A Guide to Quickly Understand the Slack API
A quick look at the fantastic API for building on top of one of the most popular remote tools in the world
It is no secret that remote work tools are exploding in popularity as more and more people are required from home, and Slack is no exception. Slack’s stock is at its highest in about the last 10 months.
So, as its usage is growing as working from home becomes the new normal, why not use your developer skills to create a fun game, useful add-on, or whatever your heart desires inside this work-place behemoth?
I’ve put together what I think to be the most essential information, so you can start building your own slack app.
The Basics of Creating a Slack App
To create your very own slack app, you’ll only need two things:
- A name
- A workspace to begin testing it out (I recommend you find a workspace with just yourself in it, or where others won’t mind, because trust me, weird things can happen when testing your slack app; it can disturb annoy other people in the workspace)
After creating your slack app, you’ll be greeted with lots of new information. Most importantly, you’ll have your slack app’s ID and app’s secret which is essential when accessing Slack’s API.
But, to begin building, you’re going to want to look under “Add features and functionality.” Here you’ll find the 6 building blocks of a slack app. You likely won’t need to use all of them, but let me go over the ones I think are essential.
Slash Commands & Bots
If you want to get up and running quickly, slash commands are far easier for development. They’re very easy to add to your slack app, but they’re very open-ended.
- Command: should be one word, and easy to remember
- Request URL: Slack will send all the text after the
/commandto this web address, and you can do what you would like with the information
The trickiest part of Slash commands is you don’t know exactly what they’re going to type after the
/command. It’s important to try to help the user as much as possible through the short description and usage hint.
Bots are the other main type of Slack app that you can create. Bots are harder to make because they’re used more in conversation rather than through a command; here is far less rigidity with bots than slash commands.
Incoming Webhooks & Outgoing Webhooks
Outgoing webhooks are straightforward; Slack’s servers send data out to you. All you’ll need is a specific URL where Slack can send all this data. Make a POST endpoint, and wait to receive incoming requests from Slack!
Incoming webhooks are a little more tricky, but still very commonly used for a slack app. For creating and setting up your first incoming webhook, I’ll direct you to Slack’s official page on getting started.
An incoming webhook is what is going to allow you to post (pun intended) some message or data to Slack. When a user authorizes your Slack application, you’ll be granted a unique URL for where you can send your messages.
Here’s the key: this incoming webhook only allows you to post only that user’s channel as your slack app.
Once you’ve been given your beautiful new incoming webhook, which should look like:
Your slack app will be ready to do its job! From this point on, it’s really easy and straightforward, which is nice about Incoming Webhooks. Just format a message, and you’ll be able to send messages with very little work.
Scopes & Permissions
The scopes that you set for your slack integration dictate what information you’ll be able to retrieve from a workspace.
A very common scope is
commands which adds shortcuts or slash commands that people can use, or
post which allows your integration to post a message to a workspace.
As I’m writing this article, Slack currently has 85 different scopes that you can add to your integration.
It is critical that you have the right scopes to make sure your app works properly as you intend, but you also want to optimize for the minimal number of scopes. If your slack app doesn’t need access to my private messages, then don’t request access to them. People like their privacy, so make sure you’re not getting unnecessarily involved in their slack workspace.
Slack has a complete list of all the methods that you’ll be able to use, here. Each method has its own documentation page, that will provide everything you’ll need to start using it.
It can be a little daunting to see it all, so let’s break it down!
This Slack’s extremely popular
chat.postMessage function, which allows your slack app to post messages. The difference between this and incoming webhooks, is that you can post as the user or as your slack app, to any channel or any private message you like. There are other permissions you would need to receive, but it’s possible!
Back to the image, first they give the
URL method, and
content-type, and the
You shouldn’t have to worry about rate limit, unless you’re maliciously making a spam bot, in which case, stop reading — I don’t want to help you!
After that, you’ve got tokens and scopes that you’ll need. Make sure your slack app includes the scopes for each API method you are going to be using.
Continuing down, you’ll find the arguments, some are required, but many are optional.
Slack keeps the required arguments to the bare minimum. Token is the most important thing you’ll need, and the hardest to get, but that’s why I’ll go over the OAuth flow below!
Sometimes, you’ll need to access other API functions to get the information needed. For the channel argument, you could access the
channels.list endpoint to retrieve the user’s channels.
And obviously, if you’re sending a message, you’ll need some text.
It’s helpful to look at all the arguments at your disposal. Some of them can really be a time savers, or just help your slack app to look more sophisticated.
The method documentation page, especially for popular methods, are super detailed, so always make sure to give them a thorough read.
OAuth 2 is a secure flow for authenticating an API for the developer. The Slack API is in an exclusive relationship with OAuth 2, so it’s important that you get to know it well.
If you’re the know-it-all developer, you…already know this. But if you’re like me and don’t know authorization flows off the top of your head, here’s a refresher.
The Scenario: I’m building a groovy website that shows you a list of Slack channels you’re in.
The Flow for Slack
Step 1: I get you to log in with Slack using one of those little pop-up windows!
Step 2: Now by logging in, you’ve given me, the developer, an “Authorization Grant.” An “Authorization Grant” is what I need to go get an Access Token.
Step 3: I go with my fresh “Authorization Grant” and ask Slack for an Access Token (these are kind of like API tokens, but they expire).
Step 4: With my fresh Access Token, I can now go and ask for information from Slack based on the scopes that my slack app has.
There you have it, all my knowledge I can impart about Slack’s API. I hope it proves useful for you, and that you’ll go on to create some amazing Slack apps!
Thank you for reading 😊