Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Post a message to a chat slack bearer token auth failure

Hi All,


followed all the steps here for generating a bot auht token from the resource below.

However it always says token authentication failed - new to this and cant figure out what I might be missing, 

I am on an internally hosted Jira instance and have looked the through the bot scope just in case that was a factor. Any ideas?

4 answers

When you are trying to use ScriptRunner Built-In function "Post a message to Slack", you must create a new Slack app with Bot User Permissions (you must be a Slack Workspace Admin):

Slack App Bot Permissions.png

In the ScriptRunner Listener "Bearer Token" is actually "Bot User OAuth Token" which you can find in "OAuth & Permissions" menu of your new Slack app, which had to be installed into your Slack Workspace.

I am not sure if the following happening automatically, but I added this manually before: in your target room (Slack public channel) go to Integrations tab and add your app. 

Screen Shot 2022-08-02 at 3.18.35 PM.png

The reason why I had received "Token authentication failed!" message in the field "Target room" was a lack of "channels:read" Bot Token Scope because exactly this type of permissions provides access to browse channels which is required to be listed in your ScriptRunner Listener.

I fell over a "bug" in the chrome browser.

I entered the bearer token and after that chrome adds into the project field my saved jira login name and overwrites(!) the bearer token with my saved jira password.

Maybe a bug with the field identifiers? I have no other clue why chrome would do sth like that.

Matthew Clark
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
May 12, 2020

Hi Roland

I was not able to get my browsers to auto-fill but I can see the browsers treat the bearer token field as a password field and offers to auto-fill.

I created a feature request here so the developers are aware of the issue and can look into a different method if they feel it works better for users. Feel free to vote if you would like.



Thank you, Matthew! :)

0 votes
Matthew Clark
Rising Star
Rising Star
Rising Stars are recognized for providing high-quality answers to other users. Rising Stars receive a certificate of achievement and are on the path to becoming Community Leaders.
Nov 30, 2019

Hi Govind

After you add the "bot scope" permission and re-install your slack app it will show the required auth key at the top of the slack "OAuth and permissions" page under the heading "Bot User OAuth Access Token"

This token, when added as the Bearer Token in the scriptrunner "Post a message to Slack"/"Post to chat Service" built-in script will cause the built-in script page to reload and then it should show your available slack channels in the "Target room" dropdown.

If you see the built-in script display a loading animation and then immediately say "Token authentication failed!" in the "Target room" dropdown, the reason should be shown in the altassian-jira.log file if you turn on debug level logging as shown here.

One thing to watch out for is if you have your browser set to automatically fill in password and username fields for some websites, this can sometimes replace the token you just entered after the page reloads and then cause the authentication to fail. So make sure you have this disabled or try an incognito browser when you are setting up this built-in script.




I'm having the same issue.

Can we bump this?

Suggest an answer

Log in or Sign up to answer
AUG Leaders

Atlassian Community Events