following this Slack App Checklist.
Incoming Webhooks documentation updated to better bait best practices and discourage fishy formatting behavior.
The file object documentation now includes a list of possible file types.
Now you can upgrade your Slack App's OAuth Scopes by managing your apps. This article explains it all.
Don't press snooze until you've dreamed about our new Do Not Disturb Web API methods.
You can now package Bot Users within Slack Apps, making your creations easier to distribute to teams.
We launched the Slack Application Directory, where teams can discover apps like yours.
We announced the Slack Fund to "give developers the backing they need to build everything possible in Slack."
The api.slack.com home page is fancier.
Enjoy major updates to the Slash Commands documentation, expanding on topics like... delayed responses.
Announced important changes to the Files methods of the Web API.
Added team.integrationLogs to the Web API.
Added authorization support for thumbnail URLs appearing in File objects.
More granular OAuth scopes are here! Now your apps can ask for the exact level of access you need.