Published: September, 2017
Updated: January 14, 2020 (By Jason Wong)
This step-by-step guide will walk you through setting up a Slack App and then introduce you to the Slack OAuth authentication flow using Postman. This is also a good way to get a token if you only want to get a token once or you are requesting Grid-level scopes like
auditlogs:read. If you have a Slack App and need a bot token using our v2 of OAuth 2.0 (that's a mouthful) then you can also use this guide but some things will be a tiny bit different, these will be denoted with the robot emoji 🤖.
Create a Slack App by navigating directly to the Create App page. Fill out all the required fields.
On the Basic Information page, scroll down and note the Client ID and Client Secret. For this tutorial, we will copy this information into Postman.
On the left navigation, click OAuth & Permissions. Here, add the following URL to your list of Redirect URLs:
If you are looking specifically to get a Grid-level scope, like
auditlogs:read, you will need to also make your app publicly distributed. More on this here.
Now that we have a Slack App to authorize against, we will setup an OAuth 2.0 client. In Postman's Authorization menu, select OAuth 2.0 for the type.
⚠️ Note: You may need to remove Cookies if you already have a session saved in Postman. ⚠️
Once OAuth 2.0 is selected as the type, click the Get New Access Token button to open the OAuth configuration modal.
Here we will setup the OAuth client. We'll pull information from multiple sources to complete this form:
Send client credentials in the body
🤖 For bot tokens, the following parameters will use v2:
If you set everything up correctly and pressed Request Token, you should see a familiar Slack authorization window. Select the team you would like to authorize and validate your scopes match what's presented.
Slack will return Postman a payload that is saved for future use. You can inspect the payload and find the details of that authorization.