Moving from Slack OAuth 1.0 to OAuth 2.0: What’s Changing and Why It Matters
As part of our continued commitment to security, transparency, and better integration experiences, Xurrent IMR is updating its Slack integration from OAuth 1.0 to OAuth 2.0.
This update ensures our users benefit from the latest in security standards, granular permission control, and a more stable connection between Xurrent IMR and Slack.
Understanding the Shift: OAuth 1.0 vs OAuth 2.0
At its core, both OAuth versions serve the same purpose—allowing applications like Xurrent IMR to connect to Slack securely without sharing your login credentials.
However, OAuth 2.0 introduces a more robust, flexible, and secure framework for authorization.
In short, OAuth 2.0 gives you more control, transparency, and resilience—making your Slack–Xurrent IMR integration safer and easier to manage.
What’s Changing from the Xurrent IMR Side
We’ve revised our Slack app’s permissions to align with the new OAuth 2.0 scopes. This ensures the integration continues to deliver the same seamless functionality while complying with Slack’s latest requirements.
🧩 Old OAuth 1.0 Scopes:
bot, commands, channels:write, users:read
bot, commands, groups:write, channels:write, users:read
🔒 New OAuth 2.0 Scopes:
app_mentions:read
channels:history
channels:join
channels:manage
channels:read
chat:write
commands
groups:history
groups:read
im:history
im:read
team:read
users:read
users:read.email
users:write
Key Improvements:
- Granular Access Control: Only the permissions strictly needed for Xurrent IMR to function are granted.
- Enhanced User Privacy: Clearer visibility into what data Xurrent IMR accesses and why.
- Improved Reliability: OAuth 2.0 ensures tokens can be refreshed automatically, reducing disconnects or broken integrations.
- Future Compatibility: This migration aligns Xurrent IMR with Slack’s current and future security standards.
What You Need to Do
If you’re already using the Slack integration in Xurrent IMR, you’ll simply need to reconnect Slack using the new Global Connector. This ensures that your workspace uses the updated OAuth 2.0 flow.
You can follow our detailed guide here: 👉 Connecting Using the Global Connector for Slack
If you’re not currently using the Global Connector, we strongly recommend configuring a single Global Connector and using it across all outgoing integrations. This centralizes your Slack authorization, simplifies management, and ensures consistent access control for all your Xurrent IMR workflows.
Looking Ahead
This migration is part of Xurrent IMR’s broader mission to provide secure, reliable, and future-ready integrations for modern engineering teams. OAuth 2.0 not only strengthens your security posture but also enables us to deliver more advanced Slack functionality in the future — with less configuration and more control for you.
In Summary
- Xurrent IMR is moving from Slack OAuth 1.0 to OAuth 2.0.
- The change enhances security, control, and reliability.
- Users will need to reconnect Slack once to activate the new permissions.
- We recommend using a single Global Connector for all Slack integrations.
- Updated documentation is available in our Slack Integration Guide.
Xurrent named a Market Leader in Research In Action’s Vendor Selection Matrix™ for IT & Enterprise Service Management Solutions
Xurrent earns #1 rankings in customer satisfaction, price vs value, and recommendation index in Research In Action's global ITSM/ESM Vendor Selection Matrix report.
