Slack MCP connector for AI agents

CALL ANY TOOL

Send and read messages, manage canvases, react, schedule, and search across channels and DMs. Same toolkit, every framework, no auth plumbing.

slackmcp_send_message

Send message

Post a message to a channel, direct message, or thread as the authorized user.

Parameters

Name

Type

Required

Description

channel

string

Required

Channel ID, user ID, or thread ts

text

string

Required

Message content

thread_ts

string

Optional

Reply in thread

slackmcp_read_channel

Read channel history

slackmcp_read_thread

Read thread replies

slackmcp_search_public

Search messages and channels

slackmcp_add_reaction

Add emoji reaction

slackmcp_schedule_message

Schedule message

slackmcp_create_canvas

Create canvas

Build your Agent

Drop the toolkit in, point it at the user, and your agent can send Slack messages, read threads, and manage canvases from the first run.

import { ScalekitClient } from "@scalekit-sdk/node";
import { DynamicStructuredTool } from "@langchain/core/tools";
import { createReactAgent } from "@langchain/langgraph/prebuilt";
import { z } from "zod";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["slackmcp"], toolNames: ["slackmcp_send_message", "slackmcp_read_channel", "slackmcp_read_thread"] },
  pageSize: 100,
});

const lcTools = tools.map((t) => new DynamicStructuredTool({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  schema: z.object({}).passthrough(),
  func: async (args) => {
    const { data } = await sk.tools.executeTool({
      toolName: t.tool.definition.name,
      identifier: "user_123",
      params: args,
    });
    return JSON.stringify(data);
  },
}));

const agent = createReactAgent({ llm, tools: lcTools });

import { ScalekitClient } from "@scalekit-sdk/node";
import OpenAI from "openai";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const openai = new OpenAI();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["slackmcp"], toolNames: ["slackmcp_send_message", "slackmcp_read_channel", "slackmcp_read_thread"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  type: "function",
  function: {
    name: t.tool.definition.name,
    description: t.tool.definition.description,
    parameters: t.tool.definition.input_schema,
  },
}));

const resp = await openai.responses.create({
  model: "gpt-4o", input: prompt, tools: llmTools,
});

import { ScalekitClient } from "@scalekit-sdk/node";
import Anthropic from "@anthropic-ai/sdk";

const sk = new ScalekitClient(envUrl, clientId, clientSecret);
const anthropic = new Anthropic();

const { tools } = await sk.tools.listScopedTools("user_123", {
  filter: { connectionNames: ["slackmcp"], toolNames: ["slackmcp_send_message", "slackmcp_read_channel", "slackmcp_read_thread"] },
  pageSize: 100,
});

const llmTools = tools.map((t) => ({
  name: t.tool.definition.name,
  description: t.tool.definition.description,
  input_schema: t.tool.definition.input_schema,
}));

const msg = await anthropic.messages.create({
  model: "claude-sonnet-4-6", max_tokens: 1024,
  tools: llmTools,
  messages: [{ role: "user", content: prompt }],
});

import { Agent } from "@google/adk/agents";
import {
  MCPToolset, StreamableHTTPConnectionParams,
} from "@google/adk/tools/mcp";

const toolset = new MCPToolset({
  connectionParams: new StreamableHTTPConnectionParams({
    url: "https://mcp.scalekit.com/slackmcp",
    headers: { Authorization: `Bearer ${userScopedToken}` },
  }),
});

const agent = new Agent({
  name: "agent", model: "gemini-2.0-flash",
  tools: await toolset.getTools(),
});

Try these prompts

Paste any prompt into your agent to start working with Slack from your workflows.

Send & schedule

Copy the prompt

Copied

Post a status update to #[channel] summarizing today's progress.

Copy the prompt

Copied

Schedule a reminder for [channel] tomorrow at 9am.

Copy the prompt

Copied

Send a DM to [user] with the latest dashboard link.

Read & search

Copy the prompt

Copied

Summarize today's discussion in #[channel].

Copy the prompt

Copied

Find every mention of [keyword] across the workspace.

Copy the prompt

Copied

Pull all replies from the thread on [permalink].

SEE HOW AUTH WORKS

Users authorize Slack once. Their credentials stay vaulted, every call is checked, and every action is logged.

1

Authorize

Your user connects

Slack MCP

once. We tie it to their identity and the meetings they approved — no shared bot account, no org-wide access

Who:

user ‘A’

when:

Once per user

access:

Limited to user

2

Store

Their

Slack MCP

token lives in a vault scoped to them. User A's meetings are never reachable by an agent acting for user B, even on the same connection

vault:

encrypted

scope:

per-user

tokens:

auto-refreshed

3

Resolve

When your agent calls a

Slack MCP

tool, we fetch the right token server-side. It never touches your agent, never appears in the LLM context, never shows up in your logs

speed:

~40ms

check:

before every call

seen by:

nobody

4

Audit

Every

Slack MCP

tool call is logged — who triggered it, which meeting was fetched, what came back. 90 days of history, tied to the user who authorized it

history:

90 days

export:

SIEM-ready

logged:

every call

Test other agents

Same per-user auth pattern across other messaging and collaboration connectors.

No items found.

Why Scalekit

Secure your agent's access. Connectors ship in minutes

Other connector libraries treat auth as a demo afterthought. Scalekit starts with user identity, scope enforcement, and audit.

01.

Shared tokens break per-user analytics

A shared token looks fine in a demo. In production every call looks like a service account. Scalekit resolves the real user credential so attribution, audit, and scope stay accurate.

// shared token
 audit → bot_service_account
 user_filter → broken

 // scalekit
 audit → user_abc
 scope → enforced ✓

02.

Authentication is not authorization

03.

Multi-tenancy is architectural

04.

Slack MCP today. Others tomorrow.

“Our agents act across Salesforce, Gong, Google Drive, and more, on behalf of every customer. Scalekit behind the scenes meant we can keep adding tools without ever rebuilding how credentials or tool calling work.”

Venu Madhav Kattagoni

Head of Engineering / Von

FAQs

Frequently Asked Questions

How does this differ from the existing Slack connector?

Slack MCP exposes the same Slack tools over the Model Context Protocol endpoint at mcp.scalekit.com/slackmcp. Use it when you want a single MCP URL across your agent stack instead of native SDK calls.

Does the agent post as the user or a bot?

As the user. Messages are attributed to the Slack member who authorized the agent. No shared bot identity.

Where is the Slack OAuth token stored?

In Scalekit's AES-256 vault, namespaced per tenant. Refresh is automatic. Tokens never appear in prompts or LLM context.

Can I prevent the agent from posting messages?

Yes. Use listScopedTools to allow read-only tools (read_channel, read_thread, search_public) without granting send_message or schedule_message.

What happens when a user revokes Slack access?

The connection is invalidated on the next tool call. Subsequent requests fail closed. Other workspace members remain unaffected.

Slack MCP

Tools your agent reaches for on Slack MCP, scoped per user.