directory / mcp / slack-mcp-server

Slack MCP Server

Slack · MCP

Slack is where teams communicate. The Slack MCP Server lets AI agents read channels, execute commands, and integrate team workflows directly from your IDE.

stable team integration & communication updated 2026-03
install
claude plugin install slack
npm: @modelcontextprotocol/server-slack
↗ GitHub
capabilities
Search messages across channels Send and manage messages Read and reply to threads Manage reactions and canvases Access user profiles and channel metadata
compatible with
Claude CodeClaude DesktopCursor

The Slack MCP Server turns your team’s communication hub into an integration point for AI agents. Instead of context-switching between your IDE and Slack, your AI assistant can read channel discussions, search messages, and trigger workflows directly from Claude Code, Cursor, or Claude Desktop.

What the Slack MCP Server Does

The Slack MCP Server implements the Model Context Protocol, a standardized interface that bridges AI agents with your Slack workspace. It exposes core Slack capabilities—message search, sending messages, reading history, canvas management, and user profile access—through tools your AI assistant can call natively.

The official implementation is maintained by Slack and runs on their hosted endpoint at mcp.slack.com/. It works with MCP-compatible clients such as Claude Code, Claude Desktop, Cursor, and others. Support and features vary by client. A community-maintained implementation (korotovsky/slack-mcp-server, ~1.4k stars as of publication) also exists for teams who want to self-host or need additional features.

This is particularly useful for teams doing agentic development. Instead of manually summarizing discussions or searching through threads, your AI agent can do it automatically—perfect for pulling team context into development workflows or automating notification and alert patterns.

Installation

Prerequisites

  • Active Slack workspace with admin approval (critical: workspace admins must explicitly approve MCP integration)
  • Registered Slack app (directory-published or internal; Slack’s MCP policy prohibits unlisted apps from integrating — only directory-published or internal apps can use MCP)
  • OAuth-compatible MCP client (Claude Code, Claude Desktop, Cursor, etc.)
  • Network access to https://mcp.slack.com/

Official Plugin Method (Claude Code)

If using Claude Code, open Plugins → Marketplace and search for Slack, then install. Alternatively, use the CLI command:

claude plugin install slack

The system auto-configures and prompts for OAuth authentication. No local installation needed. See the Slack official plugin repository for details.

Claude Desktop Setup

  1. Open Settings → Customize → Connectors
  2. Click the plus icon, select Slack
  3. Complete the OAuth flow

Full setup instructions in the Slack developer docs for Claude Desktop.

Manual / Self-Hosted (Community Server)

If self-hosting or using a community implementation, install locally:

npx -y @modelcontextprotocol/server-slack

Note: This installs the community-maintained reference implementation locally, not the Slack-hosted endpoint. See the community repository README for configuration steps.

Security & Data Handling

Before enabling Slack MCP integration, understand the data flow and access implications.

Data Flow & Logging

  • Slack-hosted endpoint (mcp.slack.com): Message contents are processed by Slack’s infrastructure. Review Slack’s data retention policies and audit logging capabilities for your workspace tier.
  • Self-hosted community servers: Messages flow through your own infrastructure. You control logging and retention, but must secure token storage and API access yourself.

Access Control & Permissions

  • Admin approval is workspace-scoped. The approving admin determines which OAuth scopes the app receives. Review Slack OAuth scopes documentation to understand what each scope allows.
  • User tokens (xoxp-) grant access to all channels the authenticating user can see. Bot tokens (xoxb-) are limited to channels the bot is explicitly invited to—use bot tokens for least-privilege access where possible.

Token Strategy & Privacy

  • Prefer limited user tokens with only required scopes. Avoid granting channels:write or chat:write unless write operations are essential.
  • Consider ephemeral sessions for sensitive workflows—re-authenticate per session rather than storing long-lived tokens.
  • For Enterprise Grid workspaces, verify compliance requirements with your security team before enabling third-party MCP integrations.

Practical Mitigations

  • Enforce workspace policies that restrict which apps can be installed and which channels they can access.
  • Use Marketplace-approved apps when available—they undergo Slack’s app review process and offer predictable rate limits and security guarantees.
  • Audit which channels the MCP integration can read. Remove access to channels containing sensitive internal discussions.

Available Slack MCP Server Tools

  • Search Messages: Full-text search across your workspace (with date, user, content filtering)
  • Send Messages: Post to channels, direct messages, and group DMs
  • Read History: Fetch complete channel message history and thread conversations
  • Reply to Threads: Send targeted responses to specific threads
  • Reactions: Add or remove emoji reactions to messages
  • Canvas Management: Create, update, and export Slack canvases as markdown
  • User Profiles: Fetch user information with custom fields and statuses
  • Channel Metadata: List and retrieve channel information

Example Usage

Scenario: You’re in Claude Code debugging a feature when questions arise about the original design decision. Instead of switching to Slack:

You: "Summarize the last week of discussion about authentication in #architecture"

Claude: [uses search_messages tool with date filter]

Result: Claude retrieves and summarizes 5 key threads, providing immediate context without leaving your IDE

Limitations & Gotchas

The Slack MCP Server has real limitations worth understanding.

Token Expiry (1-hour) with No Refresh

In the Claude Code client, the hosted Slack MCP implementation issues tokens that expire after 1 hour with no refresh mechanism (GitHub #29257). This forces re-authentication via browser every hour—a frustrating UX for long-running sessions. Behavior may differ for self-hosted community implementations or future updates.

Admin Approval Gate

Workspace admins must explicitly approve MCP integration before any access is possible. This adds setup friction for teams with strict governance.

Write Operations Disabled by Default

In the community reference implementation, message posting and reactions are disabled by default for safety. Enable them via the environment variable SLACK_MCP_ADD_MESSAGE_TOOL—see the repository README for safe setup steps.

Rate Limits Apply

Standard Slack API rate limits enforce 1 request per second baseline. Recent May 2025 rate-limit changes reduced conversations.history and conversations.replies to 1 request per minute for non-Marketplace apps—a critical constraint for high-volume agent workflows. For agentic use, plan for caching, batching, and exponential backoff—these endpoints are the common choke points.

Bot Tokens Can’t Search

If you’re using a bot token (xoxb-), search functionality is unavailable. You need a user token (xoxp-).

Other Issues

No Dynamic Client Registration support, occasional SSE redirect failures (GitHub #23468), startup rate-limiting on Enterprise Grid workspaces, and cache initialization failures.

Compared to Alternatives

Direct Slack Web API

Gives you granular control and token refresh support, but requires writing custom integration code. Better for scheduled workflows or legacy systems. Not optimized for AI agents.

Incoming Webhooks

Simple one-way messaging with zero authentication overhead. Works for notifications (CI/CD, monitoring), but can’t read, search, or act agentic. Dead end for agent workflows.

Slack MCP is best for: AI agents in IDEs needing seamless Slack integration. Direct API for custom logic. Webhooks for simple notifications only.

Our Take

Best for: Teams building agentic workflows who want team context available in their IDE without context-switching. Particularly valuable for large engineering teams where Slack discussions drive architecture decisions.

Skip if: Your use case is simple notifications (use webhooks instead) or you need custom Slack integrations with complex logic (use Direct API).

Why these ratings:

  • Documentation (8/10): Slack’s official docs are clear and comprehensive, with well-documented OAuth flows and scope requirements.
  • Reliability (7/10): Solid implementation, but 1-hour token expiry and rate-limit constraints impact real-world use for long-running agentic sessions.
  • Usefulness (8/10): Exceptionally valuable for agentic IDE workflows where team context matters; less useful for simple notification use cases.
  • Overall (7/10): Strong tool for its intended use case, held back by auth friction and token management overhead. If token refresh were supported, this would be a 9/10.

Read more about What is an MCP Server to understand how Slack fits into your agentic stack. See also Claude Code Features and AI Agents vs Automation for workflow context.

Sources:

By Cybernauten · Mar 9, 2026 ← mcp directory