channel/kick
Removes a specific user from a Slack channel. This is an administrative action that should only be used as part of approved offboarding, access control, or policy enforcement workflows. Requires channels:manage scope.
High-Impact Action: Removing users from channels affects their visibility into team communications and may affect ongoing work. Only use this node as part of documented, approved offboarding or access control workflows. Always log kick actions to your audit system.
When to Use
- HR offboarding: Remove departing employees from internal team channels as part of the structured offboarding process when their access is being revoked.
- Contractor end-of-engagement: Remove temporary contractors from channels after their contract period ends and their system access is being deprovisioned.
- Channel access policy enforcement: Remove users from sensitive channels (e.g.,
#security-alerts,#finance-ops) when their role no longer grants access according to RBAC policies.
Configuration
Connection
| Field | Type | Required | Description |
|---|---|---|---|
botToken | string | Required | Bot Token starting with xoxb-. Requires channels:manage scope. The bot must be a member of the channel. |
Operation Fields
| Field | Type | Required | Description |
|---|---|---|---|
channelId | string | Required | The channel to remove the user from. Starts with C (public) or G (private). |
userId | string | Required | The Slack user ID of the user to remove. Example: U01USER12345. Only one user per call. |
Sample Configuration
{
"operation": "channel/kick",
"connection": {
"botToken": "{{credentials.slackBotToken}}"
},
"fields": {
"channelId": "{{$json.channelId}}",
"userId": "{{$json.userId}}"
}
}
Validation Errors
| Error Code | Cause | Resolution |
|---|---|---|
not_in_channel | The user is not a member of the channel. | Pre-check membership with channel/getMembers before kicking. This error can be safely ignored in bulk offboarding flows. |
cant_kick_self | The bot is attempting to kick itself. | Filter out the bot's own user ID. Use channel/leave to remove the bot from a channel. |
cant_kick_from_general | Attempting to remove a user from the workspace's #general channel, which is not permitted. | Skip #general when processing bulk offboarding. Deactivating the user's Slack account removes them from all channels. |
channel_not_found | Invalid channel ID or bot is not in the channel. | Verify the channel ID and ensure the bot is a member. |
missing_scope | Bot token lacks channels:manage scope. | Re-authorize the Slack app with the required scope. |
Output
Success Port
| Field | Type | Description |
|---|---|---|
channelId | string | The channel the user was removed from. |
userId | string | The Slack user ID that was removed. |
status | string | success or error. |
errorCode | string | Slack error code when status is error. |
payload | object | Full raw Slack API response. |
Error Port
On failure with Continue on Error enabled, routes to the error port. For bulk offboarding, treat not_in_channel and cant_kick_from_general as warnings, not hard failures.
Sample Output
{
"channelId": "C08SENSITIVE01",
"userId": "U01USER12345",
"status": "success",
"errorCode": "",
"payload": {
"ok": true
}
}
Expression Reference
| Expression | Result |
|---|---|
{{$node["channel-kick"].json.channelId}} | Channel that was acted on — use in audit log entries. |
{{$node["channel-kick"].json.userId}} | User ID that was removed — use in notification and audit records. |
{{$node["channel-kick"].json.status === "success"}} | Boolean gate — confirm before proceeding with downstream offboarding steps. |
Node Policies & GuardRails
| Policy Area | Recommendation |
|---|---|
| Scope requirements | Requires channels:manage scope. The bot must be a channel member. Admin-level scopes may be needed for some workspace configurations. |
| Rate limiting | Tier 2 (20+ req/min). For bulk offboarding across many channels, add delays between kicks to avoid rate limits. |
| No hard-coded IDs | Always source both channelId and userId from upstream expressions. Never hard-code user or channel IDs. |
| Approval gate required | This node must only be used in workflows with an explicit approval step or documented trigger (e.g., HR system offboarding event). Do not automate kicks based solely on inactivity. |
| Mandatory audit logging | Always log kick actions: who was kicked (userId), from which channel (channelId), by which workflow, and at what timestamp. This is required for compliance. |
| General channel exception | Always filter out the #general channel from bulk kick operations. Deactivating the Slack account handles general channel removal. |
Examples
Example 1 — HR Offboarding — Remove from All Non-General Channels
When HR marks an employee as departed, removes them from all channels except #general (handled by account deactivation).
// $json.userId = departing employee's Slack ID
// Node 1: channel/getMembers won't work (need channels user is in)
// Use admin API or loop through known sensitive channels
const sensitiveChannels = ["C08FINANCE01", "C08SECURITY01", "C08ENGINEERING01"];
// Loop: channel/kick for each (skip general, catch not_in_channel)
Example 2 — Contractor Access Revocation
When a contractor engagement ends in the system, revoke their channel access.
// Trigger: contractor offboarding event
// $json.contractorSlackId = Slack user ID
// $json.channelIds = list of channels they were given access to
// Loop over channelIds:
{
"operation": "channel/kick",
"fields": {
"channelId": "{{$json.channelId}}",
"userId": "{{$json.contractorSlackId}}"
}
}
// Error handling: ignore not_in_channel (safe), flag all others
Example 3 — Sensitive Channel Policy Enforcement
Scheduled weekly audit that removes users from the #finance-ops channel if they no longer have the Finance role in the RBAC system.
// Node 1: channel/getMembers for #finance-ops
// Node 2: HTTP Request → RBAC API → get users with Finance role
// Code node:
const channelMembers = $node["channel-getmembers"].json.members;
const authorizedUsers = $node["rbac-finance"].json.userIds;
const botId = "U01BOT99999";
const unauthorized = channelMembers.filter(
id => !authorizedUsers.includes(id) && id !== botId
);
// Loop: channel/kick for each unauthorized user + audit log entry