Skip to main content
Token has a few slash commands for admins. They run on the server directly and bypass the AI entirely, so they are a reliable way to see and control what Token is doing.
Slash commands are available in Slack and are admin-only. If you are not an admin, they will not be available to you.

/token-audit

See what Token has been doing: the actions it took, the decisions made, and the outcomes. 
/token-audit            # the most recent entries
/token-audit today      # everything from today
/token-audit notion     # filter by a tool or service name
Each entry shows the action that ran, which channel triggered it, the decision (allowed, denied, auto-allowed, or approved and by whom), and a timestamp. This is the best way to review what happened while you were not watching, especially actions that were approved automatically.

/token-rules

View and manage the rules Token has learned from Always allow. 
/token-rules            # list all rules
/token-rules delete 7   # remove a specific rule by id
Each rule shows the actions it matches, any conditions, whether it was learned from a button or set manually, and which channel it applies to. If Token is auto-approving something you would rather review, delete the rule. The next time Token tries that action, it asks again.

/token-config

Manage workspace and owner settings. 
/token-config                                  # show the current configuration
/token-config workspace set <key> <values>     # update a workspace setting
/token-config workspace list                    # list workspace settings
/token-config owner set <key> <values>          # update an owner setting
Common settings include:
SettingWhat it controls
Internal domainsThe email domains treated as inside your organization, used to tell internal recipients from external ones.
Internal contactsThe phone numbers treated as inside your organization, used the same way for chat groups.
AdminsWho is allowed to approve actions and run these commands.
Owner nameThe name Token uses when it refers to its owner.
These settings feed directly into approvals. For example, classifying a recipient as internal or external is what decides whether an action is auto-approved or needs a review.