Skip to main content
This guide shows you how to register your own app with Slack to obtain your OAuth credentials (client id & secret). These are required to let your users grant your app access to their Slack workspace.
1

Create a developer account

Go to Slack Developer Program signup page and click Join the Program.
2

Create & configure a Slack app

  1. Click on the Your Apps button then Create New App.
  2. Choose how you’d like to configure your app’s scopes and settings. You can use a manifest file or start from scratch; for a simpler flow, select From scratch.
  3. Add your App name and select a workspace to develop your app in, then click Create App.
  4. In the Basic Information tab, copy your app’s Client ID and Client Secret, as you’ll need them when configuring your integration in Nango.
3

Set up the OAuth scopes

  1. In the left sidebar, select the OAuth & Permissions tab and configure the following Redirect URL: https://api.nango.dev/oauth/callback.
  2. Still in the OAuth & Permissions tab, under Scopes, add the scopes that are relevant to how you want to consume Slack’s API. There are 2 types of scopes, Bot Token Scopes and User Token Scopes.
  • Bot tokens represent a bot associated with an app installed in a workspace. They govern what your app can access. They will be added to Nango when creating a Slack integration.
  • User token Scopes access user data and act on behalf of users that authorize them. They will be added to Nango when creating a Slack connection.
4

Create a Slack Developer Sandbox (Optional)

If you don’t have a Slack Developer Sandbox already, head over to Slack’s Developer Program dashboard and provision one to test your integration.
5

Next

Follow the Quickstart.

Bot Token vs User Token

Slack issues two separate access tokens during OAuth:
  • Bot Token (starts with xoxb-): Used for actions performed by your app’s bot
  • User Token (starts with xoxp-): Used for actions performed on behalf of the authorizing user
Important: By default, Nango uses the bot token as the primary access token. This means when you make API calls through Nango’s proxy, it will use the bot token by default.

When You Need the User Token

Some Slack API endpoints require user-scoped permissions and will only accept user tokens (e.g., certain user profile operations). If you try to call these endpoints with the bot token, Slack will reject the request.

How to Use the User Token

  1. Fetch the raw connection to get the user token:
import { Nango } from '@nangohq/node';

const nango = new Nango({ secretKey: '<NANGO-SECRET-KEY>' });

// Fetch the connection with raw credentials
const connection = await nango.getConnection(
  '<INTEGRATION-ID>',
  '<CONNECTION-ID>'
);

// The user token is in the raw response
const userToken = connection.credentials.raw.authed_user?.access_token;
  1. Override the authorization header when making proxy calls:
// Use the user token by overriding the auth header
const response = await nango.get({
  endpoint: '/users.profile.get',
  providerConfigKey: '<INTEGRATION-ID>',
  connectionId: '<CONNECTION-ID>',
  headers: {
    'nango-proxy-authorization': `Bearer ${userToken}`
  }
});

When Creating Connections in Nango

If you need user tokens for your integration, you can specify user scopes when creating a connect session: 
const { data } = await nango.createConnectSession({
  end_user_id: '<END-USER-ID>',
  integrations_config_defaults: {
    "slack": {
      user_scopes: "users.profile:read, chat:write"
    }
  }
});
For more details on Slack’s OAuth implementation, see Slack’s OAuth documentation.