Intro
This guide walks you through connecting the Slack MCP Server to MCP Manager so your AI clients (Claude, Cursor, and others) can search messages, send messages, manage canvases, and look up users in your Slack workspace — all through a centrally managed gateway.
The setup involves two parts: creating and configuring a Slack App with the right permissions, then connecting it to MCP Manager via OAuth pre-registration.
Part 1: Create and Configure Your Slack App
Step 1: Create a New Slack App
- Go to api.slack.com/apps
- Click "Create New App" → "From scratch"
- Enter an App Name (e.g.,
MCP Manager) and select your Workspace - Click "Create App"
Step 2: Enable the MCP Protocol
- In your app's settings, navigate to Features → Agents & AI Apps
- Toggle "Model Context Protocol" to ON
Note: Only directory-published apps or internal apps may use Slack's MCP server. Unlisted apps are not supported.
Step 3: Configure the OAuth Redirect URI
- Go to OAuth & Permissions
-
Under Redirect URLs, add the following URL:
https://app.mcpmanager.ai/api/v1/mcpm/inbound/oauth/callback
- Click "Add" then "Save URLs"
Important: The redirect URI must match exactly — no trailing slash. If you change this after initial installation, you must reinstall the app to your workspace.
Step 4: Configure OAuth Scopes
Slack MCP uses OAuth tokens to determine what actions are available and what data can be accessed. There are two types of scopes to configure: Bot Token Scopes (for actions the app takes as itself) and User Token Scopes (for actions taken on behalf of the authenticated user).
Bot Token Scopes
Add these under Scopes → Bot Token Scopes:
| Scope | Purpose |
|---|---|
channels:join |
Allows the bot to join public channels |
channels:read |
View basic channel information |
chat:write |
Send messages as the bot (required if you want the bot to post in channels) |
search:read.public |
Search public channel content |
Privacy consideration: We recommend not granting search:read.private to bot tokens. A bot token has workspace-wide access, meaning it could search private channels that individual users shouldn't see. Keeping private search on user tokens only ensures Slack's per-user permission model is enforced.
User Token Scopes
Add these under Scopes → User Token Scopes. These are the scopes documented by Slack as required for the MCP server's tools:
Search:
search:read search:read.public search:read.private search:read.mpim search:read.im search:read.files search:read.users
Messaging:
chat:write
Channel & conversation history:
channels:history groups:history mpim:history im:history
Canvases:
canvases:read canvases:write
Users:
users:read users:read.email
Why is search:read.private safe on user tokens? Unlike bot tokens, user tokens enforce the individual user's own Slack permissions. If a user can't see a private channel in Slack, they can't search it via MCP either. Each user authenticates separately through OAuth, so access is always scoped to what that person is already allowed to see.
Step 5: Install the App to Your Workspace
- Navigate to Settings → Install App
- Click "Install to Workspace"
- Review the permission summary and approve
If you later add or change scopes, you'll need to click "Reinstall to Workspace" for the changes to take effect.
Step 6: Collect Your App Credentials
After installation, go to Basic Information → App Credentials and copy:
- Client ID
- Client Secret
You will need both of these to configure MCP Manager in the next section. Do not share the Bot Token or User OAuth Token directly — the OAuth flow in MCP Manager handles token exchange automatically.
Part 2: Connect Slack MCP to MCP Manager
Step 1: Add the Slack MCP Server
- Log in to MCP Manager
- Navigate to Servers → Add Server
- Select the "Remote" tab
- Choose the "OAuth Pre-registration" sub-tab
Important: You must use "OAuth Pre-registration", not "Auto/OAuth". Slack does not support OAuth 2.0 Dynamic Client Registration — you need to provide your own Client ID and Client Secret.
Step 2: Enter Server Details
| Field | Value |
|---|---|
| Server URL | https://mcp.slack.com/mcp |
| Server Name |
Slack MCP (or any name you prefer) |
| Authentication Type | OAuth Pre-registration |
| Client ID | (from your Slack app's Basic Information page) |
| Client Secret | (from your Slack app's Basic Information page) |
| Transport | Streamable HTTP (detected automatically) |
Step 3: Complete the OAuth Flow
- Click "Connect to server"
- You'll be redirected to Slack's OAuth consent screen
- Review the requested permissions and click "Allow"
- You'll be redirected back to MCP Manager
If the connection is successful, the server status will show as Connected.
Step 4: Test the Connection
Open an AI client connected to MCP Manager (such as Claude Desktop, Claude.ai, or Cursor) and try a simple query like:
Search Slack for messages in #general from the last week
If results come back, your setup is working correctly.
Troubleshooting Common Issues
"Invalid Redirect URI" During OAuth
This means the redirect URL in your Slack app doesn't match what MCP Manager is sending. To fix:
- Go to your Slack app's OAuth & Permissions settings
- Verify the redirect URL is exactly:
https://app.mcpmanager.ai/api/v1/mcpm/inbound/oauth/callback - Make sure there is no trailing slash
- Save the URL and reinstall the app to your workspace
Can Read Messages but Can't Send
This typically means the authenticated user (or bot) is not a member of the target channel. Slack requires membership to post.
- The user must join the channel in Slack before they can send messages through MCP
- Alternatively, invite the bot to the channel with
/invite @YourAppName - Confirm that
chat:writeis present in the appropriate scope (user or bot, depending on which token is being used)
Bot Is in Channel but Messages Fail
If the bot appears in the channel member list but still can't post:
- Verify
chat:writeis in the Bot Token Scopes - Reinstall the app to the workspace (scope changes don't take effect until reinstall)
- Re-invite the bot to the channel after reinstalling
Search Returns No Results
If search queries return empty results even though matching messages exist:
- Confirm that the relevant
search:read.*scopes are configured on the user token - Remember that user tokens only return results from channels and conversations the user has access to in Slack
- Newly added scopes require a reinstall of the Slack app
Security Architecture
When connected through MCP Manager, the data flow works like this:
AI Client → MCP Manager (gateway) → Slack MCP Server → Slack Workspace
↕
User's OAuth Token
(individual Slack permissions enforced)Each user authenticates individually via OAuth. The Slack MCP Server enforces that user's actual Slack permissions — if they can't see a channel in Slack, they can't access it through MCP. MCP Manager adds an additional layer of centralized logging, access control, and observability on top of this.
Quick Reference: Recommended Scopes
Bot Token Scopes
channels:join channels:read chat:write search:read.public
User Token Scopes
# Search search:read search:read.public search:read.private search:read.mpim search:read.im search:read.files search:read.users # Messaging chat:write # History channels:history groups:history mpim:history im:history # Canvases canvases:read canvases:write # Users users:read users:read.email
Additional Resources
- Slack MCP Server Documentation — Official Slack docs covering features, rate limits, and authentication
- Connect Slack MCP to Claude — Slack's guide for direct Claude integration
Comments
0 comments
Please sign in to leave a comment.