After coding a bot in Discord.py, while generating an invite link, I've added all the scopes and I was able to go through and authorize the bot. Then, while inviting it to the server, it gives this page:
enter image description here
There are scopes added on the Discord Developer Portal, so this error doesn't make sense.
The first time I did this without the redirect URL (which I am using: https://discord.com/oauth2/authorize), it did work, and I was able to invite it into a test server. Now, I am trying to add it into the main server and it requires me to use the redirect URL, and it does not work anymore.
Can someone explain what is happening with this error and/or explain how to fix it? Thanks!
You need to do:
-> Discord Developer Portal
-> Your application
-> OAuth
-> URL Generator
-> Select the Bot scope
-> Select all the permissions you want at the bottom in the 'Bot permissions' that should have appeared
-> Copy the link at the bottom and go to that
I've never had any issues doing that to invite a bot to one of my servers. Shouldn't need a redirect URL either.
Related
I'm writing a bot for someone in python using Discord.py. Kindly share some knowledge regarding this issue.
To add a bot to a server you need to firstly have the "Manage Server" or "Administrator" permission in that server.
Then head to the Discord Developer Portal > Your Application > OAuth2 and click on the scopes you need ("Bot" is the one needed for bot commands although you will need "applications.commands" if you plan to use the new slash commands. It will generate a link that you (or someone else, if you have made it a public bot in the bot tab of the portal) can click on to add the bot to their server.
A bot must be created. To do this, log into the Discord Developer Portal and see your applications there.
To make the whole thing a bot navigate in your application as followed:
Application - New Application - Bot - Add Bot
To add the necessary permissions I recommend the following page:
https://discordapi.com/permissions.html#
Here you will get a number spit out when you are done.
To add the bot you need the Manage Server or Administrator permission. The bot does not have to be public, because you as the owner can always add it, but not others if it is set to "Private".
The invitation link is/can be structured as followed:
https://discord.com/oauth2/authorize?client_id=ApplicationID&scope=bot&permissions=Permissions
Just add the ApplicationID (You can find it in the Developer Portal of the application under "General Information") and the permissions of Discord Permissions Calculator to the end.
(Replace the words with your Application ID and the permission "code".)
You can't do this unless you selfbot, however this is against Discord's ToS and the account that you're using can get banned because Discord often checks for people who selfbot.
I am building a Slack App and planning to distribute it in the Slack App Directory so that other users can install it. I am using Slash commands for this app. Now when I get my API called after some user type my Slash command then I want to access some of the user information using WEB APIs. But to access the info I need user token to call the WEB API. With Slash command request object I am not getting any user token. So my question is how can I get the user token at this time to access the information. Do I need to save this when user installs the app or do I need to provide the Add to Slack button for this?
Yes, your app will receive the access token for a team / workspace only as result of a successful installation process and should then store it together with the team ID for later use. Each slash request includes the team ID which allows you identify the correct access token for each team.
There are two approaches for installing Slack apps, which can be chosen on the "Manage your apps" pages under "Basic Information". Here is how it looks:
Installation from landing page
Having your own website with a "Add to Slack" button is the easiest way to to that. You website will then need to handle the installation process, which basically is a Oauth flow. You should also make sure to request the right permissions, so that you can later access the API methods that you need. This installation approach is called "Installation from landing page".
Installation from App Directory
Another way to install your app is "Install from App Directory". This will allow users to start the OAuth process directly from the App directory, instead of having to click a "Add to Slack button" on a website. Its has the same effect as clicking a custom "Add to Slack button", so you still need a website behind it to handle the full OAuth flow.
Important: This option is only available to apps that have been approved by Slack and are listed on the App directory.
Further Reading
Installation approaches
Oauth process with Slack
This just my local test page.
is there some parameter to show my product name ?
https://accounts.google.com/signin/oauth/oauthchooseaccount?client_id=750613625541-ju0p2hvmml1eahjmt9l4f01gdtp9s33o.apps.googleusercontent.com&as=-2201fc670d7b92ee&nosignup=1&destination=https%3A%2F%2Fwww.storage.com&approval_state=!ChRxdl9WYmw4YURnUWxCemhGSTFUZRIfMC1LRl90bTZ2Z2NaWUg3R0Q2SDQtRUVFOEJjeHpoVQ%E2%88%99ADiIGyEAAAAAWVH50eZlchIgJ3-_vV2dZuQUMH9bhmmI&passive=1209600<mpl=nosignup&oauth=1&sarp=1&scc=1&xsrfsig=AHgIfE_ysFUz37usqpUy0VanY6KxOc5Kkg&flowName=GeneralOAuthFlow
This is the url of authorization in my App.
This used to be possible as a is a setting in the Google developer console.
Google developer console -> credentials -> Oauth consent screen tab
Google has been making a number of changes to the OAuth consent form recently. This is a direct consequence of the Gmail phishing hack a few months ago. One of the changes is as you see it the website of the application is now being displayed instead of the application name. This it was thought would be easier for users to understand WHO they are granting access to their data rather than what application has access to their data. This is not something you can change.
I'm trying to get further user details from the Slack's API.
Currently I'm authenticating users via Slack's OAuth2 that returns a code. I'm currently asking for scope=identity.basic,identity.email,identity.avatar. When I try to ask for more, like users.profile:read, the link redirects me to a crash page.
My link for signing in to my app via Slack is like this, for now:
Thanks for any help
Sign in with Slack works as a kind of sidebar form of OAuth 2.0 authorization for Slack. It's meant to be used for identity, exclusively. So whenever going through the flow and asking for an identity.* scope, you'll be restricted from combining it with others.
You can still ask for users.profile:read, but you have to do so in a separate authorization attempt where it's not among the momentarily requested scopes. It'll then be added to the user token you already hold for that user.
I have registered a dummy app with Yammer, as I am still in testing phase. I gave the homepage of my org as the redirect URI. Honestly, there is no app hosted anywhere. Still, I think it is possible to test the authentication and go till creating a token. This is what I have done.
Navigated to https://www.yammer.com/client_applications page.
Registered an application. I provided the "RedirectURI". I got a "Client Id", "Client Secret", and "Expected Re-direct".
Since I don't have an app to launch anything from, I manually typed in the following URL in the browser. "https://www.yammer.com/oauth2/authorize?client_id=[:client_id]&response_type=code&redirect_uri=[:redirect_uri]".
I was taken to the app registration page. I clicked "Allow".
Now the page is redirected to the home page of my org, as I provided along with "www.<<>>.com/code=".
I copied this code over, tried to launch "https://www.yammer.com/oauth2/access_token.json?client_id=%s&client_secret=%s&code=%s".
I expected a token to be created, so that I go back to my dummy JAVA program and start connecting to Yammer, but I am not allowed to connect in above step. I am getting a "Not Authorised" error.
Can some please point out what I need to do? My requirement is that I get this token not from with in an app, but then on use it in a SWT based Rich Client JAVA application to connect to Yammer.
I think the request to oauth2/access_token.json needs to be a POST not a GET