feat: add slack api command

[mwbrooks]

Changelog

Added slack api <method> [key=value ...] [flags] command for calling any Slack API method directly from the Slack CLI.

Examples:

• slack api chat.postMessage channel=C123 text="hi"
• slack api chat.postMessage '{"channel":"C123","text":"hi"}'

Summary

Adds a new top-level slack api command that lets users call any Slack API method without leaving the terminal.

Key features:

• Token resolution
  1. --token flag
  2. --app flag
  3. SLACK_BOT_TOKEN env var
  4. SLACK_USER_TOKEN env var
  5. App Prompt (only in project)
• Body Format Auto-detection:
  • Form-Encoded: slack api chat.postMessage channel=C123 text="hi"
  • JSON: slack api chat.postMessage '{"channel":"C123","text":"hi"}'
• Body Format Flags: --json <string> and --data <string>
  • Form-Encoded: slack api chat.postMessage --data 'channel=C123 text="hi"'
  • JSON: slack api chat.postMessage --json '{"channel":"C123","text":"hi"}'
• HTTP Options Flags
  • Method override (-X)
  • Custom headers (-H)
  • Show Response headers (--include)
• Output formatting
  • Pretty-printed JSON in TTY
  • Compact for piped output / scripting
• Retry support
  • Automatic retry on 429/503 with Retry-After

Open Questions

• I originally had support for a team prompt, but removed it because it uses our Slack CLI tooling token, which has limited scope access. Sounds good?

Preview

$ slack api auth.test --token xoxb-...
{
    "ok": true,
    "url": "https://myworkspace.slack.com/",
    "team": "My Workspace",
    "user": "bot",
    "team_id": "T12345",
    "user_id": "U12345"
}

Post Message as Form Data (with app selection prompt):

2026-05-10-slack-cli-api-1.mov

Post Message as JSON (with app selection prompt):

2026-05-10-slack-cli-api-2.mov

Post Message with Custom Token --token:

2026-05-10-slack-cli-api-3.mov

JSON Responses are Pretty-Printed in TTY:

2026-05-10-slack-cli-api-5.mov

JSON Responses are Condense in Scripting/Non-TTY:

2026-05-10-slack-cli-api-4.mov

--include All Response Headers:

2026-05-10-slack-cli-api-6.mov

Testing

• slack api --help - shows correct token priority and examples
• slack api auth.test --token xoxb-... - returns auth info
• slack api auth.test --app local - installs app and uses bot token (in project)
• SLACK_BOT_TOKEN=xoxb-... slack api auth.test - uses env var (outside project)
• slack api auth.test - prompts interactively when no flags/env set (in project)
• slack api chat.postMessage channel=C123 text="hi" - sends form-encoded body
• slack api chat.postMessage '{"channel":"C123","text":"hi"}' - auto-detects JSON
• slack api auth.test --include - shows HTTP status and response headers
• slack api auth.test --token xoxb... | cat - outputs compact JSON (non-TTY)
• go test ./cmd/api/... ./internal/api/... - all unit tests pass

Requirements

• I've read and understood the Contributing Guidelines and have done my best effort to follow them.
• I've read and agree to the Code of Conduct.

[codecov]

Codecov Report

❌ Patch coverage is 81.78138% with 45 lines in your changes missing coverage. Please review.
✅ Project coverage is 71.57%. Comparing base (251a341) to head (ee76fd7).
⚠️ Report is 1 commits behind head on main.

Files with missing lines	Patch %	Lines
cmd/api/api.go	86.24%	14 Missing and 12 partials ⚠️
internal/api/raw_request.go	66.66%	11 Missing and 8 partials ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #538      +/-   ##
==========================================
+ Coverage   71.32%   71.57%   +0.25%     
==========================================
  Files         222      224       +2     
  Lines       18714    18961     +247     
==========================================
+ Hits        13347    13571     +224     
- Misses       4187     4191       +4     
- Partials     1180     1199      +19     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[srtaalej]

This is looking great! ⭐ thanks for adding the test commands in the description 🫂
the command is working great except

lack api auth.test | cat

the test implies there should be JSON output but slack api auth.test is an interactive prompt so it errors out instead. perhaps we update the pr description? the command should be
lack api auth.test --token xoxb-... | cat
lack api auth.test --app A... | cat
right?

[srtaalej]

qq: does this cover retries on both 429 and 503 returns 🤔

[mwbrooks]

Good catch! This test only covered 429. Commit 12630c8 adds a new test to explicitly cover the 503 case as well. 🙇🏻

[srtaalej]

left 2 testing-related comments/ questions but this is working great ! ⭐ ⭐ ⭐ such a handy command

[zimeg]

@mwbrooks Top tier PR! Incredible! 🏆 ✨

I'm eager to approve this with good findings in tests. But a few comments follow around token selection and outputs. I understand we have planned follow up but also want to suggest a workaround without tokens for the api.test method if that's not needed?

So excited to find these changes! 🎁

[zimeg]

🏁 praise: Amazing find! I didn't know about this option!

[mwbrooks]

Yea, I think we could use this in a few other commands to clean up some resolution logic. 👌🏻

[zimeg]

🦠 issue: We might want to check environment variables before prompting? I find this can be blocking from a project:

$ SLACK_BOT_TOKEN="xoxb" slack api chat.postMessage
┃ Select an app
┃ ❱ A0B3AEPJUAH devrelsandbox T038J6TH5PF

{
    "ok": false,
    "error": "invalid_auth"
}

[mwbrooks]

Fantastic catch @zimeg! 🙇🏻 Commit 6891a56 fixes the resolution order and adds a test to check the order.

# Inside a project
$ SLACK_BOT_TOKEN="xoxb..." slack api auth.test

[zimeg]

Suggested change

	}
	}
	if err != nil {
	return "", err
	}

🗣️ issue: To catch interrupts if the suggestion adjacent seems right?

[zimeg]

👾 ramble: This might also guard against unknown --app flag?

[mwbrooks]

Very good find @zimeg! I'm glad we caught this before shipping it 🙇🏻 Commit ab3a387 adds a variation of your suggestion and test coverage.

[zimeg]

🎨 quibble: I forgot how newlines are formatted but we might prefer outputs through IO with:

clients.IO.PrintInfo

Although I forget if that appends to debug logs or not...

[mwbrooks]

Thanks for thinking of this. I looked into it and clients.IO.PrintInfo unfortunately has a lot of overhead - it adds a newline which makes non-TTY formatting a little less parsable and it adds tracing overhead but we don't want these responses in our logs.

I think we'll keep it as-is. But ultimately, we should really offer a cleaner, simpler client.IO print that doesn't do so much.

[zimeg]

🧮 suggestion: Let's sort the request and response headers of this more verbose output! I'm finding these change each time and I think that's a go internal...

[mwbrooks]

praise: Great catch @zimeg! 🙇🏻 The headers are now sorted and we have a test 🔠 🧪 Commit ad581a7.

[zimeg]

🧪 quibble: I understand these cases cover different expectations but I'm curious if we can use table tests to share setup between most?

[mwbrooks]

Very fair point and thanks for noticing. I've consolidated the body format tests in commit e69776c. However, I don't think we want to use table tests for the other areas - there isn't enough overlap and it becomes quite messy to read. This is a big improvement though! 🙇🏻

[mwbrooks]

Thanks for the reviews @srtaalej and @zimeg! Solid feedback from both of you 🙇🏻 I've followed up on everything and will merge the PR now. 🚀

[zimeg]