AI Tools Review
Moltbot Slack Setup: The Complete Enterprise Guide (2026)

Moltbot Slack Setup: The Complete Enterprise Guide (2026)

Jan 29, 2026

Slack is the operating system for modern work, and Moltbot brings truly agentic AI directly into your team's channels. Whether you're automating devops tasks, summarizing threads, or managing projects, the Slack integration offers deep visibility and control.

This guide covers everything from a simple Socket Mode setup for local testing to a production-grade HTTP Events API deployment for enterprise use.

Socket Mode vs. HTTP Mode

Socket Mode (Default) is easiest: it works behind firewalls without a public IP. Use this for personal bots or local testing.
HTTP Mode is faster and stateless: use this for server deployments where your Moltbot instance has a public HTTPS endpoint.

Quick Setup (Socket Mode)

Step 1: Create App

Go to api.slack.com/apps and create a new app "From Scratch".

Name it "Moltbot" and select your workspace.

Step 2: Enable Socket Mode

  • Navigate to Socket Mode in the sidebar and toggle it ON.
  • Go to Basic Information → App-Level Tokens.
  • Click "Generate Token and Scopes", add connections:write, and generate.
  • Copy the App Token (starts with xapp-...).

Step 3: Bot Token & Scopes

  • Go to OAuth & Permissions.
  • Add the required Bot Token Scopes (see manifest below).
  • Click "Install to Workspace" at the top.
  • Copy the Bot User OAuth Token (starts with xoxb-...).

Step 4: Configure Moltbot

Add the tokens to your configuration:

{
  "channels": {
    "slack": {
      "enabled": true,
      "appToken": "xapp-...",
      "botToken": "xoxb-..."
    }
  }
}

Alternatively, set SLACK_APP_TOKEN and SLACK_BOT_TOKEN env vars.

App Manifest & Scopes

The fastest way to configure your Slack app is to use the App Manifest (JSON). This ensures you have exactly the right permissions and event subscriptions.

How to use: In the Slack API dashboard, go to App Manifest, select "JSON", and paste the code below.

{
  "display_information": {
    "name": "Moltbot",
    "description": "Slack connector for Moltbot"
  },
  "features": {
    "bot_user": {
      "display_name": "Moltbot",
      "always_online": false
    },
    "app_home": {
      "messages_tab_enabled": true,
      "messages_tab_read_only_enabled": false
    },
    "slash_commands": [
      {
        "command": "/clawd",
        "description": "Send a message to Moltbot",
        "should_escape": false
      }
    ]
  },
  "oauth_config": {
    "scopes": {
      "bot": [
        "chat:write",
        "channels:history", "channels:read",
        "groups:history", "groups:read", "groups:write",
        "im:history", "im:read", "im:write",
        "mpim:history", "mpim:read", "mpim:write",
        "users:read",
        "app_mentions:read",
        "reactions:read", "reactions:write",
        "pins:read", "pins:write",
        "emoji:read",
        "commands",
        "files:read", "files:write"
      ]
    }
  },
  "settings": {
    "socket_mode_enabled": true,
    "event_subscriptions": {
      "bot_events": [
        "app_mention",
        "message.channels",
        "message.groups",
        "message.im",
        "message.mpim",
        "reaction_added", "reaction_removed",
        "member_joined_channel", "member_left_channel",
        "channel_rename",
        "pin_added", "pin_removed"
      ]
    }
  }
}

User Tokens (Optional)

Moltbot can optionally use a User Token (xoxp-...) to perform actions "as you" or to access data that bots can't see (like detailed search results or member profiles).

Token Privacy & Read-Only Mode

By default, the user token is Read-Only. Moltbot prefers the Bot Token for all write actions (sending messages, pinning) unless explicitly configured otherwise.

{
  "channels": {
    "slack": {
      "enabled": true,
      "appToken": "xapp-...",
      "botToken": "xoxb-...",
      "userToken": "xoxp-...",
      "userTokenReadOnly": false // Set true to allow writing as user
    }
  }
}

HTTP Mode (Events API)

For production deployments where you have a public HTTPS endpoint, HTTP Mode is more robust than Socket Mode.

Setup Steps

  1. Disable Socket Mode in your Slack App settings.
  2. Copy the Signing Secret from "Basic Information".
  3. Configure Moltbot with the correct mode and webhook path:
    {
      "channels": {
        "slack": {
          "enabled": true,
          "mode": "http",
          "botToken": "xoxb-...",
          "signingSecret": "your-signing-secret",
          "webhookPath": "/slack/events"
        }
      }
    }
  4. In Slack Event Subscriptions, set Request URL to: https://your-bot.com/slack/events.
  5. Using the same URL for Interactivity & Shortcuts and Slash Commands.

Threading & Direct Messages

Moltbot supports sophisticated threading strategies to keep your channels clean.

ModeBehavior
offReply in the main channel (default). Only threads if the trigger was already in a thread.
firstFirst reply starts a thread; subsequent replies stay in the main channel. Good balance of context and visibility.
allEvery reply goes into a thread. Keeps the main channel very clean.

Per-Channel-Type Strategy

You can configure different behaviors for DMs vs Channels. For example, always thread in DMs but keep channels flat:

{
  "channels": {
    "slack": {
      "replyToMode": "off",        // Default for public channels
      "replyToModeByChatType": {
        "direct": "all",           // Thread every DM response
        "group": "first"           // Thread first response in group DMs
      }
    }
  }
}

Next Steps

Once your Slack bot is running, try these advanced configurations:

  • Set Group Policies to restrict which channels the bot can join.
  • Configure Slash Commands for custom tool triggers.
  • Enable Reaction Notifications to trigger skills via emoji.

Frequently Asked Questions

How do I deploy to an Enterprise Grid?
For Enterprise Grid, install the app to the Org level and then add it to specific workspaces. You may need to use Admin scopes or multiple bot tokens if you are segmenting data strictly.
Can Moltbot trigger on other bots' messages?
By default, no. You can enable this by setting allowBots: true in the channel config, but be careful, this can create infinite reply loops if two bots start talking to each other.
How secure are the tokens?
Treat xoxb and xoxp tokens like passwords. If leaked, an attacker can access your workspace. We recommend using environment variables (SLACK_BOT_TOKEN) rather than hardcoding them in config files.
AI Tools Review Editorial Team

AI Tools Review Editorial Team Expert Verified

Our editorial team consists of veteran AI researchers, software engineers, and industry analysts. We spend hundreds of hours benchmarking frontier models natively to provide you with objective, actionable intelligence on agentic AI capabilities and cybersecurity landscapes.