Create a Slack app and authenticate with Postman

By John Agan & Jason Wong

Published: September, 2017
Updated: November 26, 2019 (By Jason Wong)

Introduction

This step-by-step guide will walk you through setting up a Slack App and then introduce you to Slack's OAuth authentication flow using Postman. This is also a good way to get a token if you only want to get a token once or you are requesting Grid-level scopes like admin or auditlogs:read.

Prerequisites

Steps

1. Create a Slack App

Create a Slack App by navigating directly to the Create App page. Fill out all the required fields.

Creating your app

2. Get Client ID and Secret for later

On the Basic Information page, scroll down and note the Client ID and Client Secret. For this tutorial, we will copy this information into Postman.

3. Add the Postman OAuth Callback URL to your Redirect URLs.

On the left navigation, click OAuth & Permissions. Here, add the following URL to your list of Redirect URLs: https://www.getpostman.com/oauth2/callback.

Redirect URLs

4. Navigate to Postman's Authorization Menu

Now that we have a Slack App to authorize against, we will setup an OAuth 2.0 client. In Postman's Authorization menu, select OAuth 2.0 for the type.

Postman configuration

Note: You may need to remove Cookies if you already have a session saved in Postman.

Postman Cookies

5. Click the Get New Access Token Button

Once OAuth 2.0 is selected as the type, click the Get New Access Token button to open the OAuth configuration modal.

Get that access token

6. Configure the OAuth settings

Here we will setup the OAuth client. We'll pull information from multiple sources to complete this form:

  • Callback URL https://www.getpostman.com/oauth2/callback
  • Auth URL: https://slack.com/oauth/authorize
  • Access Token URL: https://slack.com/api/oauth.access
  • Client ID: Copy the Client ID value from Slack's OAuth Information page
  • Client Secret: Copy the Client Secret value from Slack's OAuth Information page
  • Scope: A space-separated list of OAuth scopes. A complete list of scopes are here.
  • Client Authentication: Send client credentials in the body

Scopes

7. Press the Request Token button

If you set everything up correctly and pressed Request Token, you should see a familiar Slack authorization window. Select the team you would like to authorize and validate your scopes match what's presented.

Authorization

Success 🎉

Slack will return Postman a payload that is saved for future use. You can inspect the payload and find the details of that authorization.