Skip to main content Link Menu Expand (external link) Document Search Copy Copied
slack-ruby-client

Verifying the Request Signature

Slack signs its requests using a secret that’s unique to your app. Verify incoming HTTP requests as follows.

slack_request = Slack::Events::Request.new(http_request)
slack_request.verify!

To specify secrets on a per-request basis:

Slack::Events::Request.new(http_request,
                           signing_secret: signing_secret,
                           signature_expires_in: signature_expires_in)

The verify! call may raise Slack::Events::Request::MissingSigningSecret, Slack::Events::Request::InvalidSignature or Slack::Events::Request::TimestampExpired errors.