What's Changed
Slack has introduced optional OAuth scopes, a new feature that improves user control over app permissions. Developers can now designate scopes as optional during app configuration, reducing friction in the installation process while maintaining security.
Configuration & Implementation
- Mark scopes as optional directly from the app settings page or via your app manifest
- Two new app manifest fields are now available:
bot_optional: For optional bot token scopesuser_optional: For optional user token scopes
- These fields are supported under
oauth_config.scopesin your app manifest
User Experience Improvements
During OAuth installation, optional scopes are now presented separately from required scopes, giving users explicit control over which permissions to grant. Users can proceed with app installation without granting optional permissions, improving installation conversion rates.
Workspace admins gain additional control by being able to pre-approve which optional scopes are available to their users when approving apps for their workspace.
Recommended Use Case
If your app uses scopes that aren't strictly required for core functionality—such as analytics or enhanced features—consider marking them as optional. This approach can improve installation rates while giving users transparency and control over data access.
For implementation details, see the OAuth installation guide and app manifest reference.