SALESFORCE CERTIFICATION
Certified Slack Developer Practice Exam
Exam Number: 3749 | Last updated 14-Apr-26 | 457+ questions across 5 vendor-aligned objectives
The Certified Slack Developer exam validates your ability to build custom Slack applications, bots, and integrations using the Slack Platform and its APIs. It covers app architecture, Block Kit UI development, event handling, slash commands, and how to leverage Slack’s workflow automation capabilities programmatically.
The largest portion of the exam — 25% — focuses on Block Kit and Ui, covering interactive messages, modals, home tabs, and rich formatting. Roughly 25% of the questions address events and interactivity, covering Events API, slash commands, shortcuts, and action handling. App Architecture carries the heaviest weight at 20%, covering Bolt framework, OAuth, scopes, and app configuration. Candidates who master these top-weighted areas position themselves well for the majority of exam questions.
Beyond the core areas, the exam also evaluates complementary skills. Workflows and Automation commands 15% of the blueprint, which spans Workflow Builder steps, custom functions, and triggers. Nearly 15% of questions test Security and Distribution, which spans token management, request verification, and app distribution. Do not overlook these sections — the exam regularly weaves them into multi-concept scenarios.
Every answer links to the source. Each explanation below includes a hyperlink to the exact Salesforce documentation page the question was derived from. PowerKram is the only practice platform with source-verified explanations. Learn about our methodology →
68
practice exam users
89.7%
satisfied users
89.7%
passed the exam
4.5/5
quality rating
Test your Certified Slack Developer knowledge
10 of 457+ questions
Question #1 - Craft and refine interactive messages, modals, and home tabs to deliver intuitive, responsive interfaces that drive user adoption and productivity
A developer is building a Slack app using the Bolt framework that needs to listen for messages containing specific keywords and respond with relevant information.
What Bolt event handler should the developer use?
A) A slash command that users must explicitly invoke
B) The app.message() listener with a string or regex pattern match, which fires when messages matching the pattern are posted in channels where the app is present
C) A scheduled job that polls for new messages every minute
D) A webhook endpoint that receives all workspace messages
Show solution
Correct answers: B – Explanation:
Bolt’s app.message() listener filters incoming messages against defined patterns (string or regex) and triggers the handler function for matches. This enables keyword-based automated responses without requiring user invocation. Webhooks require custom routing. Polling introduces latency. Slash commands require explicit user action. Source: Slack Documentation
Question #2 - Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
A developer needs to create an interactive Slack message with buttons, dropdown menus, and a date picker that allows users to submit an expense report directly from Slack.
What Slack UI framework should the developer use?
A) A custom HTML page opened in a Slack browser tab
B) Rich text formatting with bold and italic for visual structure
C) Block Kit with interactive components (buttons, static_select menus, datepicker) composed into a structured message layout, with an action handler to process the submitted data
D) Plain text messages with URLs to an external form
Show solution
Correct answers: C – Explanation:
Block Kit provides a JSON-based UI framework for building rich, interactive messages. Interactive components (buttons, selects, datepickers) post action payloads to the app. This creates native in-Slack experiences. Plain text with URLs requires context-switching. Custom HTML is not natively supported. Rich text formatting is visual only, not interactive. Source: Api Slack Com
Question #3 - Deliver and support Events API, slash commands, and shortcuts to deliver reliable platform solutions that meet real-world business demands
A developer is building a Slack app that opens a form (modal) when a user clicks a button in a message. The modal collects multiple fields and submits the data to the app.
What Slack API method should the developer call to open the modal?
A) chat.postMessage with a form attachment
B) dialog.open with a dialog payload
C) views.open with a modal view payload containing input blocks, triggered by the action’s trigger_id from the button interaction payload
D) A redirect to an external web form URL
Show solution
Correct answers: C – Explanation:
views.open opens a modal view in Slack using the trigger_id from the interaction payload. Modals support input blocks (text inputs, selects, datepickers) with built-in validation. The view_submission event fires when the user submits. chat.postMessage sends messages, not modals. dialog.open is a legacy API. External redirects break the Slack-native experience. Source: Api Slack Com
Question #4 - Deliver and support Events API, slash commands, and shortcuts to deliver reliable platform solutions that meet real-world business demands
A developer needs to handle slash commands in their Slack app. When a user types /ticket create, the app should open a ticket creation modal.
What must the developer configure and implement?
A) Configure a Workflow Builder step for the slash command
B) Register the slash command in the app configuration with a request URL, implement a command handler that receives the command payload, extract the trigger_id, and call views.open to display the ticket creation modal
C) Register the slash command in the app manifest only
D) Create a bot that monitors all messages for the /ticket text
Show solution
Correct answers: B – Explanation:
Slash commands require registration in the app config (command name, request URL, description). The handler receives a POST with the command text and trigger_id. The trigger_id enables opening a modal. Bot message monitoring cannot intercept slash commands. Workflow Builder handles built-in steps, not custom app commands. Source: Api Slack Com
Question #5 - Deliver and support Events API, slash commands, and shortcuts to deliver reliable platform solutions that meet real-world business demands
A developer’s Slack app needs to update a message it previously sent — for example, changing a status indicator from ‘Pending’ to ‘Approved’ with an updated color.
What API method should the developer use?
A) Edit the message text using the Slack UI on behalf of the user
B) Delete the original message and post a new one
C) Post a new message in a thread under the original
D) Use chat.update with the original message’s channel and timestamp (ts), providing the updated Block Kit payload with the new status and color
Show solution
Correct answers: D – Explanation:
chat.update modifies an existing message in place using the channel ID and message timestamp (ts) as identifiers. The updated payload reflects the new status. This preserves the message’s position and thread context. Delete-and-repost loses thread replies and position. Thread replies do not update the original. Apps cannot edit messages on behalf of users. Source: Api Slack Com
Question #6 - Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
A developer is implementing request verification for their Slack app to ensure that incoming requests actually originate from Slack and not a malicious source.
What security mechanism should the developer implement?
A) Validate the user’s OAuth token on every request
B) Check only that the request comes from a Slack IP address range
C) Trust all incoming requests without verification
D) Verify the request signature using the Slack signing secret — compute an HMAC-SHA256 hash of the request body with the signing secret and compare it to the X-Slack-Signature header
Show solution
Correct answers: D – Explanation:
Slack signs every request with a secret-based HMAC-SHA256 signature. The app computes the expected signature using its signing secret and the request timestamp body, then compares it to the X-Slack-Signature header. This prevents request forgery. Trusting all requests is insecure. IP checking is insufficient. OAuth tokens authenticate users, not request origin. Source: Api Slack Com
Question #7 - Automate and orchestrate Workflow Builder steps, custom functions, and triggers to eliminate repetitive manual work and enforce consistent business logic across teams
A developer wants to create a custom function that can be used as a step in Slack’s Workflow Builder, allowing non-developers to incorporate the app’s functionality into their workflows.
What must the developer implement?
A) A webhook that Workflow Builder calls directly
B) A custom function defined in the app manifest with input/output parameters, implemented as a function handler that processes inputs and returns outputs when invoked by Workflow Builder
C) A slash command that Workflow Builder can reference
D) A bot that responds to Workflow Builder trigger messages
Show solution
Correct answers: B – Explanation:
Custom functions are defined in the app manifest with typed input/output parameters. Workflow Builder surfaces them as available steps. The function handler processes inputs when invoked and returns outputs for subsequent workflow steps. Slash commands are user-invoked, not workflow steps. Webhooks are not natively integrated with Workflow Builder. Source: Api Slack Com
Question #8 - Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
A developer is building a Slack app that needs to store user preferences (like notification settings and timezone) persistently across sessions.
What storage approach should the developer use?
A) Use an external database or Slack’s built-in datastore (for next-gen platform) to persist user preferences keyed by user ID, loading them when the app processes events for that user
B) Write preferences to a local JSON file on the app server
C) Store preferences in global JavaScript variables
D) Store preferences in Slack message metadata
Show solution
Correct answers: A – Explanation:
Persistent storage requires a database (external like PostgreSQL/DynamoDB or Slack’s built-in datastore on the next-gen platform). User preferences are keyed by user_id for retrieval. Global variables reset on app restart. Local files do not scale across multiple app instances. Message metadata is not designed for preference storage. Source: Api Slack Com
Question #9 - Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
A developer needs to distribute their Slack app to external organizations. The app requires access to channels, user profiles, and the ability to post messages.
What OAuth scopes and distribution method should the developer configure?
A) Use a single workspace app token for all organizations
B) Give other organizations the app’s source code to self-host
C) Share the app’s bot token directly with other organizations
D) Configure OAuth 2.0 with granular scopes (channels:read, users:read, chat:write), implement the OAuth installation flow, and submit the app to the Slack App Directory for public distribution
Show solution
Correct answers: D – Explanation:
OAuth 2.0 installation flow allows external orgs to install the app with explicit scope consent. Granular scopes limit access to required permissions. App Directory distribution makes the app discoverable. Sharing tokens is a security violation. Source code sharing is impractical. Single tokens cannot span organizations. Source: Api Slack Com
Question #10 - Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
A developer’s Slack app needs to respond to a button click within 3 seconds (Slack’s acknowledgment timeout) but the actual processing takes 30 seconds.
How should the developer handle this timing constraint?
A) Immediately acknowledge the interaction within 3 seconds with an initial response, then use the response_url or chat.update to send the final result asynchronously after the 30-second processing completes
B) Tell users to wait and hope the connection does not timeout
C) Queue the interaction and respond the next time the user sends a message
D) Increase the Slack timeout limit to 60 seconds
Show solution
Correct answers: A – Explanation:
Slack requires acknowledgment within 3 seconds. The app sends an immediate ack (HTTP 200 with optional loading message), then processes asynchronously. The response_url (valid for 30 minutes) or chat.update delivers the final result. Timeout limits cannot be changed. Waiting causes timeout errors. Queuing for next message creates poor UX. Source: Api Slack Com
Get 457+ more questions with source-linked explanations
Every answer traces to the exact Salesforce documentation page — so you learn from the source, not just memorize answers.
Exam mode & learn mode · Score by objective · Updated 14-Apr-26
Learn more...
What the Certified Slack Developer exam measures
- Set up and customize Bolt framework, OAuth, and scopes to support daily platform operations and evolving business requirements
- Craft and refine interactive messages, modals, and home tabs to deliver intuitive, responsive interfaces that drive user adoption and productivity
- Deliver and support Events API, slash commands, and shortcuts to deliver reliable platform solutions that meet real-world business demands
- Automate and orchestrate Workflow Builder steps, custom functions, and triggers to eliminate repetitive manual work and enforce consistent business logic across teams
- Enforce and audit token management, request verification, and app distribution to safeguard sensitive data and enforce least-privilege access across the organization
How to prepare for this exam
- Review the official exam guide
- Complete the Slack Developer trail on Trailhead and study the Slack API documentation with Bolt framework tutorials
- Build a Slack app using Bolt that handles slash commands, displays Block Kit messages, and opens interactive modals
- Publish an internal Slack app at your organization or contribute to an open-source Slack bot project
- Focus on Block Kit and Events — they combine for 50% of the exam
- Use PowerKram’s learn mode for Slack development questions
- Simulate the exam in PowerKram’s exam mode
Career paths and salary outlook
Slack developers build the integrations that power modern digital workplaces:
- Slack Developer — $100,000–$145,000 per year, building custom apps and integrations (Glassdoor salary data)
- Platform Integration Developer — $110,000–$155,000 per year, connecting collaboration tools with enterprise systems (Indeed salary data)
- Collaboration Platform Engineer — $120,000–$165,000 per year, building and maintaining enterprise collaboration infrastructure (Glassdoor salary data)
Official resources
Follow the Slack Developer Learning Path on Trailhead and the Slack API documentation. The official exam guide covers every objective.