Slack Social OIDC Connection

Single Sign-On
Sep 10, 2025
Overview

Recently deprecated identity.* user scopes were removed from the Slack Application. That caused the inability to use Slack OAuth-based social connections.  This article will explain how to use Auth0 connection for new(er) SIWS flows.

Applies To
  • Slack
Solution
A new custom Social OIDC connection should be created using endpoints shown in the Slack .well-known endpoint here: https://slack.com/.well-known/openid-configuration

The Fetch User Profile Script that currently works (but only maps 'email' and 'user_id' fields, it can be extended by referring to the userinfo() endpoint documentation from Slack: https://api.slack.com/methods/openid.connect.userInfo ) is below: 
function(accessToken, ctx, cb) {
request.get(
    {
      url: 'https://slack.com/api/openid.connect.userInfo',
      headers: {
        'Authorization': 'Bearer ' + accessToken,
      }
    },
    (err, resp, body) => {
      if (err) {
        return cb(err);
      }
      if (resp.statusCode !== 200) {
        return cb(new Error(body));
      }
      let bodyParsed;
      try {
        bodyParsed = JSON.parse(body);
      } catch (jsonError) {
        return cb(new Error(body));
      }
      const profile = {
        user_id: bodyParsed["https://slack.com/user_id"],
        email: bodyParsed.email
      };
      cb(null, profile);
    }
  );
  }

Recommended content

No recommended content found...
Need more help? Visit the Community
Visit the Auth0 Community