.png?fit=max&auto=format&n=gKqTvJPtsRi2bLNx&q=85&s=8abbce3efb590630de2102c43d32aadf)
.png?fit=max&auto=format&n=Dy9YsIECUbR9JZiT&q=85&s=a1f404cd7f7aeb1727c89d81137ae1ac)
https://mcp.slack.com/mcp, but it doesn’t connect with a single OAuth click. It uses confidential OAuth: you register a Slack app, request the scopes its tools need, and supply that app’s Client ID and Client Secret. Slack mints a per-user token from those credentials when each person approves access.
When you connect the Slack MCP URL, MCP Manager’s authentication
detection lands on OAuth with client pre-registration — Slack’s
MCP server is a confidential OAuth client, so it won’t accept a dynamically registered client. You supply your own app’s Client ID and Client Secret
rather than approving with nothing in hand.
This guide is a convenience based on Slack’s setup at the time of writing. Slack’s own MCP server
documentation is authoritative and may be more current. The requirements below — creating a Slack
app, choosing scopes, and publishing or keeping the app internal — come from Slack, not from MCP Manager. If a step here has drifted or a connection
problem is specific to how Slack works, Slack support is the fastest path to an answer.
Before you start
The bulk of the work happens on Slack’s side, in the Slack API portal. Bring the following before you open MCP Manager:- A Slack app you control. Slack’s MCP server only accepts a registered app with a fixed app ID. Create one at api.slack.com/apps, or use an existing one for your workspace.
- A published or internal app. Slack restricts MCP to apps published in the Slack Marketplace or to internal apps built for your own organization. Unlisted apps are rejected — this is the most common blocker.
- The user scopes the tools need. Slack’s MCP tools run on a per-user token, so you request user scopes on the app. Request only what your team will use.
- Your app’s Client ID and Client Secret. Both live under Basic Information → App Credentials in the Slack app settings. You’ll paste them into MCP Manager.
- Admin approval, if required. Workspace and Enterprise Grid admins approve and manage MCP client apps. If you’re not an admin, line one up.
Connect the server
Create or open your Slack app
In the Slack API portal, create a new app (or open an existing one) for the workspace you want MCP Manager to reach. This app’s fixed app ID is what Slack uses to approve, log, and rate-limit the connection.
Request the user scopes your tools need
Under OAuth & Permissions, add user token scopes for the Slack tools your team will use. Common scopes:
Scopes drive exactly which MCP tools work, so omit write scopes for a read-only connection.
| Scope | Grants |
|---|---|
search:read.public | Search public channel messages |
search:read.private | Search private channels you’re in |
channels:history | Read public channel history |
groups:history | Read private channel history |
chat:write | Send messages |
canvases:read | Read Slack canvases |
canvases:write | Create and edit canvases |
users:read | Read member profiles |
Publish the app or keep it internal
Slack only allows MCP for apps in the Slack Marketplace or for internal apps scoped to your own organization. Submit the app to the
Marketplace, or configure it as an internal app, before it can use
mcp.slack.com. Unlisted apps are blocked.Copy the Client ID and Client Secret
Open Basic Information → App Credentials and copy the Client ID and Client Secret. These are the confidential OAuth credentials MCP
Manager needs. Treat the Client Secret like a password.
Add the server in MCP Manager
On the Servers page, add a server, paste the URL MCP Manager stores both encrypted and uses them to run Slack’s OAuth flow. Each user who connects then approves the Slack consent screen, and Slack issues a token tied to their own identity and permissions. The server’s tools are now available to add to a gateway.
https://mcp.slack.com/mcp, and click Continue. Detection resolves to OAuth with client pre-registration; provide the values it asks for:Credentials
Gotchas & things to keep in mind
- Unlisted apps don’t work. Slack only accepts MCP requests from Marketplace-published or internal apps with a fixed app ID. A throwaway unlisted app will be rejected no matter how its scopes are set — publish it or scope it as internal first.
- The token is per user, not shared. Slack uses confidential OAuth to mint a token for each person who approves, so every action reflects that user’s own Slack permissions and identity. This favors per-user identity over a single shared credential — see per-user versus shared identity.
- Scopes gate the tools. If a Slack tool returns a permission error, the app is missing the matching user scope. Add it under OAuth & Permissions, then have affected users re-authorize so the new scope is granted.
- Use the exact path. The endpoint is
https://mcp.slack.com/mcp. The host alone won’t connect — include the/mcppath. - Admins can revoke at any time. Workspace and Enterprise Grid admins approve and manage MCP client apps centrally. If a connection stops working, check whether an admin has paused or removed approval for the app.
- Standard Web API rate limits apply. Slack’s MCP tools are subject to the same rate limits as the corresponding Web API methods, so high-volume agents should expect throttling.
Further reading
Find & Connect MCP Servers
How MCP Manager detects authentication type, and how to find other servers’ URLs.
How MCP Manager authenticates
What OAuth with client pre-registration means for the credentials you just supplied.
Identities for remote servers
Per-user versus shared identity for a server connected over OAuth.
Connect your AI client
Point Claude, Cursor, or another client at the gateway once Slack is connected.
External sources
Slack MCP server overview
Slack’s authoritative developer reference for the MCP server — endpoint, confidential OAuth, scopes, and app requirements.
Guide to the Slack MCP server
Slack’s help-center overview of what the MCP server can do and how to connect approved client apps.