Slack integration for AI agents.
Let your AI agents work in Slack — send and read messages, manage channels, and search conversations — through a brokered, audited connection. Open Connector runs the OAuth, seals the token in an encrypted vault, and serves Slack tools to your agent over MCP or a typed API — credentials injected server-side, every call audited, nothing leaving your infrastructure. Open source (AGPL-3.0) and self-hostable.
Real Slack actions, brokered and audited.
Your user connects Slack once; your agent can then send and read messages, manage channels, and search conversations — scoped to the OAuth permissions you grant and the tool allowlist you configure. Every action is least-privilege and written to a tamper-evident audit trail.
- 1
Your user grants Slack access once (OAuth) — the token lands in the vault.
- 2
Your agent calls a tool over MCP or the typed API; Open Connector injects the credential server-side.
- 3
Every brokered call appends a hash-chained audit record — nothing leaves your infra.
Slack integration, answered
- How do AI agents use Slack through Open Connector?
- Your user connects Slack once (OAuth). Open Connector stores the token in an encrypted vault and exposes Slack tools to your agent over MCP or a typed API, injecting the credential server-side on each call — so the agent never sees a raw Slack token, and every action is audited.
- Is this a Slack MCP server?
- Yes. Open Connector can serve Slack as a named MCP server with a scoped tool allowlist and a per-user mcp_url, so any MCP client connects and calls Slack tools with credentials brokered server-side.
- Where do Slack OAuth tokens live?
- In your own infrastructure. Self-host Open Connector and the Slack token is sealed in an AES-256-GCM vault in your Postgres, injected at call time — it never leaves your environment.
Give your agents Slack — keep the keys.
Open source, self-hostable, with Slack credentials that never leave your infrastructure. Run it from source today.