Menu
What's the difference between Slack bot and app tokens, not in terms who and how they are given to (I really don't care) but in terms of their respective usage power. On OAuth and Permission page they can be given equal permissions/scope - so which one should I use? Also, when I post a message with a bot token it appears to be from the "app" and when I use an "app/user token" - it comes from the app bot, is that how it's supposed to be?
559
asked Nov 01 '25 08:11
On the "OAuth and Permissions" page, as you said, there are two tokens. Bot User token and OAuth User. One starts with "xoxb-"; the other one starts with "xoxp-".
The main difference on them is the abilities they have.
If I give to both tokens the scope chat:write and then use them on the API chat.postMessage, there's a difference. Bot tokens will post the message as the app, and you will see the message in the app's home tab.
Instead, if you use the OAuth access token, the app will impersonate you (meaning another users won't be able to tell the difference between you and the app). This token also needs to be authorized by the user in question, otherwise you won't be able to use it
150
answered Nov 04 '25 09:11
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With