Normally, I invite new members via. email, that I get from them individually.
Let's say I want to campaign publicly for volunteers to join our community, then what is the best approaches with various level of control?
It is not possible out-of-the-box, but you can develop a custom website, where people can apply for your Slack and enter the name and email address.
You can then forward their request for you to approve (e.g. a page with a table of all open requests where each can be approved or denied or an automatically generated email to you etc).
Finally you can auto-invite every approved user with his email address. The Slack API has an undocumented API function that allows that. Check here for my post about that method.
I have done a similar website for inviting people from a gaming community (Eve Online), where they have to first authenticate themselves with their game login before getting an invite to our Slack. It works pretty well. I made this website with PHP, but basically every server based script language will work.
Related
jut for a background, I'm building a poc of twilio based video chat contact center and I've came upon one issue. Most of the people using the service will be anonymous customers, no logging / authentication here. Looking at the twilio api, once I produce a Token with VideoGrant I loose all control of what the javascript client does with it, for example, someone can modify my JS client to create their own room, instead of joining the one assigned by my app.
Is there any way to create VideoGrant which would allow only joining a room, preferably a single, selected room?
There is a mention of Room Events in the console, but I didn't see any docs on it, maybe it would allow to catch rooms creation and kill the unknown ones, btw is there a REST api for rooms? nothing on official REST api docs again.
Sorry if the questions are a bit vauge, I'm aware that they might not meet SO standards, but I know that few Twilio developer evangelists are active so maybe you guys can propose some best practices here or just point out to the right docs if I am dumb enough to have missed them.
Lukasz,
Rob Brazier here, PM for Video. In the next few weeks we'll be adding a new grant to the Video section of our Access Tokens that allow you to lock down access only to a specific Room.
The basic flow will be:
User visits your site.
Your app server decides what Room they should connect to.
Your app server creates a Room using whatever identifier you like as the name (using the upcoming Video REST API).
Your app server generates an Access Token with a grant for the specific Room created in #3.
Your app server returns that Access Token to the client.
Client connects using the provided token and is joined to the specified Room.
Let me know if this is clear. Thanks,
One of my clients have a situation to pay their website user directly from platform account to user. I can do it by using their transfer payment API.
But, my client want to pay to user's email so that user can have option to perform rest of the action.
I went through their API documentation but don't see anything related to do that. Does anyone have similar experience or know anything related to do that?
Stripe's API doesn't have anything like that, but it is something you may be able to build into your application.
I think you might want to contact Stripe Support and fill them in on your use case and see if they can offer you some specific suggestions.
I am trying to make a bot that will listen to all public & private channels, and IMs for a team, and will reply when it sees certain trigger words. This will be a "Slack App", installable to your team using the "Add to Slack" button, and includes a "Bot User".
I have asked for the "bot" OAuth scope, and subscribed to the "message.channels,message.groups and message.im" Team Events (at https://api.slack.com/apps/myAppId/event-subscriptions) but do not appear to receive event POSTs through the Events API when new messages are sent.
Adding the "channels:history,groups:history,im:history" scopes makes the bot receive these event POSTs, but I believe only for the user that added the bot, so it will not watch groups that the adding-user was not a member of, or IMs between 2 other users. This means that behaviour will be different, depending on which user installed my bot.
Is there a way of installing the app/bot for an entire team? The documentation seems to indicate that a 'bot' scope should have the ability to receive events, but I am not seeing this (I require the channels:history scope etc. above).
bot - request this scope when your Slack app includes bot user functionality. Unlike incoming-webhook and commands, the bot scope grants your bot user access to a subset of Web API methods, the RTM API, and certain event types in the Events API.
(from https://api.slack.com/docs/oauth-scopes)
The page on bots also claims that a bot can receive all messages through the RTM API:
This websocket will send you all of the messages and activity that happen in public and private channels that the bot user is invited to, as well as messages that are sent to it via direct message. A bot user opens this websocket with the RTM API by sending an authenticated call to the rtm.start API method. To learn more about connecting to the RTM API, read the documentation here.
(from https://api.slack.com/bot-users)
Is this same behaviour possible in the events API without needing to use the RTM API or add those additional scopes mentioned above?
I see from your comment that you have understood that the bot scope (and the channels.message Events subscription) allows your bot to receive from channels it is present in.
You have two options
1) you ask for channel.write scope in addition to bot, and you invite the bot in all channels (using the user token, not the bot token)
2) you work on your onboarding and figure out a way to get your "champion", ie the user who installed your app, to invite your bot in relevant channel.
Keep in mind that solution 1) is usually seen as very intrusive, especially in large teams where most people haven't heard of your app nor taken the decision to install it. But it can be suitable for some very specific use cases. Option 2) is the recommended route, but it is hard :-) Good luck!
I am working on a tool inside of a current iOS app that I only want to be available to a handful of people. The company email addresses are all gmail.
How can I make the app work in a way that, You sign into your google account, and on the server end it will check if you have access or not. If you do, it will then move on to the tool page.
Does Google API have anything on this?
Thanks in advance
Google App Engine has the Users API which you can use to allow people to log in with a Google Account. You can the write server side code to cross check the logged in email address against your whitelist (which may or may not be configurable), and only allow access if the emails match.
Is that the kind of thing you mean?
I am using Twitter as an OAuth provider for ASP.NET MVC 4 web site. I would like to be able to follow up with a registered user at a later date, either by email or via a tweet. Outside of having the user follow me on Twitter, do I have any other options to communicate with the user?
Here is what I unsuccessfully considered:
It appears that there is no way to get access to the email address since Twitter OAuth API does not return it.
It appears I cannot send a direct message unless a user
follows me on Twitter.
"Read/Write/DirectMessage" permissions seem
too intrusive -- all I want to do is send a user a message that a
new product is released -- I don't need any of the write
capabilities that this level of permissions provides.
To recap, if a user used Twitter to sign in to my website, what are my options to contact that user at a later date?
Thanks.
Twitter's solution for this sort of person-to-person communication is the Direct Message, however, Twitter has (rightfully) decided that both parties need to consent to this channel being available. This decision is intended to reduce the amount of spam in the Twitter ecosystem.
Posting public tweets that mention the username will get your users' attention, but it is also broadcasting their relationship with your company to the entire Twitter ecosystem. You will, essentially, be advertising their relationship with your company without their permission. This approach will bring you headaches sooner or later.
Email is probably a better choice for the sort of announcement to existing customers.