Slack

Get your Slack credentials

To use Slack as a social provider, you need to create a Slack app and get your credentials.

  1. Go to Your Apps on Slack API and click "Create New App"
  2. Choose "From scratch" and give your app a name and select a development workspace
  3. In your app settings, navigate to "OAuth & Permissions"
  4. Under "Redirect URLs", add your redirect URL:
    • For local development: http://localhost:3000/api/auth/callback/slack
    • For production: https://yourdomain.com/api/auth/callback/slack
  5. Copy your Client ID and Client Secret from the "Basic Information" page

Slack requires HTTPS for redirect URLs in production. For local development, you can use tools like ngrok to create a secure tunnel.

Configure the provider

To configure the provider, you need to pass the client_id and client_secret to BetterAuth::SocialProviders.slack in your auth configuration.

config/auth.rb
require "better_auth"

auth = BetterAuth.auth(
secret: ENV.fetch("BETTER_AUTH_SECRET"),
base_url: ENV.fetch("BETTER_AUTH_URL", "http://localhost:3000"),
social_providers: {
slack: BetterAuth::SocialProviders.slack(
  client_id: ENV.fetch("SLACK_CLIENT_ID"),
  client_secret: ENV.fetch("SLACK_CLIENT_SECRET")
)
}
)

Usage

Sign In with Slack

To sign in with Slack, call auth.api.sign_in_social on your Ruby auth instance. The endpoint body takes the following properties:

  • provider: The provider to use. It should be set to slack.
server.rb
response = auth.api.sign_in_social(
  body: {
    provider: "slack",
    callback_url: "/dashboard",
    error_callback_url: "/login",
    scopes: ["channels:read", "chat:write"],
    disable_redirect: true
  }
)

redirect_url = response.fetch(:url)

Requesting Additional Scopes

By default, Slack uses OpenID Connect scopes: openid, profile, and email. You can request additional Slack scopes during sign-in:

server.rb
response = auth.api.sign_in_social(
  body: {
    provider: "slack",
    callback_url: "/dashboard",
    error_callback_url: "/login",
    disable_redirect: true
  }
)

redirect_url = response.fetch(:url)

Workspace-Specific Sign In

If you want to restrict sign-in to a specific Slack workspace, you can pass the team parameter:

config/auth.rb
require "better_auth"

auth = BetterAuth.auth(
  secret: ENV.fetch("BETTER_AUTH_SECRET"),
  base_url: ENV.fetch("BETTER_AUTH_URL", "http://localhost:3000"),
  social_providers: {
    slack: BetterAuth::SocialProviders.slack(
      client_id: ENV.fetch("SLACK_CLIENT_ID"),
      client_secret: ENV.fetch("SLACK_CLIENT_SECRET"),
      team: "T1234567890"
    )
  }
)

Using Slack API After Sign In

After successful authentication, you can access the user's Slack information through the session. The access token can be used to make requests to the Slack API:

session = auth.api.get_session(
  headers: {
    "cookie" => request.env.fetch("HTTP_COOKIE", "")
  }
)

if session&.dig(:user)
  slack_user_id = session.dig(:user, "id")
  # The access token is stored securely on the server.
end

The Slack provider uses OpenID Connect by default, which provides basic user information. If you need to access other Slack APIs, make sure to request the appropriate scopes during sign-in.

Edit on GitHub

Previous Page

Salesforce

Next Page

TikTok

On this page