Skip to main content

Slack User Token

Description#

General#

  • Documentation: https://api.slack.com
  • Summary: Slack is a business communication platform. It offers chat rooms in the form of channels organized by topics as well as private groups and direct messaging. Users can create Slack applications to automate some actions in workspaces. Slack allows these applications to act directly on behalf of users in the communication channels by providing the applications with a user token after an OAuth2 authorization flow. This detector focuses on catching these Slack user tokens. GitGuardian also detects application keys.
  • IPs allowlist: Slack's internal integrations support IPs allowlisting and will limit a token's usage to a given set of IP addresses if enforced. See allowlisting documentation for more details.
  • Scopes: User tokens represent the same access a user has to a workspace : the channels, conversations, users, reactions, etc. they can see.

Revoke the secret#

Tokens can be revoked using the auth.revoke api route. It is one of the few credentials that has this "auto revoke" feature. See revocation documentation for more details.

Check for suspicious activity#

Monitoring suspicious activity of a given token is not mentioned in Slack's documentation.

Details for Slackusertoken#

  • Category: Messaging system

  • Company: Slack

  • High recall: True

  • Validity check available: False

  • Minimum number of matches: 1

  • Occurrences found for one million commits: 3.45

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - xox[ps]-

Examples#

- text: >    token = "xoxp-41684372915-1320496754-45609968301-e708ba56e1517a99f6b5fb07349476ef"  apikey: xoxp-41684372915-1320496754-45609968301-e708ba56e1517a99f6b5fb07349476ef- text: >    slack_old_token = "xoxs-416843729158-132049654-5609968301-e708ba56e1"  apikey: xoxs-416843729158-132049654-5609968301-e708ba56e1