Skip to main content
Panther Knowledge Base

How to fix "invalid_token" 400 error for Slack alert destination in Panther

Issue

I have a Slack webhook alert destination, but lately all alerts being sent are failing with the error:

request failed: 400 Bad Request: invalid_token

Resolution

To resolve this issue, try creating a new Slack workspace app following our documentation. Then, edit your alert destination within Panther and point it to the new webhook URL.

Cause

The usual cause of this error is a change in permissions for the user who initially created the Slack workspace app, such as if the user changes roles or leaves your workspace. Creating a new app, then configuring Panther to route alerts to the new URL, will use your authentication and permissions, instead of those of the previous employee.

 

 

  • Was this article helpful?