We know there's a lot to learn and read about all the integration points of the Slack platform. Here is a little more information you might find helpful!
You can provision sandbox environments by joining the Slack Developer Program. Once you're ready to deploy your app, distributing the app will allow you to install it in other workspaces.
Start by building a Slack app to contain all of your work—by default, it can only be installed on your own workspace. Follow the instructions in the UI to add features—most require that you provide a HTTP server Slack can reach.
Have more questions? Check out our developer sandbox FAQs!
Of course we want Slack to be fully functional for users and developers at all times. Here are some tips in the unfortunate event you're having trouble and need to determine the cause of a Slack-related issue.
When possible, we report current status promptly on status.slack.com with any service disruption advisories, but you can also use the following methods:
https://slack.com/api/api.test API method. A HTTP 200 application/json response of {"ok":true} indicates at least part of the Slack Web API is available.https://slack.com/api/auth.test using a bot, user, or legacy token. Using this method exercises the authorization and API layer further than api.test and may grant you the serenity of greater confidence in Slack availability.rtm.connect to generate a WebSocket URL using a token with the proper permissions, then open the socket using a tool like this browser-based WebSocket client for Google Chrome.Still unsure if Slack is down? Contact our enthusiastic support team.
Check whether there is an app for a third-party service in the Slack Marketplace. If all else fails, you'll need to code one for yourself.
You can also add connector functions to your automations workflows. A growing library of third-party services are available.
Building a non-workflow Slack app? Start here. Building a workflow for automations? Start here. For more about workflow apps, jump to this section.
When working with Slack apps or the Web API, you'll often need to send access tokens, also known as bearer tokens, along with inbound requests within the authorization header. When creating an app for the first time, you'll be given your own user and bot token while going through the app creation process. In order to obtain other users' tokens, you'll need to send users through the OAuth 2.0 authentication flow. When you're working with Slack apps, you'll be awarded access tokens after a user approves your application.
Your incoming webhook URLs are unique to your integration or application and do not require token-based authentication. Slash command response URLs also already encode your integration's or application's identity.
Use the signing secret to compute a signature, and verify that the signature on the request matches. This process is strongly preferred over the use of deprecated verification tokens.
You can also use Mutual TLS. Mutual TLS verifies the identity of Slack in a TLS-terminating server, before a request reaches your application code.
When you configure Outgoing webhooks, Slash commands and Message buttons, you specify a URL for Slack to send requests to when qualifying conditions are met. Slack also provides you a token related to that integration.
Slack sends that URL a JSON payload containing a token field. Compare that field to values you've received from Slack. Refer to validating slash commands for more information.
Authorization codes must be exchanged for an access token within 10 minutes by calling the oauth.access API method as part of the authorization flow. Otherwise, the authorization code will expire, and you'll need to ask the user to go through the OAuth flow again.
Use the apps.uninstall API method to uninstall an app completely, revoking all tokens. If you want to dispose of a single OAuth access token, use the auth.revoke API method; it works with tokens from Sign in with Slack as well as from Add to Slack.
For classic apps, revoking the last token associated between your application and a workspace effectively uninstalls the app for that workspace.
Members and administrators can remove your app through their workspace administration interface.
Though it's somewhat of a nuclear option, you also have the ability to revoke all tokens from your developer dashboard by selecting your application and clicking Revoke all tokens.
To reset your client secret, go to your developer dashboard, select the application, and click the Change secret button.
Don't forget to use your new secret when exchanging authorization codes for access tokens while authorizing users and workspaces with OAuth 2.0.
When you install a Slack app that contains a bot user, you're awarded a bot user token. This token is used for performing certain actions directly as the bot user, such as posting a message or uploading a file. You can only call Web API methods based on the scopes you've negotiated. A quick way to call an API method is to head to its page here and find the tester tab. Here's an example for the chat.postMessage API method.
Typically, if Slack cannot reach your slash command URL it's because it's inaccessible, does not have a valid or verifiable SSL certificate, or our request is timing out for some reason.
Slack invokes slash command URLs from its servers rather than from a Slack client app like Slack for Mac. This means that the URL we're trying to reach must be accessible to Slack's servers.
To determine whether your certificate is valid, consider using this tool provided by SSL Labs.
Keep track of the validation tokens and team IDs Slack gives you when commands are created and teams approve your app. Always validate that the token field in an incoming slash command request has been issued to you by Slack, and scope your data for that workspace.
You won't be able to override any of these fields when using an incoming webhook attached to a Slack app. Instead, those values will be provided from your Slack app configuration and any configuration provided by the team.
No, SSL certificates must be signed by a reputable certificate authority. You may want to consider using one of the following low-cost providers:
Yes, the Web API accepts both application/x-www-form-urlencoded POSTs as well as application/json.
Refer to POST bodies for more information.
Refer to our rate limiting guide for specific information on rate limits.
Refer to our working with files guide for specific information on working with files.
There are currently no methods to directly look up channels by name. Use the conversations.list API method to retrieve a list of channels. The list includes each channel's name and id fields.
Many developers keep the list of channels in memory for swifter lookups. Poll the method occasionally to refresh your inventory or keep it updated with the Events API.
You can use similar instructions to the question above, or you can use the conversations.info API method to obtain a specific channel's information, including its name.
Channel IDs remain the same, even when names are changed.
As of September 2018, channel IDs remain static even when a channel is converted between public and private.
Use the Conversations API to safely work with channels that have transitioned between public and private.
Use the conversations.history API method and a token with the channels:history scope to retrieve a specific message in a public channel. Learn more about this approach.
If your app's subscriptions are disabled due to exceeding the Events API failure limits, manually re-enable them by visiting your application's settings. If your app is part of the Slack Marketplace, use your Live App Settings instead of your development app.
Choose the Events API if:
Choose Socket Mode if:
Finally, choose the legacy RTM API only if:
user_typing events is important for your app or bot user's sense of self and agency.The answer depends on whether you're using the Events API with or without the legacy RTM API:
active while connected to a WebSocket.Therefore, the presence of the bot depends on whether you are using the legacy RTM API (the bot is online when it's connected through the WebSocket), or it's always online when you turn this setting on. Refer to bot presence for more information.
Socket Mode allows you to use the Events API and interactive features of the platform, without exposing a static HTTP endpoint to receive payloads. Instead, you use the WebSocket protocol and generate a URL at runtime.
The legacy RTM API is another way of connecting your application to Slack. For most applications that can't use a static HTTP endpoint, Socket Mode is preferred over RTM.
For most applications, Socket Mode is a better way to communicate with Slack.
The first step is making a typical HTTP request to the rtm.connect API method. Within that response, you'll find a url field beginning with the URI protocol wss://. Then, use a Websocket client to open a long-lived connection to that time-sensitive URL. While the connection is open, you'll be streamed events associated with the workspace you're connecting on behalf of and can in turn send messages.
Typical HTTP client libraries and tools do not support connecting to WebSockets directly. You will need to find a client library for your preferred programming environment.
Refer to the following guide: Slack Marketplace review guide.
If you need to update your approved app to request new OAuth scopes or to include new features, find your application's settings page at https://api.slack.com/apps. Any changes you make here will not affect the published app.
Once you're ready to apply these changes to the published app, you'll need to resubmit it for review.
If you've submitted your app to the Slack Marketplace but need to make changes to how your app or bot is described, to the integration types packed into your app, or to request additional permissions, you'll need your app to be reviewed again.
Use the beta application corresponding to your submitted Slack app to make modifications to any of these features, such as:
Your client secret and signing secret may be regenerated as needed, without requesting further review.
No, only submit your app to the Slack Marketplace if you want your app to be discoverable and installable from the Slack Marketplace. If you don't submit your app, we won't display it there, but it will be installable by any workspace you give the authorization URL to.
rtm.connect API methodto initiate your WebSocket connection instead of the rtm.start API method. The rtm.connect API method returns just the data you need to open your connection.rtm.start API method, use the no_latest parameter to remove the latest field from each channel object.conversations.list API method, use the exclude_members parameter to trim long membership lists from each channel object.team_id, not workspace_id? Our bad. We used to overuse the term team which could mean two different things—the people you talk to, as well as the Slack workspace, the place you do work!
Now, we use workspace for all the Slack workspaces; however, our API remains the same as before. Wherever you see some objects containing team_id, it really is an ID for the workspace! In the API world, we use the two terms interchangeably.
There are some community-authored open source tools that provide an IRC-like experience on top of Slack APIs. Although they are not directly supported or built by Slack, you can leverage these resources to build your own tools:
We have a quickstart guide that will walk you through the process!
Building your own gateway for personal use is an undertaking.
The part of the gateway that reads from Slack should either connect to the legacy RTM API over a WebSocket or listen for events using the Events API. Use the Web API to post messages and perform channel operations. The XMPP or IRC part of the gateway is its own adventure to explore.
Choose the token type that works best for you. Bot user tokens work well if your user is a bot, but poorly if your user is you. Properly scoped user tokens work best, as they model your own relationship to Slack. The client scope is useful, but overly broad and not suitable for an app distributed on the Slack Marketplace. Using your user token to post as yourself when posting messages with the chat.postMessage API method is best.
Apps operating as a gateway should never distribute their API keys, secrets, or tokens. Refer to these open source CLI apps for some inspiration.
While you cannot add a single workflow to multiple channels, you can download a workflow file, import it into Slack, and update the channel in which it triggers. To download a workflow file, within Workflow Builder, click on the three dots beside the workflow you would like to download and click Download workflow file.
No, at the moment it isn't possible to have conditionals within a workflow.
The best way to to reset the Outlook Calendar app is to start fresh by removing and re-adding your Outlook Calendar authorization. Here are the steps to do that:
Head to the Quickstart guide to use our automated installer script, or download the latest version of the Slack CLI and follow instructions to install it manually.
Developing automations requires a paid plan. Don't have one? Join the Developer Program and provision a sandbox with access to all Slack features for free.
If you have installed the Slack CLI previously and have an older version, note that the minimum required Slack CLI version for Enterprise Grid as of September 19th, 2023 is v2.9.0. If you attempt to log in with an older version, you'll receive a cli_update_required error from the Slack API. Run slack upgrade to get the latest version.
Using a combination of your favorite text editor, the Slack CLI, and the included Deno Slack SDK, you'll develop using TypeScript with a Deno runtime environment.
The automation platform is closely tied to specific language runtimes and SDKs. As you install and utilize your developer tools, you should expect requests from your network to the following non-exhaustive list of hosts:
api.slack.com, configuration information and documentation resourcesdownloads.slack-edge.com, where binaries and other static resources are hosted by Slackslack.com, where most of the individual APIs reside called by the Slack CLI and your appslackb.com, general logging for your triggers, functions, and workflowsslackd.com, where we send information about errors, warnings, and other special conditionsdeno.land, where the Typescript runtime, Deno, resolves & retrieves dependencies and versionsRefer to team collaboration.
Workflows can be started manually by users via link triggers. There are multiple ways to invoke a link trigger, and one of them is with a / keystroke via the shortcut menu.
In other words, you can use a slash command to invoke a link trigger that will kick off a workflow.
At this time, apps deployed to Slack's managed infrastructure are built with Typescript in a Deno runtime environment.
When you use slack run, the local development version of your app connects to Slack via socket mode directly from where you're developing. As you use Slack (or other tools) to interact with your app's triggers, workflows, and functions, data is sent back and forth against your latest saved code. Use this while you're still tweaking things. Your development app is generally only shared with other collaborators, though you can test the full range of trigger options anyway.
When you use slack deploy, the fine computer instructions you've written are packaged up and deployed to Slack's managed infrastructure. As users interact with your app, data is swiftly and securely sent back and forth between Slack servers. Treat this instance of your app with care, especially as your userbase grows.
The local and deployed environments have different triggers associated with them. Triggers you create in a local context will not automatically be created in a deployed context once your app is deployed.
Currently, automations apps are not eligible for listing in the Slack Marketplace.
An example of how to do this is shown in the GitHub Issue tutorial, but the long and short of it is as folows:
.env file could look like this:github_name = slackbotsbestpal
github_token = ABC123DEF
env context property to call environment variables from within your function.import { DefineFunction, Schema, SlackFunction } from "deno-slack-sdk/mod.ts";
export const MyFunctionDefinition = DefineFunction({
callback_id: "my_function",
title: "my function",
source_file: "functions/my_function.ts",
input_parameters: { properties: {}, required: [] },
output_parameters: { properties: {}, required: [] },
});
export default SlackFunction(
MyFunctionDefinition,
async ({ inputs, env }) => { // Add this
const headers = {
Authorization: `Bearer ${env.GITHUB_TOKEN}`,
"Content-Type": "application/json",
};
try {
const endpoint = "https://api.github.com/users/repos";
const response = await fetch(endpoint, { method: "GET", headers });
if (response.status != 200) {
// In the case where the API responded with non 200 status
const body = await response.text();
const error =
`Failed to call an API (status: ${response.status}, body: ${body})`;
return { error };
}
// Do cool stuff with your repo info here
const repos = await response.json();
return { outputs: {} };
} catch (err) {
const error = `Failed to call GitHub API due to ${err}`;
return { error };
}
},
);
That's all! When you run your app, it will use the environment variables stored within your .env file. You won't be using your .env file when your app is deployed (nor should you ever commit that file to source control), so the real power of environment variables is seen when you use the env Slack CLI helper. Once your app is deployed using slack deploy, add your environment variable with the following command:
slack env add github_token ABC123DEF
If your token contains non-alphanumeric characters, wrap it in double quotes. Environment variables added via the slack env add command can be accessed via the env Slack CLI helper, which also allows you to update and remove them.
Yes, you can! To use a Deno Third Party Module, Deno imports modules using URLs. You can see how we do this for a test file in the Deno GitHub functions sample app.
// /functions/create_issue_test.ts
import * as mf from "https://deno.land/x/mock_fetch@0.3.0/mod.ts";
The Slack CLI is commonly used in local development (usually in an interactive mode with prompts), but can also be used for automating testing and deployments (done without interactivity by using flags) by way of a CI/CD pipeline.
Running this type of automation requires authorization with a service token. Refer to CI/CD authorization for more details. You'll also need to accomodate requests from your network to a variety of hosts. Refer to Which hosts are involved in the creation and execution of apps created with the Slack CLI? for more details.
Bolt is not part of the automation platform. Follow the automations quickstart guide to get up and running with the Slack CLI and our Deno Slack SDK to build and deploy automations for your workspace and beyond.
Even some Slack developers are themselves Slack administrators, but if you're an admin you might find yourself here wondering these very same questions. If you don't find the answer to your administrative questions here, consult the Slack help center for more user and admin-facing content.
The new custom workflow steps and workflows introduced to the Slack platform cannot be completely disabled. Instead, you can manage their installation via the app approvals feature.
From the published workflow dashboard, you can view a list of workflows in your workspace or Enterprise Grid organization.
For the most up-to-date information about pricing, click here:
Existing Slack apps will continue working as expected. Some older apps might produce activity in Slack you can build custom workflow steps and workflows around. That said, automations are meant to co-exist with the rest of our platform and your existing integrations and customizations.
The slack deploy command performs two operations:
slack deploy, the workflows that belong to that app are also “installed” (made available) in that workspace. Currently, there is no way for a coded workflow to be "installed" (via the parent app being installed) by anyone other than the developer. However, coded workflows do not have to be deployed alongside a trigger; since triggers don't belong to apps, all deployment and installation happens first and then a trigger is created separately afterward.manifest.ts.Anything else on your mind? Let us know by sending us your feedback!