OAuth Scopes and Endpoints
Required Scopes and Endpoint Domains for Slack
When integrating with Slack, your application needs specific permissions to interact with the API.These permissions are defined by access scopes, which determine what data your application can access and what actions it can perform.
This topic provides information about the required access scopes and endpoint domains for the Slack driver.
Understanding Scopes
Scopes are a way to limit an application's access to a user's data. They define the specific actions that an application can perform on behalf of the user.
For example, a read-only scope might allow an application to view data, while a full access scope might allow it to modify data.
Required Scopes for Slack
Scope | Description |
channels:read | View basic information about public channels in a workspace. Required for read and write access. |
groups:read | View messages and other content in private channels that your Slack app has been added to. Required for read and write access. |
im:read | View basic information about direct messages that your Slack app has been added to. Required for read and write access. |
mpim:read | View basic information about group direct messages that your Slack app has been added to. Required for read and write access. |
channels:history | View messages and other content in public channels that your Slack app has been added to. Required for read and write access. |
groups:history | View messages and other content in private channels that your Slack app has been added to. Required for read and write access. |
im:history | View messages and other content in direct messages that your Slack app has been added to. Required for read and write access. |
mpim:history | View messages and other content in group direct messages that your Slack app has been added to. Required for read and write access. |
search:read | Search a workspace’s content. Required for read and write access. |
files:read | View files shared in channels and conversations that your Slack app has been added to. Required for read and write access. |
pins:read | View pinned content in channels and conversations that your Slack app has been added to. Required for read and write access. |
usergroups:read | View user groups in a workspace. Required for read and write access. |
reminders:read | View reminders created by your Slack app. Required for read and write access. |
users:read | View people in a workspace. Required for read and write access. |
channels:write | Manage a user’s public channels and create new ones on a user’s behalf. Required for write access. |
groups:write | Manage private channels that your Slack app has been added to and create new ones. Required for write access. |
im:write | Start direct messages with people. Required for write access. |
mpim:write | Start group direct messages with people. Required for write access. |
chat:write:user | Send messages on a user’s behalf. Required for write access. |
chat:write:bot | Send messages as your Slack app. Required for write access. |
files:write:user | Upload, edit, and delete files as your Slack app. Required for write access. |
pins:write | Add and remove pinned messages and files. Required for write access. |
usergroups:write | Create and manage user groups. Required for write access. |
reminders:write | Add, remove, or mark reminders as complete. Required for write access. |
users.profile:write | Edit a user’s profile information and status. Required for write access. |
Understanding Endpoint Domains
Endpoint domains are the specific URLs that the application needs to communicate with in order to authenticate, retrieve records, and perform other essential operations.
Allowlisting these domains ensures that the network traffic between your application and the API is not blocked by firewalls or security settings.
Note: Most users do not need to make any special configurations. Allowlisting is typically only necessary for environments with strict security measures, such as restricted outbound network traffic.
Required Endpoint Domains for Slack
Domain | Always Required | Description |
slack.com | TRUE | The URL of the Slack API. |