Authentication and connecting
TTMSFNCCloudSlack works with a Slack workspace through the Slack Web API, so
each session begins with OAuth 2.0 authentication. You create a Slack app, give
the component its client ID and secret, declare the scopes your app needs, and it
runs the consent flow. After approval, the component holds the token that
authorizes reading users, listing conversations, and posting messages. This
chapter covers the credentials, scopes, token persistence, and connecting.
OAuth credentials
| Property | Purpose |
|---|---|
Authentication.ClientID |
The client ID from your Slack app configuration. |
Authentication.Secret |
The matching client secret. |
Authentication.CallBackURL |
The local redirect URI that receives the authorization code. |
Scopes
Slack is scope-driven: each kind of data needs an explicit scope, declared on the
Scopes list before connecting. Common scopes are users:read (read members),
channels:read (list channels), channels:history (read messages), chat:write
(post messages), and files:read (read attachments). Request only what the app
uses — the consent screen shows the user exactly these.
Token reuse across runs
Calling Connect the first time opens the system browser for the consent
screen. To avoid repeating that, persist the tokens: set PersistTokens.Location
to plIniFile and PersistTokens.Key to a writable file path, then call
LoadTokens before connecting.
Connecting
Wire OnConnected before calling Connect. Connect is asynchronous — it
returns immediately and raises OnConnected when authentication completes;
CurrentUserID and CurrentUserName are available there, so issue your first
requests from it.
procedure TForm1.SetupSlack;
begin
FSlack := TTMSFNCCloudSlack.Create(Self);
// OAuth 2.0 app credentials from your Slack app configuration.
FSlack.Authentication.ClientID := '<your-client-id>';
FSlack.Authentication.Secret := '<your-client-secret>';
FSlack.Authentication.CallBackURL := 'http://127.0.0.1:8888';
// Slack requires an explicit scope for each kind of data the app touches.
FSlack.Scopes.Clear;
FSlack.Scopes.Add('users:read');
FSlack.Scopes.Add('channels:read');
FSlack.Scopes.Add('channels:history');
FSlack.Scopes.Add('chat:write');
FSlack.PersistTokens.Location := plIniFile;
FSlack.PersistTokens.Key := TTMSFNCUtils.AddBackslash(TTMSFNCUtils.GetDocumentsPath)
+ FSlack.ClassName + '.ini';
FSlack.LoadTokens;
FSlack.OnConnected := SlackConnected;
FSlack.Connect; // opens the browser for consent on first run, then fires OnConnected
end;
procedure TForm1.SlackConnected(Sender: TObject);
begin
// CurrentUserID is available once connected.
FSlack.GetAllUsers;
FSlack.GetUserConversations(FSlack.CurrentUserID, 20);
end;
Pitfalls
- Declare scopes before connecting. A missing scope makes the matching request fail even though authentication succeeded.
- Request only after
OnConnected.Connectreturns before authentication finishes. - The callback URL must match the redirect URI registered in the Slack app.
See also
- Users and profiles — read members and their profiles.
- Conversations and messages — read and post messages.
- API reference — full class reference.