Updates to the Slack platform
We improve the Slack platform every day by releasing new features, squashing bugs, and delivering fresh documentation. This changelog is an account of what's happened.
Use the slash command:
/feed subscribe https://api.slack.com/changelog.rss to receive these updates in a Slack channel of your choosing.
Several new tools for app developers are now available as part of our Slack platform open beta. Developers can ship higher-quality apps and workflows quickly with a streamlined development lifecycle, including secure hosting and data storage in Slack.
We're cleaning up some lingering behavior in our legacy Real Time Messaging API. In message events streamed over the RTM API, channel and usergroup mentions will no longer include entity names. Still need entity names? Access them using Web API methods such as
usergroups.list. Alternatively, consider using the Events API, which also supports WebSockets, to receive
To better accommodate customers at Dreamforce next week, we've moved
rtm.start's final retirement date to September 27th, 2022. Learn more about the future of
rtm.start and how it may impact your app.
Several new tools for app developers are now available as part of our Slack platform open beta. Developers can ship higher-quality apps and workflows quickly with a streamlined development lifecycle, including secure hosting and data storage in Slack.
Keep track of who gets added to DM conversations. You can now monitor the
dm_user_added audit event with the Audit Logs API.
On September 13th, 2022, we will provide a preview of the
rtm.start future behavior. If you still use
rtm.start to connect to Slack, learn more about when this preview will be happening in your time zone and how it may impact your app.
Slack is used by public sector teams and their partners for being faster, better organized, and more secure than email. If you're a government agency, contractor, or just intrigued by how Slack supports government communication, our GovSlack documentation is the place to be!
Messages are how people communicate in Slack, message metadata is how apps communicate with apps! Read on to learn about how to spark more automation with your app throughout Slack.
Mentioning a private channel in a slash command when your app manifest flag
false now correctly formats the channel identifier. Previously, the API would return HTML entities (
>) that had to be manually converted into their character counterparts.
As previously announced, apps & integrations created after today, November 30, 2021, must use
rtm.connect instead of the deprecated
rtm.start when connecting to the RTM API. Learn more about this and what's next for existing users of
The default Slack Connect invitation type when using
conversations.inviteShared has changed. Invites are now sent to limit the recipient's actions to only sending messages. The new
external_limited argument can be used to control which invitation type is sent.
Slack Developer Tools now offers the Platform Guide, an interactive and introductory education experience for developers interested in learning the basics of building a Slack app within a Slack app.
link_shared event is changing, bringing unfurls—allowing users to see what's in a link—into the message composer. Read more on magic unfurls for uninstalled apps in the message composer.
In the app approval APIs, you may now distinguish the apps built within your organization from those developed externally—or by Slack—with the
Refresh your access tokens regularly with token rotation, available for opt-in now.
You can now manage Slack Connect directly for your organization using an app. Read up on the Slack Connect APIs.
We gave this dusty place a new coat of paint. Enjoy our updates to api.slack.com to help you navigate, discover, and absorb content more easily. Almost everything should be where you’d expect it.
Apps may now broadcast messages to users via direct message without handling unnecessary or unsupported conversation and slash commands. Starting March 29, 2021, this feature will be default for all newly-created Slack apps. Get started by visiting the App Home tab of your existing Slack apps.
Newly created private channel IDs now always begin with the letter
C, just like public channel IDs already do. The Conversations API will tell you whether a conversation is private or not with the
is_private boolean field.
Legacy workspace apps, deprecated since October 2018, will retire on August 24, 2021. Learn if and how this may impact your apps.
Three deprecations take effect today, February 24. First, new apps may no longer pass tokens as query parameters. Second, Conversations API methods are now required over their typed counterparts:
mpim.*. Third, event payloads no longer contain full lists of
authed_teams—instead, use a new method to learn the full list of authorizations an event is visible to. We know keeping up with best practices for Slack apps is a lot to handle—thank you for allowing us to make the platform better. Keep reading.
If your app makes use of user emails, be on the lookout for relay email addresses. When users sign into Slack via Apple, their emails may appear as anonymized relay addresses. Relatedly, Sign in with Slack won't work with these users.
Now you can decorate your ephemeral messages requesting authorization with Block Kit using
chat.unfurl. Learn more about our continued improvements to message unfurling.
The admin.analytics.getFile method returns compressed JSON files with workspace member analytics for the day of your choice—now available for Enterprise.
App modals can now be 'popped out' by users, giving them their own resizable, movable window. No app changes are needed, we just wanted to pop in with an update.
Block Kit checkboxes and radio buttons are now available to use in messages. Quickly and conversationally collect information from users by including them inline.
On September 15, 2020, you'll no longer need to worry about different global and local IDs for Enterprise users. Users will have a single, global ID across an Enterprise org, which may begin with either
W. Read more.
Get a handle on creating channels, setting preferences, and connecting new workspaces—all with a single app. Use the APIs for channel management, available to Enterprise Grid organizations.
Users may now mute and unmute their conversations with apps like they can with other channel types. When a user mutes a conversation with your app, the messages you send are still delivered and a colorful badge will continue to surface in their channel list. However, users will not receive a direct operating system or browser notification on delivery.
Slash command invocations will now include an
api_app_id parameter with your Slack app's ID. This parameter will better assist you in handling commands from multiple applications or environments.
Expand Workflow Builder's capabilities by creating reusable, custom steps that any builder can add to their workflows. Workflow steps from apps is now in open beta. What’s your app’s next step?
Previously, when a user mentioned an app that wasn't party to the conversation, the user could
Invite the app to the conversation,
Let Them Know, or
Do Nothing. The
Let Them Know button didn't work. We've fixed that mistake by removing the button, and updated our documentation on the
app_mention event as well.
Mark messages unread for users with
conversations.mark. Bespoke clients and personal utilities should use this method sparingly.
The URL where users manage existing installations of Slack apps is changing to
https://app.slack.com/apps-manage/. You might not even notice the difference, but we’re letting you know just in case.
You can now present your app's pricing information in your listing in the App Directory.
With Slack Connect, channels connect multiple workspaces and organizations with ease. Here's an overview of how to develop apps for channels between organizations.
Maintain a membership allowlist for private channels using
admin.conversations.restrictAccess.listGroups methods, now available for Enterprise organizations. Update: These methods were renamed but the old names will continue to work. Black lives matter.
We recently updated Block Kit Builder with additional preview options and more convenient ways to copy, paste, and dispatch payloads. There's more beauty to it too.
The deadline for all Slack apps to use the Conversations API—instead of its antecedents—has moved from November 2020 to February 24th, 2021. Newly created Slack apps won't be able to use
groups.* methods beginning June 10th, 2020. Warnings will soon be included as part of deprecated responses. Learn more.
Starting July 1st, 2020, rate limits will apply to all SCIM methods. Please make sure any apps using the SCIM APIs remain within these limits and humbly handle HTTP 429 responses.
Previously, OAuth Redirect URLs could contain anchors (
#). We've fixed that mistake, and anchors are no longer allowed.
Visually highlight destructive actions by using the new
style parameter in confirmation objects.
Give app installers good reason to trust your app: submit security and compliance information to the App Directory today.
Tune out the noise—you can now use filters with conversation lists in select and multi-select menus. Learn more and start filtering.
The IDs returned by our APIs have grown longer. They are now up to 11 characters long, and could grow longer in future. Please audit your Slack apps, and verify any assumptions about the length of IDs for users, channels, and other objects.
We didn't turn off the
replies array field found in threaded parent messages on October 18th, 2019 like we said we would. The new date is March 31st, 2020. Please use the
latest_reply fields instead.
New guidelines for App Directory submissions have arrived to help ready your app for the world.
The creation of legacy test tokens is now deprecated and will permanently retire on May 5th, 2020. Learn more about using Slack apps to build firmly scoped integrations.
Starting February 18, 2020, unexpected results using the SCIM API when rapidly updating data on the same user or group will become a thing of the past.
It's a win for webhooks: you can skip the small stuff and trigger a workflow with a web request.
We didn't set out to produce almost 700 pages of documentation but you can search it all now on api.slack.com/search.
New Slack apps may now be submitted to the App Directory. Check out our guide to migrating your existing app to use new, granular permissions.
Help users make informed decisions when considering your app by listing the languages it's fluent in and any pricing model that applies to it. You can provide this info as part of the Slack app directory submission process.
Slack has but one REST API, the SCIM API, and it's now fully standards-compliant with SCIM 1.1 when using the HTTP PATCH method to update user records.
Craft a workspace faster than a cup of coffee and fill it with users, admins, and owners. Check out the APIs for creating workspaces and managing users, now available for Enterprise Grid organizations.
New Slack apps can act independently of a user token. Build a bot user powered by only the specific permissions it needs. Check out our open beta for newly created Slack apps.
This autumn or soon thereafter, users will begin editing messages using a WYSIWYG (what you see is what you get) interface. When they do, their posted messages will appear slightly different throughout our APIs. Learn more.
On March 4, 2020, we'll require all apps, custom integrations, bots, and users communicating with Slack to use TLS version
1.2 or higher. There will be a 24 hour test deprecation on February 19th, 2020. Read more details on why and how to upgrade.
Channel names have grown up: instead of a maximum length of 21 characters, channel names may now feature a full 80 character label.
As announced on March 25, the
dnd.teamInfo method now requires the
users parameter. An explicit list of
users helps you, and us, avoid slow API calls.
Parent messages in a thread will no longer explicitly list their replies. Instead of a large
replies array containing threaded message replies, we'll provide a lighter-weight list of
reply_users, plus a
reply_users_count and the
latest_reply message. These new fields are already available. We'll remove the
replies array on
October 18, 2019 March 31st, 2020. Read up on threaded messages here.
Retrieve all active incidents, rather than just the most recent one, using version 2.0.0 of the Slack Status API. Read more.
users argument is required beginning June 3, 2019. Future-proof your app by explicitly listing which
users you wish to see Do Not Disturb settings for.
Harness a hint of time travel for your app. Schedule messages for delivery at the time of your choosing.
We're starting to enforce (more firmly) the 5GB file upload limit for workspaces on a Free plan. Some API endpoints will yield tombstoned files with the content redacted. Read more.
We're loosening up limits on dialogs. You can use five extra elements (ten total) and lovingly label them with longer lengths of letters.
When your exacting maths require the precise number of members party to a particular conversation, use the new
include_num_members parameter with
Apps endure, even when their installing user leaves the team—as long as the app doesn't perform actions on behalf of the installing user. Read up on the new behavior, which rolls out to free, paid, and Enterprise Grid teams over the next week.
Conversation objects associated with shared channels now feature a
conversation_host_id field, indicating the workspace or enterprise grid organization that "hosts" the shared channel.
The data structure of messages received from our APIs will change with the launch of Block Kit early next year. In return you'll be able to add newer, clearer visual components to make your app's messages magnificent. Even if you aren't using it, your apps may be affected by the additions. Learn more.
Apps may now restrict Web API requests to as many as 10 IP address ranges. Learn more about IP whitelisting for internal integrations.
The developer preview for workspace apps has ended. We're taking the components of workspace apps and breaking them apart: applying them in phases to existing as well as new apps. Read more about the motivation behind ending the preview.
Whatever flavor of workspace token you're using, you can now expect the same
invalid_auth error code when the token is invalid. You'll receive this error whether the token is expired, revoked, or just plain wrong. Use our OAuth 2.0-based token refresh system to refresh expired tokens safely.
Workspace apps may now continuously rotate shorter-lived tokens without downtime. Our OAuth 2.0-based token refresh system is strongly recommended for all workspace apps. Expiring and rotating tokens is required for all distributed workspace apps. Already manage a distributed workspace app?
Please implement token rotation by January 15, 2019. Learn more.
Clear clever custom statuses like clockwork. Learn how apps can add expiration dates when setting custom statuses for people.
We're postponing planned changes around scope requirements for app and bot access to email addresses. The new date is in autumn, on October 16th, 2018. If you haven't already prepared, read on.
"40k ought to be enough characters for any message." - Slack Platform Gatekeepers. Messages are now limited to 40,000 characters. Learn more about these planned changes.
If your workspace app posts ghostly messages with
chat.postEphemeral, you may have noticed a
no_permission error thrown instead of
channel_not_found when your app isn't a member of the target conversation. Turns out we actually could find the channel after all.
With Slack Developer Tools you can now quickly look up documentation, investigate the structure of messages, and more, all inside of Slack.
HTTP requests originating from Slack now support Mutual TLS. Use Mutual TLS to attain the highest level of confidence that requests from Slack are, in fact, authentic. Read more.
Get ready to lend users a hand and start working on their behalf. Now workspace apps can ask for permission to read & write personalized settings like reminders, custom status, and profile data. Learn more about working for users.
Confidently verify a request originates from Slack by validating our new request signatures. The signing process replaces the use of verification tokens, now deprecated. Learn more.
Learn when private channels are deleted with the new
group_deleted event, now available for the Events and RTM APIs.
Apps participating in our developer preview using the Events API will need to subscribe to
message.app_home events for a focused feed of messages between your app and the people who interface with them through the app home. These messages aren't delivered to
message.im subscriptions now. Learn more.
File threads, a replacement for file comments, is on the way! Learn about the changes ahead, some of them may break apps relying on file comments behavior and some apps may need to request additional scopes when working with files.
Measure drop off and send helpful follow ups when users cancel dialogs with these opt-in cancellation notifications.
We're still tidying up the character limits on the
text field of posted messages and gradually lowering its maximum. On April 25th, we began truncating messages greater than 500,000 characters. As of July 12, the maximum is 100,000. We'll begin truncating messages greater than 40,000 characters in August 2018. Learn more.
Working with workspace token-based apps as part of our preview? Please start using
oauth.access instead of
oauth.token during installation. Read on to learn why and about new features.
Some bots are users too. Now you can find a bot user's
Rediscover the conversations you're party to with
We corrected and clarified the behavior of
users.profile.set to only allow admins of paid teams to update email address profile fields.
We added a
type field to the requests dispatched to your Options Load URL, used in message menus and— well, it doesn't work anywhere else yet but we'll have a dialog about that one day...
Web API methods will be enhanced with tiered rate limiting beginning March 7, 2018, with most methods gaining greater limits than ever before. Learn more about this week's incremental rollout of rate limit tiers.
Now you can follow up after users submit your dialogs. Use the new
response_url attached to any
dialog_submission to send messages after submission.
Now users can respond to dialog textarea elements with up to 3,000 riveting, carefully-chosen characters.
users.setActive method was recently rendered irrelevant by our efforts to modernize our message servers. Use
users.setPresence and/or connect via RTM to proclaim a user's presence instead. We'll remove this no-op method entirely on May 8, 2018.
Having trouble connecting to the RTM API lately? WebSocket URIs may contain querystring parameters & some libraries don't like that. Find out more.
Active listening made easier: Subscribe to
app_mention events to exclusively receive messages mentioning your app or bot.
Turn your links into buttons by adding link buttons to your messages.
chat.getPermalink to easily exchange a message
ts for a permalink URL.
Why couldn't bot users use
bots.info? We don't know but now they can too.
Help people get back to work by deep linking to your Slack app or directly to a channel.
We broadened support for presenting your tokens as a "bearer token" in
Authorization HTTP headers with the Web API. Learn more.
Scheduled changes and feature retirements to the Slack platform are now easier to find in our forward-looking calendar of upcoming changes.
Ask users for more structured form-based information with Dialogs.
Now you can customize your app's experience by the locale and language preferred by users, channels, and other conversational constructs. Start practicing your Klingon. 🖖 Learn how.
Shared Channels let Slack apps collaborate with users across different organizations.
The Conversations API is a collection of more than 15 Web API methods normalizing the way apps deal with channels, direct messages, and more. Never rely on the first character of a channel ID again.
The role of
@username is changing on the platform but we're making the transition as backwards-compatible as possible. Read on for important updates.
We are clarifying two terms encountered throughout Slack, "team" (the people you talk to in Slack) and "workspace" (the place you do work). You'll find many team references updated to workspace across Slack and API documentation. With artifacts like the
team object, field, and parameters scattered through the platform, you'll often still encounter
team while reading and programming.
No longer the sole domain of slash commands and interactive messages, now apps can emit their own ghostly ephemeral messages with
With so many token types decorating our platform, this guide to token types has become a necessity.
Now we allow you to learn more about OAuth permission scopes and methods, events, and token types each supports with this helpful OAuth scope library.
Shuttle Slack app installers to the installation flow more swiftly from the app directory with a Direct Install URL.
Buried somewhere in this RTM announcement, we told you about the
latest field departing from channel objects returned in the long
rtm.start preamble. Those fields are gone. Turns out we also removed
unread_count too. If you're suffering from a sense of loss over these unread count fields, please drop us a line. You can still find them in
Your app has a home in Slack. Read all about it!
Teams now have the option to limit Slack app installation only to apps listed in the Slack app directory.
Get an event when more members join your User Group or when — uh-oh, it loses members with
We've compiled a collection of Best Practices around building fantastic Slack app user experiences. Your users will be stoked!
We've corrected a long-standing bug where user or
@channel-type mentions in back-tick fenced code blocks would trigger notifications. They won't now.
We've made very minor improvements to our OAuth-based installation process. You may notice a shifted pixel here and there but no app-facing functionality has changed.
Just like subscribing to your app's own newsletter: App Events tell the story of your app's lifecycle. Learn when your app is uninstalled with
app_uninstalled, or when user and bot tokens are revoked with
tokens_revoked. Pause and resume activity when teams migrate to Enterprise Grid with
We undocumented the mysterious
user_id_mapping_old_to_new field described in the Enterprise Grid documentation. It doesn't actually exist and never has, oops!
channels.list API method has a new parameter:
exclude_members. Some teams are so big and some channels have so many members that listing them all in a single API response along with every other channel is just outright impractical. Cull unneeded data easily accessed with
channels.info by excluding
We'd like you to stop using
rtm.start and start using
rtm.connect boots quickly and works well with the most gigantic teams and enterprises of the galaxy.
It's spring cleaning time for email. We're winding down the grandfathering introduced for apps using
users:read created before January 4th, 2017. After
August 1st, 2017 your apps must request
users:read.email to gain that access. See this post for more detail. This retirement has been delayed with no date yet rescheduled.
We're introducing new, multimedia ways for bots and apps to express themselves in the app directory. Follow our new guidelines to make a great impression with potential installers.
Beginning March 9, 2017, events transmitted via the Events API will include
event_id is globally unique across all teams while the
event_time is when the event dispatched, in integer-based epoch time. Use these fields as you like, but there's nothing you need to do to prepare for this eventuality.
Minor field changes coming to
channels.history file messages and
skype user profile fields. Read all about it.
We've added a new OAuth permission scope called
users:read.email. Apps created after January 4th, 2017 will need to request this additional scope to gain access to team member
users.info. Existing Slack apps with
users:read are automatically grandfathered to include these fields. Here's even more detail on that.
Our developer relations team has renewed Slack's adoption of key open source tooling: Slack Developer Kits. Discover our Python & node.js SDKs in their new home on our community index.
We will soon add an additional
response_metadata node to our JSON responses; we'll put warnings there first and other useful stuff later. More details are available.
We've dramatically improved the process of submitting a Slack App for inclusion in our Slack App Directory. You'll find a helpful, interactive checklist when first submitting your app. When you're ready to iterate further, you can simply create a secondary beta application. If a core piece of your app's functionality changes (like requesting new OAuth permission scopes), we'll happily review your app again. Read all about it on the platform blog.
Ever needed to send a user to Slack directly from your app? Here's how to deep link and make native Slack clients part of your app's workflow: Open key teams, channels, and conversations. Or, defer to search results using the slack:// URI scheme.
The character length of token strings is getting longer. Find out how long they'll get and how to future-proof yourself for changes in the future.
Introducing the Events API, a new way for Slack apps to receive event types previously available only to the real time messaging API. Subscribe to the events your app needs and have them delivered right to your server as they happen. Build a bot or event-driven app without worrying about websockets, and scale it like a web app. Read more about the Events API in our blog post, Subscribe to the Events API.
Until now, it's been easy to accidentally send messages flush with hundreds of message attachments. We've begun limiting the number of message attachments per message to 100. For approaches like
chat.postMessage, incoming webhooks, and
response_urls you will receive a
too_many_attachments error. Unfortunately, we are unable to serve you an error when sending messages as part of a slash command or message buttons invocation response.
We've corrected a bug where incoming webhooks could post messages in "#general" even 1) if that channel restricts posts and 2) the user owning the webhook was not allowed to post there. This new behavior will only prevent recently created webhooks from posting to restricted "#general" channels, so if your old webhooks are relying on this quirk, they'll be fine for now.
Now your applications can read and write defined team profile fields for individual team members. The
users.profile:write scope allows you to edit fields with
users.profile:read scope empowers you to discover available fields with
team.profile.get and retrieve user profiles with
Slack apps can now add action-invoking interactive buttons to messages, allowing you to simplify workflows and encourage users to take decisive action from within Slack.
For better readability, syntax highlighting has been added to code blocks throughout our documentation.
We've corrected the behavior of
stars.list so that it only returns stars belonging to the owner of the presented token. The
user parameter may still be used if the provided user ID belongs to the user utilizing the token.
Team administrators may now use tokens with the
admin scope to request information about the billable status of team members using the team.billableInfo API method.
Additional real time messaging API events will begin including the
event_ts timestamp field later this June. Find out what to expect.
Now you can put down a footer on your message attachments. Use the
ts fields to tie content across time and space.
Recently introduced bugs in our iOS & Android apps cause message attachment fields marked as "short" to wrongly render long anyway. Our fixes may take a couple weeks to reach each platform.
For those who don't know why they should build on Slack: https://slack.com/developers
Manage your Slack apps joyously with our updated app edit pages.
As previously announced, we've added a
bot_id field to relevant API responses. Let us know if you run into any issues.
Need ideas for building on Slack? Try the Ideaboard.
Another way to keep up with the Slack Platform: Install the API News App to receive occasional, important notifications about the platform.
Your bot users author their own messages, now they can edit them too. Bot user tokens may now use
chat.update, like humans do.
One day soon our Web API will warn you when something is only slightly wrong with your requests. Read all about API warnings.
Be welcoming. Be kind. Look out for each other. This is the Code of Conduct for the Slack Developer community.
Home in on hosting for your app or integration with this collection of hosting providers.
Craft your fancy messages in real time with the new Message Builder!
We finally updated the slackhq/slack-api-docs repository, reflecting recently introduced and quite ancient documentation updates and new features.
Published this changelog you're reading right now. So that you can know about all this stuff. Tell your friends.
Quickly find the right tools for your project with our new listing of often-used open source libraries.
Need help? We have some tips for you.
api.slack.com's sidebar is now better organized by topic.
url_download are no longer part of file objects
Enjoy our evolving collection of Frequently Asked Questions (and answers!)
Responses to Incoming Webhook requests now include
Make sure you're ready before submitting your Slack App for review by following this Slack App Checklist.
Incoming Webhooks documentation updated to better bait best practices and discourage fishy formatting behavior.
Don't press snooze until you've dreamed about our new Do Not Disturb Web API methods.
We launched the Slack Application Directory, where teams can discover apps like yours.
We announced the Slack Fund to "give developers the backing they need to build everything possible in Slack."
The api.slack.com home page is fancier.
Enjoy major updates to the Slash Commands documentation, expanding on topics like... delayed responses.
Announced important changes to the Files methods of the Web API.
Added authorization support for thumbnail URLs appearing in File objects.
More granular OAuth scopes are here! Now your apps can ask for the exact level of access you need.