Give Your AI Agent Slack Access Without Building an App

Published: 2026-02-12 02:18

AI coding assistants are getting good at more than just writing code. Tools like OpenClaw, Claude Code, and Aider can read files, run commands, and interact with APIs. So naturally, you might want your AI to help triage Slack messages, summarize threads, or draft responses.

The official way to connect anything to Slack is building an app — OAuth flows, permission scopes, admin approval. That's fine for production integrations, but overkill when you just want your local AI assistant to read your own messages.

There's a simpler path. Your browser already authenticates with Slack's API. You can borrow those credentials and hand them to your agent.

What This Enables

With browser-extracted credentials, your AI agent can:

Same access you have in the Slack web app, now available to your agent via API calls.

Extract Your Credentials

Open Slack in your browser at app.slack.com and open DevTools (F12).

Get your user token

In the Console tab, run:

JSON.parse(localStorage.localConfig_v2).teams[Object.keys(JSON.parse(localStorage.localConfig_v2).teams)[0]].token

Copy the token — it starts with xoxc-.

Get your session cookie

Go to Application tab → Cookies → https://app.slack.com and find the cookie named d. Copy its value.

These two values are your API credentials. Treat them like passwords.

Store Them Securely

Don't paste these into your agent's config file or anywhere they might end up in version control. Use a secrets manager.

I use Doppler:

doppler secrets set SLACK_USER_TOKEN="xoxc-..."
doppler secrets set SLACK_D_COOKIE="xHYB..."

Your agent can then pull them at runtime:

TOKEN=$(doppler secrets get SLACK_USER_TOKEN --plain)
COOKIE=$(doppler secrets get SLACK_D_COOKIE --plain)

Environment variables, 1Password CLI, or any other secrets manager work too — just keep them out of plaintext files.

Teaching Your Agent to Use Them

Most AI coding agents can run shell commands. Give them a simple pattern:

curl -s "https://slack.com/api/conversations.history?channel=CHANNEL_ID&limit=20" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Cookie: d=$COOKIE" | jq '.messages'

From there, the agent can:

I use this setup with OpenClaw to triage my team's support channel each morning. The agent pulls recent threads, categorizes them by urgency, and tells me what actually needs my attention versus what can wait.

API Examples for Your Agent

List channels

curl -s "https://slack.com/api/conversations.list?types=public_channel,private_channel&limit=100" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Cookie: d=$COOKIE" | jq '.channels[] | {id, name}'

Read thread replies

curl -s "https://slack.com/api/conversations.replies?channel=CHANNEL_ID&ts=THREAD_TS" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Cookie: d=$COOKIE" | jq '.messages'

Send a message

curl -s "https://slack.com/api/chat.postMessage" \
  -H "Authorization: Bearer $TOKEN" \
  -H "Cookie: d=$COOKIE" \
  -H "Content-Type: application/json" \
  -d '{"channel": "CHANNEL_ID", "text": "Your message here"}' | jq '{ok, ts}'

When Tokens Expire

These credentials are tied to your browser session. They'll stop working if you:

When your agent starts getting auth errors, just repeat the extraction steps and update your secrets manager.

Why Not Build a Real App?

If you're shipping a product or need other people to authorize their own accounts, build an app. But for personal AI tooling that only touches your own Slack account, this approach is simpler — no app review, no admin approval, no OAuth refresh logic to maintain.

Your AI agent becomes another way you interact with Slack, using credentials you already have.

Happy coding, J.R.