- App install scopes are granted to the workspace-installed Slack app
- User OAuth scopes are granted only when a user explicitly connects their Slack account for actor-scoped behavior
- Slack sign-in scopes are used for web authentication and session bootstrap
App install scope categories
User OAuth scopes
User OAuth scopes are the explicit “act as you” path. They are useful when CodeRabbit Agent needs user-scoped behavior that should not be performed broadly with the bot token alone.Slack sign-in scopes
Slack sign-in scopes are only for identity and session establishment.Notes
- App install scopes are the baseline workspace permissions.
- User OAuth scopes are an explicit escalation path, not the default for every interaction.
- Slack sign-in scopes are used for identity, not for general bot runtime behavior.
- Slack’s permission wording can be broader than the exact operation used in one specific workflow.
What’s next
Admin roles and security
See how Slack admin status and CodeRabbit roles map to workspace permissions.
Quickstart
Walk through the setup flow that triggers these permission grants for the first time.
Connections
Learn how OAuth and API key credentials are managed for external service access.