How to quickly get and use a Slack API token

Beginner

If you just want to get started with a token that'll work with the most commonly-used Slack APIs, this tutorial will help you find the fastest route there. Your app will be ready to send messages, browse data about a workspace, and if you want—connect with Socket Mode to receive real time events and enable an end-to-end interactive experience.

If you want. You can use this token for your own atomic purposes. But please, keep it safe!

To get started, you'll need to create a Slack app. It'll be a container for your credentials and where to put all the vital information about what your app is or does. You can't get a token without one.

Use the Create app button below and be on your way to creating an app that's already set up for everything this tutorial covers, and more.

When you're done following the prompts to create and then install your application, follow the banner to return to this tutorial and learn how to use it.

Features you’ll use

Scopes you'll request

Tokens created by this manifest sure are potent! If you've been using Slack for a long time, this is more or less the equivalent of a classic legacy tester token, but operating as a bot instead of a user.

Create a pre-configured app

Quickly create an app with the correct configuration of scopes and features for this tutorial by clicking below.

Step 1Using your token

After completing the steps above and returning this tutorial, we'll start using the token you created.

  • Explore your workspace with the method tester

    Whether you're following along or you've brought your own token, from here we can use our bot token to perform some actions around a Slack workspace on our application's behalf.

    If you followed the steps above to create your token and returned here from the process, it'll be populated below:

    xoxb-not-a-real-token-this-will-not-work

    If that's not your bot token and looks more like a placeholder, than either you're bringing your own token or you should still go through the process above to create your app and return back to this tutorial.


    We'll start by showing you around the Web API's method tester. This tester allows you to test any public Web API method with a token and evaluate the response. It doesn't display everything you might see in a HTTP request like the tool Curl would, but it can give you a brief idea of how to use a method and for many, allow you to use the API without ever having to program.

    Listing public channels in a workspace

    This is our API tester. You can use it below or just browse to the tester for conversations.list directly. conversations.list is our API method for listing conversations, an object type we use to describe public channels, private channels, direct messages, and multi-party direct messages.

    Using your token, adjust the API tester to call conversations.list with the limit parameter set to 20 and the types field set to public_channel. This will give us details about up to 20 public channels.

    Test conversations.list

    Arguments
    Need a token? Create and install a Slack app to begin.
    This will make a real API request. Beware of using it with live workspaces.
    Response


    Submit your arguments to see the API response
  • Working with the API manually

    When working with the API manually like this, you'll frequently come across something you either want to "dig into" more or perhaps manipulate. Most objects in Slack have unique identifiers worth noting, like a channel's id (or sometimes channel_id). For a public channel or any conversation, the ID is more important when using the API than the channel's name, which can change at any time. Most methods related to conversations want the ID.

    Pick a channel from the response above and feed it to the conversations.members method tester. We're going to browse the users that are party to our conversation.

    The information returned by conversations.members is basic—it just lists paginated user IDs. Want to find out more information about one of these users? In the response JSON you receive in the tester above, take note of one of the user ID strings listed under the members array.

    Have your ID ready? Now plug it into the users.info method tester, an API method that yields quite a bit of data about each user in a workspace.

  • Mentioning users with chat.postMessage

    Mentioning users

    When posting messages with chat.postMessage and mentioning a user, you'll need the user's ID to address them. Our message markup syntax is special for mentioning users.

    If our app's user ID were U123456 and I were composing the text field of chat.postMessage, I would mention myself with:

    <@U123456> Hello to myself!
    

    Using the API tester on your own, perform the following tasks:

    1. Use auth.test with your token and examine the response for a user_id. This is your app's user ID.
    2. Create a channel using conversations.create or take note of a channel ID you already want to use on your workspace.
    3. Use conversations.join to join the channel you used above
    4. Post a message mentioning yourself in the channel with chat.postMessage with the format described above and the user ID and channel ID from steps 1 and 2.

    Can't find the API tester for these methods? Here are some links:

  • Where to go from here

    We hope this is enough to get you started exploring the APIs without having to code anything. There's quite a lot you can accomplish with our Web API methods. Most tasks will require you to list things, get deeper information about things, and then apply some kind of change to a specific thing.

    It's important you keep your tokens and notes secure, especially because for the purposes of this tutorial we created a very potent token.

    Reducing OAuth permission scopes

    There is no way to reduce the privileges you've given a token once it's been issued. However, if you revoke the tokens you create and then re-negotiate them with a reduced set of scopes, you can create tokens with fewer permissions.

    To revoke your token, use auth.revoke (use Control- or Command-Click to open the method tester tool in a new tab).


    What would you do with a token that could only post messages to public channels? Learn in our next tutorial, Posting messages with curl.

Step complete!

Was this page helpful?