Extract your Slack XOXC and XOXD tokens easily using browser extensions or Python automation.
Slack's official API requires workspace admin approval for most useful scopes. These tokens let you access Slack programmatically using your own user permissions — no admin approval needed.
Common use cases:
- Use with slack-mcp-server for AI assistant integration
- Personal automation scripts
- Backup your own messages
- Research and analysis
| Method | Best For | Requires |
|---|---|---|
| Playwright | Automation, CI/CD | Python 3.8+ |
| Selenium | Legacy setups | Python 3.8+, chromedriver |
| Chrome Extension | Quick one-time extraction | Chrome browser |
| Firefox Add-on | Quick one-time extraction | Firefox browser |
See chrome/README.md for full instructions.
Quick Start:
- Go to
chrome://extensionsin Chrome - Enable Developer mode
- Click "Load unpacked" and select the
chromedirectory - Visit your Slack workspace and click the extension icon to view your tokens
See firefox/README.md for full instructions.
Quick Start:
- Go to
about:debugging#/runtime/this-firefoxin Firefox - Click "Load Temporary Add-on..." and select the
manifest.jsonfile in thefirefoxdirectory - Visit your Slack workspace and click the extension icon to view your tokens
Extract tokens using Python + Selenium. Useful if you already have Selenium set up.
- Python 3.8+
- Selenium
- chromedriver or geckodriver
pip install selenium
python chrome.py # For Chrome
python firefox.py # For FirefoxThe script will open a browser window. Log in to Slack if prompted, then follow the terminal instructions.
Modern alternative to Selenium with better performance, reliability, and no external driver required.
- Python 3.8+
pip install playwright
playwright install chromiumInteractive mode (opens browser window):
python playwright_extract.pyHeadless mode (reuses existing session):
python playwright_extract.py --headlessSpecific workspace:
python playwright_extract.py --workspace https://mycompany.slack.comCustom output file:
python playwright_extract.py --output ~/.config/slack/tokens.env- Persistent profile: Log in once, reuse session for future extractions
- Headless support: Run without GUI after initial login
- Multiple workspaces: Extract from any workspace you have access to
- Secure output: Tokens saved with
600permissions
--workspace, -w Slack workspace URL (default: app.slack.com)
--headless Run without browser window (needs prior login)
--output, -o Output file path (default: .slack_tokens.env)
--profile-dir Browser profile directory for session persistence
--no-save Don't prompt to save tokens
The extracted tokens work directly with slack-mcp-server:
export SLACK_MCP_XOXC_TOKEN="xoxc-..."
export SLACK_MCP_XOXD_TOKEN="xoxd-..."Or source the generated .env file:
source .slack_tokens.envcurl -H "Authorization: Bearer $SLACK_MCP_XOXC_TOKEN" \
-H "Cookie: d=$SLACK_MCP_XOXD_TOKEN" \
"https://slack.com/api/conversations.list"- Tokens remain valid as long as your browser session is active
- Typically lasts weeks to months with regular Slack usage
- Invalidated by: logging out, password change, or admin session revocation
- Re-run the extractor when tokens expire
- Tokens are stored locally only and never transmitted anywhere
- Output files are created with
600permissions (owner read/write only) - Never share your tokens — they provide full access to your Slack account
- Never commit tokens to git — add
.slack_tokens.envto.gitignore
"Could not find XOXC token"
- Make sure you're fully logged into Slack
- Wait for the workspace to fully load before pressing Enter
- Try a different extraction method
"Not logged in and running in headless mode"
- Run once without
--headlessto log in - Your session will be saved for future headless runs
Tokens stopped working
- Your session expired — re-run the extractor
- Check if you were logged out of Slack
Special thanks to @korotovsky for the excellent slack-mcp-server. The clear documentation made it much easier to understand and work with Slack tokens.
MIT