Add information for Slack signing secret (#3436)

Co-authored-by: Justin Ellingwood <justin@n8n.io>
2026-03-27 09:28:43 +07:00 · 2025-08-06 11:22:30 +01:00
parent 51bd634016
commit 3a9b8eb4d0
3 changed files with 17 additions and 4 deletions
--- a/.prettierignore
+++ b/.prettierignore
@@ -0,0 +1 @@
+**/*.md
--- a/docs/integrations/builtin/credentials/slack.md
+++ b/docs/integrations/builtin/credentials/slack.md
@@ -52,9 +52,10 @@ Refer to the Slack API [Quickstart](https://api.slack.com/quickstart) for more i

 To use your Slack app with the [Slack Trigger](/integrations/builtin/trigger-nodes/n8n-nodes-base.slacktrigger.md) node:

-1. Go to **Features** > **Event Subscriptions**.
-2. Turn on the **Enable Events** control.
-3. In n8n, copy the **Webhook URL** and enter it as the **Request URL** in your Slack app.
+1. Go to [Your Apps](https://api.slack.com/apps/) in Slack and select the app you want to use.
+2. Go to **Features** > **Event Subscriptions**.
+3. Turn on the **Enable Events** control.
+4. In n8n, copy the **Webhook URL** and enter it as the **Request URL** in your Slack app.

    ///  note  | Request URL
    Slack only allows one request URL per app. If you want to test your workflow, you'll need to do one of the following:
@@ -63,11 +64,18 @@ To use your Slack app with the [Slack Trigger](/integrations/builtin/trigger-nod
    - Use the **Production URL** with execution logging.
    ///

-4. Once verified, select the bot events to subscribe to. Use the **Trigger on** field in n8n to filter these requests. 
+5. Once verified, select the bot events to subscribe to. Use the **Trigger on** field in n8n to filter these requests. 
    - To use an event not in the list, add it as a bot event and select **Any Event** in the n8n node.

 Refer to [Quickstart | Configuring the app for event listening](https://api.slack.com/quickstart#listening) for more information.

+n8n recommends enabling request signature verification for your Slack Trigger for additional security:
+
+1. Go to [Your Apps](https://api.slack.com/apps/) in Slack and select the app you want to use.
+2. Go to **Settings** > **Basic Information**.
+3. Copy the value of **Signing**.
+4. In n8n, Paste this value into the **Signature Secret** field for the credential.
+
 ## Using OAuth2

 --8<-- "_snippets/integrations/builtin/credentials/cloud-oauth-button.md"
--- a/docs/integrations/builtin/trigger-nodes/n8n-nodes-base.slacktrigger.md
+++ b/docs/integrations/builtin/trigger-nodes/n8n-nodes-base.slacktrigger.md
@@ -69,6 +69,10 @@ You must add the appropriate scopes to your Slack app for this trigger node to w

 The node requires scopes for the [conversations.list](https://api.slack.com/methods/conversations.list) and [users.list](https://api.slack.com/methods/users.list) methods at minimum. Check out the [Scopes | Slack credentials](/integrations/builtin/credentials/slack.md#scopes) list for a more complete list of scopes.

+## Verify the webhook
+
+From [version `1.106.0`](/release-notes.md#n8n11060), you can set a [Slack Signing Secret](https://api.slack.com/authentication/verifying-requests-from-slack#signing_secrets_admin_page) when configuring your [Slack credentials](/integrations/builtin/credentials/slack.md#slack-trigger-configuration). When set, the Slack trigger node automatically verifies that requests are from Slack and include a trusted signature. n8n recommends setting this to ensure you only process requests sent from Slack.
+
 ## Common issues

 Here are some common errors and issues with the Slack Trigger node and steps to resolve or troubleshoot them.