Skip to content
Go to file


Failed to load latest commit information.
Latest commit message
Commit time


This Gem contains the Slack strategy for OmniAuth and supports the Sign in with Slack approval flow.

Gem Version

Before You Begin

You should have already installed OmniAuth into your app; if not, read the OmniAuth README to get started.

Now sign into the Slack application dashboard and create an application. Take note of your API keys.

Using This Strategy

First start by adding this gem to your Gemfile:

gem 'omniauth-slack'

If you need to use the latest HEAD version, you can do so with:

gem 'omniauth-slack', github: 'kmrshntr/omniauth-slack'

Next, tell OmniAuth about this provider. For a Rails app, your config/initializers/omniauth.rb file should look like this:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :slack, 'API_KEY', 'API_SECRET', scope: 'identity.basic'

Replace 'API_KEY' and 'API_SECRET' with the appropriate values you obtained earlier.

If you are using Devise then it will look like this:

Devise.setup do |config|
  # other stuff...

  config.omniauth :slack, ENV['SLACK_APP_ID'], ENV['SLACK_APP_SECRET'], scope: 'identity.basic'

  # other stuff...


Slack lets you choose from a few different scopes.

However, you cannot request both identity scopes and other scopes at the same time.

If you need to combine regular app scopes with those used for “Sign in with Slack”, you should configure two providers:

provider :slack, 'API_KEY', 'API_SECRET', scope: 'identity.basic', name: :sign_in_with_slack
provider :slack, 'API_KEY', 'API_SECRET', scope: 'team:read,users:read,identify,bot'

Use the first provider to sign users in and the second to add the application to their team.

Auth Hash Example

For the scope team:read,users:read,identify the resulting auth hash would look like this:

  provider: "slack",
  uid: "U3BPA937E",
  info: {
    description: "Welcome to Slack",
    email: "",
    first_name: "Matt",
    image: "",
    image_24: "",
    image_48: "",
    is_admin: true,
    is_owner: true,
    last_name: "Holmes",
    name: "Matt Holmes",
    nickname: "matty",
    team: "Mattison co.",
    team_id: "A3V3VC35Y",
    time_zone: "Europe/Amsterdam",
    user: "matty",
    user_id: "U3BPA937E"
  credentials {
    expires: false,
    token: "xoxp-127131411201-127810174082-127813170226-f205827fb956488602bef2068471d7a5",
  extra {
    bot_info: {},
    raw_info: {
      ok: true,
      team: "Mattison co.",
      team_id: "A3V3VC35Y",
      url: "",
      user: "matty",
      user_id: "U3BPA937E"
    team_info: {
      ok: true,
      team: {
        domain: "mattison",
        email_domain: "",
        icon: {
          image_102: "",
          image_132 "",
          image_34 "",
          image_44 "",
          image_68 "",
          image_88 "",
          image_default: true
        id: "A3V3VC35Y",
        name: "Mattison co."
    user_info: {
      ok: true,
      user: {
        color: "9f69e7",
        deleted: false,
        has_2fa: false,
        id: "U3BPA937E",
        is_admin: true,
        is_bot: false,
        is_owner: true,
        is_primary_owner: true,
        is_restricted: false,
        is_ultra_restricted: false,
        name: "matty",
        profile: {
          avatar_hash: "g69720796ae3",
          first_name: "Matt",
          image_192: "",
          image_24: "",
          image_32: "",
          image_48: "",
          image_512: "",
          image_72: "",
          last_name: "Holmes",
          real_name: "Matt Holmes",
          real_name_normalized: "Matt Holmes"
        real_name: "Matt Holmes",
        status: nil,
        team_id: "A3V3VC35Y",
        tz: "Europe/Amsterdam",
        tz_label: "Central European Time",
        tz_offset: 3600
    web_hook_info: {}

Authentication Options


If you don't pass a team param, the user will be allowed to choose which team they are authenticating against. Passing this param ensures the user will auth against an account on that particular team.

If you need to ensure that the users use the team whose team_id is 'XXXXXXXX', you can do so by passing :team option in your config/initializers/omniauth.rb like this:

Rails.application.config.middleware.use OmniAuth::Builder do
  provider :slack, 'API_KEY', 'API_SECRET', scope: 'identify,read,post', team: 'XXXXXXXX'


  1. Fork it
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Create new Pull Request

Bitdeli Badge

You can’t perform that action at this time.