As part of our continued commitment to security, transparency, and better integration experiences, Zenduty is updating its Slack integration from OAuth 1.0 to OAuth 2.0.

This update ensures our users benefit from the latest in security standards, granular permission control, and a more stable connection between Zenduty and Slack.

Understanding the Shift: OAuth 1.0 vs OAuth 2.0

At its core, both OAuth versions serve the same purpose—allowing applications like Zenduty to connect to Slack securely without sharing your login credentials.

However, OAuth 2.0 introduces a more robust, flexible, and secure framework for authorization.

Aspect

OAuth 1.0

OAuth 2.0

Token Type

Uses access tokens with shared secrets

Uses short-lived access tokens and refresh tokens for improved security

Authorization Flow

More complex, based on signing requests

Simpler, standardized flows with better developer and user experience

Scope Management

Limited granularity

Fine-grained scopes that define specific permissions

Security

Relies on cryptographic signatures

Emphasizes HTTPS and token expiration for protection

In short, OAuth 2.0 gives you more control, transparency, and resilience—making your Slack–Zenduty integration safer and easier to manage.

What’s Changing from the Zenduty Side

We’ve revised our Slack app’s permissions to align with the new OAuth 2.0 scopes. This ensures the integration continues to deliver the same seamless functionality while complying with Slack’s latest requirements.

🧩 Old OAuth 1.0 Scopes:

bot, commands, channels:write, users:read
bot, commands, groups:write, channels:write, users:read

🔒 New OAuth 2.0 Scopes:

app_mentions:read
channels:history
channels:join
channels:manage
channels:read
chat:write
commands
groups:history
groups:read
im:history
im:read
team:read
users:read
users:read.email
users:write

Key Improvements:

  • Granular Access Control: Only the permissions strictly needed for Zenduty to function are granted.
  • Enhanced User Privacy: Clearer visibility into what data Zenduty accesses and why.
  • Improved Reliability: OAuth 2.0 ensures tokens can be refreshed automatically, reducing disconnects or broken integrations.
  • Future Compatibility: This migration aligns Zenduty with Slack’s current and future security standards.

What You Need to Do

If you’re already using the Slack integration in Zenduty, you’ll simply need to reconnect Slack using the new Global Connector. This ensures that your workspace uses the updated OAuth 2.0 flow.

You can follow our detailed guide here: 👉 Connecting Using the Global Connector for Slack

If you’re not currently using the Global Connector, we strongly recommend configuring a single Global Connector and using it across all outgoing integrations. This centralizes your Slack authorization, simplifies management, and ensures consistent access control for all your Zenduty workflows.

Looking Ahead

This migration is part of Zenduty’s broader mission to provide secure, reliable, and future-ready integrations for modern engineering teams. OAuth 2.0 not only strengthens your security posture but also enables us to deliver more advanced Slack functionality in the future — with less configuration and more control for you.

In Summary

  • Zenduty is moving from Slack OAuth 1.0 to OAuth 2.0.
  • The change enhances security, control, and reliability.
  • Users will need to reconnect Slack once to activate the new permissions.
  • We recommend using a single Global Connector for all Slack integrations.
  • Updated documentation is available in our Slack Integration Guide.
Nidhi

Nidhi

Product Manager at Zenduty