I am trying to make a bot that will listen to all public & private channels, and IMs for a team, and will reply when it sees certain trigger words. This will be a "Slack App", installable to your team using the "Add to Slack" button, and includes a "Bot User".
I have asked for the "bot" OAuth scope, and subscribed to the "message.channels,message.groups and message.im" Team Events (at https://api.slack.com/apps/myAppId/event-subscriptions) but do not appear to receive event POSTs through the Events API when new messages are sent.
Adding the "channels:history,groups:history,im:history" scopes makes the bot receive these event POSTs, but I believe only for the user that added the bot, so it will not watch groups that the adding-user was not a member of, or IMs between 2 other users. This means that behaviour will be different, depending on which user installed my bot.
Is there a way of installing the app/bot for an entire team? The documentation seems to indicate that a 'bot' scope should have the ability to receive events, but I am not seeing this (I require the channels:history scope etc. above).
bot - request this scope when your Slack app includes bot user functionality. Unlike incoming-webhook and commands, the bot scope grants your bot user access to a subset of Web API methods, the RTM API, and certain event types in the Events API.
(from https://api.slack.com/docs/oauth-scopes)
The page on bots also claims that a bot can receive all messages through the RTM API:
This websocket will send you all of the messages and activity that happen in public and private channels that the bot user is invited to, as well as messages that are sent to it via direct message. A bot user opens this websocket with the RTM API by sending an authenticated call to the rtm.start API method. To learn more about connecting to the RTM API, read the documentation here.
(from https://api.slack.com/bot-users)
Is this same behaviour possible in the events API without needing to use the RTM API or add those additional scopes mentioned above?
I see from your comment that you have understood that the bot scope (and the channels.message Events subscription) allows your bot to receive from channels it is present in.
You have two options
1) you ask for channel.write scope in addition to bot, and you invite the bot in all channels (using the user token, not the bot token)
2) you work on your onboarding and figure out a way to get your "champion", ie the user who installed your app, to invite your bot in relevant channel.
Keep in mind that solution 1) is usually seen as very intrusive, especially in large teams where most people haven't heard of your app nor taken the decision to install it. But it can be suitable for some very specific use cases. Option 2) is the recommended route, but it is hard :-) Good luck!
Related
Looking for the best course of action that would have the least impact on users to be able proactively message users with teams app (bot) installed but where they have not messaged the bot and the conversation reference was not captured at time of install.
The scenario is that have an enterprise bot that has been operational for over 3 years servicing 10s of thousands of employees. The bot is auto installed for all users in the tenant, but conversation references were only being stored in the last 2/3's of the applications life, and the install event was not being captured until recently. This was not an issue in past as all proactive functionality was predicated on some interaction with the bot.
I now have a need to be able proactively messages all users within tenant regardless of if they have messaged the bot or not, or if they last messaged the bot before conversation references were being stored. There are only a small subset of users the fall into this category.
Hoping some way to generate a conversation update, be it through graph or other means. The installationUpdate event through app update seemed promising as can update the application but seems only triggered if bot is added or removed
Review the information provided here: https://learn.microsoft.com/en-us/microsoftteams/platform/graph-api/proactive-bots-and-messages/graph-proactive-bots-and-messages?tabs=dotnet
Here is what we do
If we have the conversation ID in our cache/persistent store, we use
it to send the message
If we dont have, we use GET
https://graph.microsoft.com/v1.0/users/{user-id}/teamwork/installedApps/{teamsAppInstallationId}/chat
to get the chatid (the app id here is not the bot application ID, but the ID generated when the app is installed in the org app store and is available from the Teams Admin interface)
If the user does not have our app installed, we
install the app using the teamsAppInstallationId ID. This automatically generates a event without user intervention that
is sent to the bot which you can then use to capture the conversation ID.
POST /users/{user-id | user-principal-name}/teamwork/installedApps
This approach does require an Application Permission: TeamsAppInstallation.ReadWriteSelfForUser.All
You might look into using the List Teams functionality in the Graph API. You can use Graph to get teams and list their members, assuming you can grant your bot the necessary permissions. There are many features in the Graph API which might help you accomplish this.
To send a proactive message to user the bot requires the conversation reference. The conversation can be only retrieved when bot installed.
Without conversation reference you cannot send a proactive message using bot.
You can use Send message in a chat API to send message to chat with delegated permissions.
Could you please raise a uservoice for your case
I have a logic app which posts a channel chat message to teams automatically when a new item is created in SharePoint. This I have working but our client requires that all the team members receive a banner alert and activity feed which I am having a lot of difficulty with.
What I've already tried...
Using a Incoming web hook on the teams channel - this was a very simple way to post from the logic app but the incoming webhook don't seem to support mentions.
Using the msft graph api - The /team/channel/message endpoint can post messages and user mentions but the this endpoint doesnt support channel or team mentions. It also appears that the graph API needs to use delegated permissions to post messages in teams. I'm using application permissions as this is a logic app. The logic app HTTP post connector doesnt offer the "connect as username#tenant.com" some of the other connectors use.
Using the flowbot post message - Like the above channel and team mentions are supported here so the post is added to the channel but with no notification to the team members
Using a notification only bot - I thought I nearly had it with this one. Microsoft's node bot sample number 57 looked like it can do most of what I want, it iterates through the users in the team and messages them this a customisable alert message...
https://github.com/microsoft/BotBuilder-Samples/tree/master/samples/javascript_nodejs/57.teams-conversation-bot
However I can't see how this bot can be triggered from my logic app as it seems to require an existing conversation context or an #mention from within teams to start communicating with users.
What I'm considering trying next
Iterating users within the logic app - Next I plan to try and get team membership from the graph API and iterate the members in the Logic App, posting a message to each user separately. I had hoped to utilise the group #mention feature as a simpler way so I'd be grateful if anyone had any thoughts on other ways of doing this, or maybe there's something wrong with what I've already tried that you could give me some expertise on.
Thanks in advance ;)
Andy
You're on the right track with the Bot, but you're wanting to send something called a "Pro-active" message. You need the bot registered in the channel in order to get access to a few key properties (conversation id, service url, etc.), but you can use those to send a message from -outside- your bot (e.g. in an Azure Function). You might be able to do this directly from a Logic App, but I haven't tested that specifically.
To find out more, see my answer at Programmatically sending a message to a bot in Microsoft Teams but I've also got a recent blog post that you might find interesting for background on this at How Bots Actually Work.
Hope that helps
You can use Graph to post a message in 1:1 chat as long as you have the chat it. You can find the answer in this post Send message to personal Chat via Graph API
You can also call Graph API from Logic Apps. (https://techcommunity.microsoft.com/t5/integrations-on-azure-blog/calling-graph-api-from-azure-logic-apps-using-delegated/ba-p/1997666#:~:text=Calling%20Graph%20API%20from%20Azure%20Logic%20Apps%20using,Manage%20-%3E%20Certificates%20%26%20secrets%20More%20items...%20)
I have created a slack bot and I want to send a general static help message to users when they send a direct message to my bot:
Should I subscribe to Events API? Or do I need to do this in another way? I couldn't find a clear answer for this.
There are two ways to do make your bot user reply to direct messages:
Events API
Real Time Messaging API
In my opinion the Events API approach is easier to implement since it does not require using WebSockets.
The basic approach with the Events API is:
You need an endpoint that can receive event requests from Slack and
react to it, e.g. by sending a direct message back to a user.
Subscribe to message.im event for your bot user
Note that a bot user already has all the required scopes for this with the bot scope.
In addition I would recommend to subscribe to app.mention for your bot user. Then it can also react to mentions in other channels.
Btw. that message you posted looks a lot like a review comment from the Slack team for a new app submission. I got a similar one for my last app and I solved it with the approach above. In general it looks like if you want to have a bot user in your app it needs to be able to respond to help request from users.
I have a private slack application (developed by user 'X' from team 'XT')
I have a web server knows how to complete the Oauth process and generate tokens per teams
Now- as a user Y from team YT I am installing the slack app on my YT team and get a token,
using that token I perform API call for channels.create ,
I got into my team (aka YT) and indeed I see that the channel was created ,
BUT
it's written that the channel was created by the specific user that installed the slack app, meaning user Y.
I would expect to see that channel was created by the application not by specific user.
Is there any way to do that ?
thought about using bot token (got from the app instllation) but channels.create cannot be performed by a bot
I am afraid there is no solution for your problem. Every "write" action on Slack has to be attached to either a bot or a user. And since channels.create can not be used by a bot, it has to be a user.
The master access token of your Slack app is linked to the user that installed it, which is why that user will appear as creator of the channel when you use it.
I use a generic admin user ("slackadmin") for that purpose on my own Slack, but that will of course not work as general solution for each Slack team that want to install your app from the Slack App Directory.
I have a Slack bot application that needs to authenticate messages received. Instead of receiving a token from Slack, my application will provide a token to Slack. Slack would then send the token to my application during each request. My application can then authenticate who the message came from.
Is there a way on Slack's platform to be an Oauth provider to Slack or some way to authenticate messages?
Thank you
Ah I see! So, again, this is not precisely what you are looking for, but it comes pretty close:
What you can do is use your own OAuth system external to Slack and then tie the users in that system to the user_ids from your Slack team.
On request from a particular user, your bot could DM this user a unique URL that is tied to your own (slack-external) OAuth system. Once the process is complete you can associate your way of identifying users with that of Slack (ie. team_id and user_id)
As a result any message that your bot receives, which would include the user_id of the user that sent it, can now be checked against your own User model to see if this particular user has the required permissions or anything of that nature.
This way you can essentially use any OAuth system in conjunction with Slack's methods of identifying users. It's a bit hacky, but it works.
I built something like this a few months ago. Here we are using the Mondo API's OAuth on top of Slack's own OAuth: Mondobot
The file with the relevant code is this one.