Learn how to create a Slack app that uses granular permissions.
Use OAuth 2.0 to provide an installation flow that allows your apps to be added to any workspace, and distributed in the Slack Marketplace.
Tokens are the keys to the Slack platform. Read about the different token types, and what each is best for.
Use scopes to request permission from installers and users for access to data and functionality in apps.
Provide an extra layer of security for your access tokens by expiring and regenerating them frequently, programmatically.
Slack signs its requests using a secret that's unique to your app. With the help of signing secrets, your app can more confidently verify whether requests from us are authentic.
How to care for your tokens, secrets, webhook URLs, and data.
Our OAuth-based sign-in flow uses the OpenID Connect protocol to let users sign into your service using Slack.
Differences between classic apps and those with granular permissions.
Everything you need to know to migrate your classic app to use the new granular permissions model.