Connect Slack to wdid
Private beta uses a Slack app you create (or reuse) for your workspace. wdid opens your browser, completes OAuth on a fixed loopback URL, and stores the user access token encrypted on your Mac. Manual paste of a user token is not supported in the desktop UI.
1. Create a Slack app
- Open api.slack.com/apps and create an app (from scratch is fine).
- Choose the workspace you want wdid to read from. You may need a workspace admin to approve the install later.
- Do not reuse the applib.dev DevInbox Slack app. wdid needs its own app and scopes.
2. Add the redirect URL
Under OAuth & Permissions, add this Redirect URL exactly (Slack does not allow arbitrary localhost ports):
http://127.0.0.1:19847/oauth2callback
3. Add user token scopes
Under User Token Scopes (not Bot Token Scopes), add:
| Scope | Why |
|---|---|
search:read | Search your messages (search.messages) |
users:read | Resolve usernames for evidence labels |
channels:history | Public channel thread and nearby context |
groups:history | Private channel thread and nearby context |
im:history | Direct message thread and nearby context |
mpim:history | Multi-party direct message thread and nearby context |
Minimum for search-only: search:read and users:read. History scopes are required for thread context.
4. Install into the workspace
- Click Install to Workspace (or reinstall after changing scopes).
- Approve the permissions for your account. Many workspaces require an admin to approve search or history scopes.
5. Copy Client ID and Client Secret
From Basic Information → App Credentials, copy the Client ID and Client Secret. You will paste both into wdid.
6. Connect from wdid
- Open wdid → Sources (or the Slack onboarding step).
- Save the Client ID and Client Secret.
- Click Connect Slack. Your browser opens; authorize the app.
- wdid stores the user token encrypted on this Mac and fills your Slack user ID automatically. Prefer leaving token rotation off on the Slack app until refresh support ships; if rotation is on, reconnect when the access token expires.
Token rules
- User tokens only (
xoxp-…or rotatedxoxe.xoxp-…). Bot tokens (xoxb-) are rejected. - The connected token must belong to the Slack user ID configured on the source.
Distribution and privacy
If you later distribute a first-party Slack app beyond one workspace, Slack review expects a privacy policy URL. Use applib.dev/wdid/privacy. Dogfood and private beta can stay on a workspace-local app without App Directory listing.