npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

mcp-server-slack

v1.0.1

Published

MCP Server for Slack API integration

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

iskifogliskifogl

Keywords

mcpslackapimodel-context-protocol

Readme

Slack MCP Server

A Model Context Protocol (MCP) server for Slack API integration. This server allows AI assistants to interact with Slack workspaces through OAuth 2.0 authenticated user tokens.

Features

  • Channel Operations: List channels, get channel info, get channel members
  • Message Operations: Read messages, send messages, reply to threads, search messages
  • User Operations: List users, get user info, get user profiles
  • File Operations: List files, get file info, upload files
  • Reaction Operations: Add/remove reactions, get message reactions

Prerequisites

  • Node.js 18+
  • A Slack App with OAuth 2.0 configured
  • User token (xoxp-...) with appropriate scopes

Installation

npm install
npm run build

Slack App Setup

1. Create a Slack App

  1. Go to api.slack.com/apps
  2. Click "Create New App" → "From scratch"
  3. Enter app name and select workspace

2. Configure OAuth Scopes

Add these User Token Scopes under "OAuth & Permissions":

channels:read        # List channels
channels:history     # Read channel messages
groups:read          # List private channels
groups:history       # Read private channel messages
im:read              # List direct messages
im:history           # Read direct messages
mpim:read            # List group DMs
mpim:history         # Read group DMs
chat:write           # Send messages
users:read           # List users
users.profile:read   # Read user profiles
files:read           # List files
files:write          # Upload files
reactions:read       # Read reactions
reactions:write      # Add/remove reactions
search:read          # Search messages

3. Configure Redirect URI

Add your platform's callback URL under "OAuth & Permissions" → "Redirect URLs":

https://your-platform.com/oauth/slack/callback

4. Get Client Credentials

Note down your:

  • Client ID
  • Client Secret

Environment Variables

The MCP server reads credentials from environment variables:

# Required
SLACK_ACCESS_TOKEN=xoxp-your-user-token

# Optional
SLACK_TEAM_ID=T0123456789

OAuth 2.0 Flow (Platform Implementation)

Step 1: Redirect User to Slack Authorization

const SLACK_CLIENT_ID = 'your-client-id';
const REDIRECT_URI = 'https://your-platform.com/oauth/slack/callback';
const SCOPES = 'channels:read,channels:history,chat:write,users:read,files:read,files:write,reactions:read,reactions:write,search:read,groups:read,groups:history,im:read,im:history,mpim:read,mpim:history,users.profile:read';

const authUrl = `https://slack.com/oauth/v2/authorize?client_id=${SLACK_CLIENT_ID}&user_scope=${SCOPES}&redirect_uri=${encodeURIComponent(REDIRECT_URI)}&state=${generateRandomState()}`;

// Redirect user to authUrl

Step 2: Handle OAuth Callback

// In your callback handler
app.get('/oauth/slack/callback', async (req, res) => {
  const { code, state } = req.query;

  // Verify state to prevent CSRF
  if (!verifyState(state)) {
    return res.status(400).send('Invalid state');
  }

  // Exchange code for token
  const response = await fetch('https://slack.com/api/oauth.v2.access', {
    method: 'POST',
    headers: {
      'Content-Type': 'application/x-www-form-urlencoded',
    },
    body: new URLSearchParams({
      client_id: SLACK_CLIENT_ID,
      client_secret: SLACK_CLIENT_SECRET,
      code,
      redirect_uri: REDIRECT_URI,
    }),
  });

  const data = await response.json();

  if (data.ok) {
    // Save user token to your database
    const userToken = data.authed_user.access_token; // xoxp-...
    const userId = data.authed_user.id;
    const teamId = data.team.id;

    await db.saveSlackToken(currentUserId, {
      token: userToken,
      slackUserId: userId,
      teamId: teamId,
    });

    res.redirect('/success');
  } else {
    res.status(400).send(`OAuth error: ${data.error}`);
  }
});

Step 3: Start MCP Server with User Token

// When starting the MCP server for a user, inject their token as env var
const userSlackToken = await db.getSlackToken(currentUserId);

const mcpProcess = spawn('node', ['/path/to/slack-mcp/dist/index.js'], {
  env: {
    ...process.env,
    SLACK_ACCESS_TOKEN: userSlackToken,
  },
});

MCP Configuration

Add to your Claude Code configuration (~/.claude/claude_desktop_config.json):

{
  "mcpServers": {
    "slack": {
      "command": "node",
      "args": ["/path/to/slack-mcp/dist/index.js"],
      "env": {
        "SLACK_ACCESS_TOKEN": "xoxp-your-token"
      }
    }
  }
}

Available Tools

Channel Tools

| Tool | Description | |------|-------------| | slack_list_channels | List all accessible channels | | slack_get_channel_info | Get channel details | | slack_get_channel_members | Get channel member list |

Message Tools

| Tool | Description | |------|-------------| | slack_get_messages | Get messages from a channel | | slack_get_thread_replies | Get replies in a thread | | slack_send_message | Send a message to a channel | | slack_reply_to_thread | Reply to a thread | | slack_search_messages | Search messages (requires user token) |

User Tools

| Tool | Description | |------|-------------| | slack_list_users | List workspace users | | slack_get_user_info | Get user details | | slack_get_user_profile | Get user profile |

File Tools

| Tool | Description | |------|-------------| | slack_list_files | List shared files | | slack_get_file_info | Get file details | | slack_upload_file | Upload a file |

Reaction Tools

| Tool | Description | |------|-------------| | slack_add_reaction | Add emoji reaction | | slack_remove_reaction | Remove emoji reaction | | slack_get_reactions | Get message reactions |

Example Usage

List Channels

{
  "tool": "slack_list_channels",
  "arguments": {
    "types": "public_channel,private_channel",
    "limit": 50
  }
}

Send Message

{
  "tool": "slack_send_message",
  "arguments": {
    "channel_id": "C1234567890",
    "text": "Hello from MCP!"
  }
}

Search Messages

{
  "tool": "slack_search_messages",
  "arguments": {
    "query": "from:@user in:#channel important",
    "count": 20
  }
}

Error Handling

The server returns structured error responses:

{
  "error": "Slack API Error (invalid_auth): Invalid authentication token."
}

Common error codes:

  • invalid_auth: Token is invalid
  • token_revoked: Token has been revoked
  • missing_scope: Token lacks required scope
  • channel_not_found: Channel doesn't exist
  • ratelimited: Rate limit exceeded

Security Considerations

  • Never expose user tokens in client-side code
  • Store tokens securely in your database (encrypted)
  • Use HTTPS for all OAuth redirects
  • Validate state parameter to prevent CSRF
  • Rotate tokens periodically using refresh tokens
  • Request only necessary scopes

License

MIT