Slack API Essential Guide

What type of API does Slack provide?

Slack's API is primarily an HTTP RPC-style API. It is not a traditional REST, GraphQL, or SOAP API. The API methods have URLs in the form https://slack.com/api/METHOD_FAMILY.method.

Key features of Slack's API:

• Uses HTTPS, SSL, and TLS v1.2 or above for all method calls
• Supports both GET and POST parameters
• Some methods allow JSON-encoded bodies for more complex data structures

Does the Slack API have webhooks?

Yes, the official Slack API does have webhooks, and you can subscribe to various types of events.

Incoming Webhooks

Slack provides incoming webhooks, which allow you to post messages from external sources into Slack. To use incoming webhooks, you need to create a Slack app, enable incoming webhooks for your app, create an incoming webhook URL, and use the webhook URL to post messages to Slack. Incoming webhooks are primarily used for sending messages to Slack, not for receiving events.

Events API

Slack also offers an Events API, which allows you to subscribe to various events that occur within Slack. This is a more comprehensive way to receive notifications about activities in Slack. To use the Events API, you need to create a Slack app, enable event subscriptions, set up a request URL to receive events, and subscribe to specific event types.

Types of Events

You can subscribe to a wide variety of events through the Events API, including:

• Message events (e.g., message.channels, message.groups)
• Channel events (e.g., channel_created, channel_renamed)
• User events (e.g., user_change, team_join)
• File events (e.g., file_created, file_shared)
• App events (e.g., app_uninstalled, tokens_revoked)

The specific events you can subscribe to depend on the OAuth scopes your app has been granted.

Key Considerations

1. Permissions: The events you can receive are tied to the OAuth scopes granted to your app.
2. URL Verification: When setting up event subscriptions, Slack will perform a handshake to verify your request URL.
3. Error Handling: You need to respond with a 200 OK status for each event received to avoid your app being temporarily disabled.
4. Socket Mode: As an alternative to HTTP endpoints, you can use Socket Mode to receive events through a WebSocket connection.

In summary, while Slack does offer incoming webhooks for sending messages to Slack, the Events API is the primary method for subscribing to and receiving notifications about events occurring within Slack workspaces.

Rate Limits and other limitations

Here are the key points about Slack API rate limits:

Overview of Rate Limits

• Slack uses a tiered rate limiting system for the Web API, with different tiers allowing different numbers of requests per minute:

  • Tier 1: 1+ per minute
  • Tier 2: 20+ per minute
  • Tier 3: 50+ per minute
  • Tier 4: 100+ per minute
  • Special Tier: Varies by method

• Rate limits are applied on a "per API method per app per workspace" basis

• For posting messages, the general limit is 1 message per second per channel, with some burst behavior allowed

Specific Limits

• Events API: 30,000 event deliveries per hour per workspace

• Incoming webhooks: 1 per second (short bursts allowed)

• Workflow triggers:

  • Event triggers: 10,000 per hour
  • Webhook triggers: 10 per minute

Handling Rate Limits

• When rate limited, Slack returns a HTTP 429 error with a Retry-After header indicating how long to wait before retrying

• The Node SDK handles rate limiting automatically by default

• For custom implementations, you can:

  1. Check for 429 status code
  2. Read the Retry-After header
  3. Wait the specified time before retrying

• Caching data that doesn't change frequently can help reduce API calls

Best Practices

• Monitor your API usage and implement pauses between calls to avoid hitting limits

• Consider implementing caching (e.g. LRU caching) to reduce API calls

• Design your app to stay well under the limits where possible

• For high-volume messaging needs, consider using external logging/archiving services instead

By following these guidelines and implementing proper rate limit handling, you can optimize your Slack app to work within the API rate limits.

Latest API Version

The most recent version of the Slack API tools is 2.27.1, released on July 11, 2024.

Key points to consider:

• The Slack API and developer tools are regularly updated, with new versions released frequently.

• The latest version (2.27.1) was released on July 11, 2024.

• Prior to that, version 2.26.0 was released on June 13, 2024.

• Slack maintains a detailed changelog documenting updates and changes to their API and developer tools.

• Some important upcoming changes include:

  • Deprecation of the files.upload API method, which will be retired on March 11, 2025.
  • A new asynchronous upload flow to replace files.upload.

Best practices:

1. Regularly check the Slack API changelog for updates and new features.
2. Keep your Slack CLI and developer tools up to date with the latest version.
3. Be aware of deprecation notices and plan to migrate your apps accordingly.
4. Test your apps with new API versions to ensure compatibility.

It's important to stay informed about these updates to ensure your Slack integrations remain functional and take advantage of the latest features.

How to get a Slack developer account and API Keys?

To get a Slack developer account and API keys:

1. Join the Slack Developer Program:

   • Visit https://api.slack.com/developer-program
   • Register for the program

2. Create a Slack App:

   • Go to the Slack API website
   • Click "Create app"
   • Select your workspace from the dropdown menu
   • Click "Build"

3. Obtain an API Token:

   • After creating your app, follow the steps to obtain an API token
   • This token is necessary for your app to interact with the Slack API

4. Use the API Token:

   • Use the Web API's method tester to test public Web API methods with your token
   • Keep your API token secure and never share it
   • Do not publish tokens in public code repositories
   • Be mindful of the permissions you request for your token

Best Practices:

• Use the Authorization HTTP header to send your token in outbound requests
• Review Slack's token safety tips
• Consider using Slack's official SDKs for Python, Node, and Java to simplify development

What can you do with the Slack API?

Based on the search results provided, here are the key data models you can interact with using the Slack API:

Conversations

• Public channels, private channels, direct messages (DMs), group direct messages, and shared channels
• Key operations:
  • Review conversation history
  • Create or archive channels
  • Invite team members
  • Set conversation topics and purpose
  • List conversations
  • Retrieve conversation details

Messages

• Retrieve message history from channels
• Extract message content, timestamps, and metadata
• Handle message reactions and reply counts

Users

• Retrieve user information like real names
• Replace user IDs with real names in messages

Interactive Components

• Modals (pop-up dialogs)
• Buttons
• Select menus
• Multi-select menus

Shortcuts

• Global shortcuts
• Message shortcuts

Views

• Modal views
• Home tab views

Datastores (for workflow apps)

• Create and interact with custom datastores
• Store and retrieve data for workflow apps
• Perform CRUD operations on datastore items

Workflows

• Define and manage workflows
• Use triggers to start workflows (e.g., link triggers, scheduled triggers, event triggers)

App Manifests

• Define app configurations and features

Functions

• Custom functions for workflow apps
• Slack functions
• Connector functions

For each of these data models, the Slack API provides various methods to interact with them, such as creating, reading, updating, and deleting. The specific operations available depend on the scopes and permissions granted to your Slack app. It's important to note that access to different conversation types (public channels, private channels, DMs) is governed by corresponding permission scopes.