Skip to main content
Panther Knowledge Base

How to fix "invalid_token" 400 error for Slack alert destination in Panther


I have a Slack webhook alert destination, but lately all alerts being sent are failing with the error:

request failed: 400 Bad Request: invalid_token


To resolve this issue, try creating a new Slack workspace app following our documentation. Then, edit your alert destination within Panther and point it to the new webhook URL.


The usual cause of this error is a change in permissions for the user who initially created the Slack workspace app, such as if the user changes roles or leaves your workspace. Creating a new app, then configuring Panther to route alerts to the new URL, will use your authentication and permissions, instead of those of the previous employee.



  • Was this article helpful?