Skip to main content
Connecting Slack puts Slack tokens on every personal machine, so scripts and agents there can read channels and post messages through Slack’s Web API. See Integrations for the shared model (scope, discovery, MCP).

Connect

From the consoleIntegrations, click Connect on Slack. Or, from any boxd CLI: 
boxd integrations connect slack
This prints a Slack authorize URL. Open it in a browser, pick the workspace, and approve. A single consent grants both a bot token (the app acts on its own) and a user token (it acts as you), plus the workspace id. The connection is per-account and lands on your personal and private machines (not shared org machines).

What’s authorized

The one consent screen requests two sets of scopes:
TokenScopesFor
Bot (xoxb-)channels:read, channels:history, groups:read, im:read, mpim:read, chat:write, users:read, team:readReading channels and posting as the app
User (xoxp-)search:read, channels:history, chat:write, users:readActing as you — notably search:read, which only a user token can do
Slack tokens don’t expire, so there’s nothing to refresh. They’re stored server-side and only injected into your own personal/private machines.

Use Slack from a machine

Three environment variables are exported into every login shell (and the coding agents’ environment):
VariableValue
SLACK_BOT_TOKENBot token (xoxb-) — act as the app
SLACK_USER_TOKENUser token (xoxp-) — act as you
SLACK_TEAM_IDThe connected workspace’s id
Call Slack’s Web API with the token that fits — bot for posting, user for search: 
# who am I, as the bot
curl -s https://slack.com/api/auth.test -H "Authorization: Bearer $SLACK_BOT_TOKEN"

# post a message as the app
curl -s https://slack.com/api/chat.postMessage \
  -H "Authorization: Bearer $SLACK_BOT_TOKEN" \
  -H "Content-Type: application/json; charset=utf-8" \
  -d '{"channel":"#general","text":"hello from boxd"}'

# search your messages (needs the user token)
curl -s "https://slack.com/api/search.messages?query=deploy" \
  -H "Authorization: Bearer $SLACK_USER_TOKEN"
Run boxd integrations inside the machine to confirm it’s wired in and see this same hint.

Slack MCP server

Slack also publishes a Model Context Protocol server (slack-server, at https://mcp.slack.com/mcp) that a coding agent can call directly. Its bearer is your user token (that’s what powers search), so the MCP needs the user grant to work. It’s opt-in per agent: 
boxd integrations mcp slack                  # install into all agents (Claude Code, Codex, OpenCode)
boxd integrations mcp slack claude           # only Claude Code
boxd integrations mcp slack --disable        # remove from every agent
You can also toggle this with Enable MCP on the Slack card in the console. Newly created machines pick up the configured server automatically.

Disconnect

boxd integrations disconnect slack
This revokes both tokens at Slack, clears them from boxd, and removes the MCP server from your agents. You can also Disconnect from the Slack card in the console.