Returning to the Cookie Jar

In 2023 I wrote a blog post on how you can extract and use cookies from Slack to authenticate to the API, and it has become one of my most commonly viewed articles. Since then, Slack have changed a few things, and I've been doing some deeper digging into how these cookies can be retrieved and (ab)used.

I’ve now gone back and updated the original post to reflect Slack’s changes and also expanded it to:

• Provide more detail on how Slack sessions and authentication work under the hood
• Include additional methods for obtaining the required d cookie
• Explore more ways this cookie can be used (or misused)

You can read the updated version here:

Retrieving and Using Slack Cookies for Authentication

This post has been updated in December 2025 to account for changes to Slack authentication since it was originally written. Slack, like many other services, uses cookies to store authentication and session information. What is interesting with Slack, however, is that one particular cookie can be used to generate a

PaperMtnPaperMtn