Connect Slack via the proxy
Let an agent read messages from #engineering via Slack’s API. The token never leaves the proxy process.
1. Add the adapter
Section titled “1. Add the adapter”pnpm add @ahamie/connector-slack2. Register it on the proxy
Section titled “2. Register it on the proxy”import { slackAdapter } from "@ahamie/connector-slack";export default { adapters: [slackAdapter] };3. OAuth dance
Section titled “3. OAuth dance”ahamie connect slackOpens the OAuth consent in the browser. The resulting token is encrypted with AHAMIE_KMS_KEY_B64 and written to credentials. Only the proxy decrypts.
4. Reference the channel from your agent
Section titled “4. Reference the channel from your agent”import { defineAgent } from "@ahamie/agent";import { slackConnector } from "@ahamie/connector-slack";
export const summarizer = defineAgent({ /* … */ scope: { org: "$ORG_ID", connectors: [slackConnector.read("#engineering")] },});5. Verify
Section titled “5. Verify”psql -d ahamie -c "SELECT id, provider, slug, created_at FROM connectors;"psql -d ahamie -c "SELECT action, outcome, redaction_safe FROM audit_log ORDER BY occurred_at DESC LIMIT 5;"You should see proxy.forward rows with no token in redaction_safe (I1).
Pitfalls
Section titled “Pitfalls”SLACK_SIGNING_SECRETnot set. Inbound webhooks fail with401 hmac_mismatch. Set the env var before bootingahamie dev.- Token leaks into stack traces. Impossible by construction — the agent process never receives the token, only the proxy does.