I made a new Slack App, got both my user token and bot token, and now my app can post messages as me. But what if I want this app to post messages as someone else from my team? How to get their token? Or where they can find it?
Tokens in slack can only be retrieved from the your slack apps OAuth page. This cannot be done via the API. If you want to send the messages as another user what you need to do is:
Create the a slack app using the users account.
Assign the relevant permissions to the app.
Install the app to your work space.
Fetch the generated tokens from the OAUTH and permissions section.
Related
Trying to send out chat message from Bot with sender as a current logged in user. I am able to implement this with graph api using On Behalf of flow. However the API is still in Beta and don't think we can use it in production setting.
https://learn.microsoft.com/en-us/graph/api/chat-post-message?view=graph-rest-beta&tabs=http
Is there a different way? Can we use ConnectorClient? Tried this, but the chat message is sent by the bot instead of the current logged in user. I am not able to create user token with botframework.com. It is always bot or the registered app.
Do anyone know if there is a way to accomplish this avoiding the graph beta api?
I'm using Discord OAuth2 for my discord bot dashboard. I retrieve the user's servers by the link https://discord.com/api/users/#me/guilds. I want to prompt the user to add my bot to his guild or go directly to the dashboard if the bot is already in the user's guild. But how do I know if the bot is already in a guild? I didn't find any API that does this.
It's an API request per guild, but you could use get guild member with your own bot's ID; if you get a 4xx then your bot isn't present in the guild.
I have been making a slack app for the users on my workspace. It is a sidebar that adds slack messaging functionality to our website, so that we don't have to leave the site to see our slack messages. I am having trouble trying to get bearer tokens for each user.
What I have been doing so far is following the Slack OAuth 2.0 Authentication flow in order to receive tokens for users. This worked for me in testing and it works for some of our users currently. However, some users see something completely different.
Instead of asking them for permission to use their slack profile, the slack.com/oauth/authorize is telling them they can't install the app because it isn't listed in the slack directory. However, this page should not be installing the app to the workspace. It is already installed. It should just be asking for their permission to use their profile.
Am I using the wrong page? Did I miss something I need to do?
The Oauth process in Slack is not only used to get an access token, but also always is regarded as installation process for the respective Slack app. So your users are basically (re-) installing your Slack app each time they run through the Slack Oauth process. This is the standard behavior and can not be changed.
If you want to continue using this process you can simple enable installation for your Slack app on the workspace for all users (click on approve on the app management page of your workspace for this particular app) and then your users will no longer get the error message. You may also need to enable distribution of your Slack app on the app management page.
Btw. installing the same Slack app by multiple users is the default approach for getting access tokens for individual users. Slack calls those additional installations "configurations" and you can see them listed on the app ages for your workspace.
Note that Slack access tokens obtained from the Oauth process do not expire. So you only have to let the user install your Slack app once and then store the Slack access token for the next time.
I have a private slack application (developed by user 'X' from team 'XT')
I have a web server knows how to complete the Oauth process and generate tokens per teams
Now- as a user Y from team YT I am installing the slack app on my YT team and get a token,
using that token I perform API call for channels.create ,
I got into my team (aka YT) and indeed I see that the channel was created ,
BUT
it's written that the channel was created by the specific user that installed the slack app, meaning user Y.
I would expect to see that channel was created by the application not by specific user.
Is there any way to do that ?
thought about using bot token (got from the app instllation) but channels.create cannot be performed by a bot
I am afraid there is no solution for your problem. Every "write" action on Slack has to be attached to either a bot or a user. And since channels.create can not be used by a bot, it has to be a user.
The master access token of your Slack app is linked to the user that installed it, which is why that user will appear as creator of the channel when you use it.
I use a generic admin user ("slackadmin") for that purpose on my own Slack, but that will of course not work as general solution for each Slack team that want to install your app from the Slack App Directory.
I have a Slack bot application that needs to authenticate messages received. Instead of receiving a token from Slack, my application will provide a token to Slack. Slack would then send the token to my application during each request. My application can then authenticate who the message came from.
Is there a way on Slack's platform to be an Oauth provider to Slack or some way to authenticate messages?
Thank you
Ah I see! So, again, this is not precisely what you are looking for, but it comes pretty close:
What you can do is use your own OAuth system external to Slack and then tie the users in that system to the user_ids from your Slack team.
On request from a particular user, your bot could DM this user a unique URL that is tied to your own (slack-external) OAuth system. Once the process is complete you can associate your way of identifying users with that of Slack (ie. team_id and user_id)
As a result any message that your bot receives, which would include the user_id of the user that sent it, can now be checked against your own User model to see if this particular user has the required permissions or anything of that nature.
This way you can essentially use any OAuth system in conjunction with Slack's methods of identifying users. It's a bit hacky, but it works.
I built something like this a few months ago. Here we are using the Mondo API's OAuth on top of Slack's own OAuth: Mondobot
The file with the relevant code is this one.