I am trying to download the history messages for a specific Slack app, let's say MLflow.
I found a few open-source tools on Github but none of them actually work for me. It seems that slack has disabled ways for non-admin to create the access token since May 2020. Is there any way for the scraping script to work without tokens? WHat else can I do now?
You can try the app called Backupery for Slack
Disclaimer: I'm the developer of the app and the app is not free, but a free trial is available.
The app can help you to export any conversation from your Slack workspace, including direct messages between you and an app. For example, if I need to export the conversation between me and Jira Cloud app, I just need to select the conversation and export it:
Please also note, the app will automatically create an access token for you. By default, Primary Owner, Owners, Admins and Full Members are allowed to install any applications for Slack (and create access tokens). However, a workspace Admin or Owner may limit installations to pre-approved apps - in this case you will not be able to use the app as it will not be possible to install it.
Related
I'm working on a Slack integration for our workspace that is within an Enterprise Grid. I have a workspace and I've created a Slack App with all possible OAuth scopes and have installed it in the workspace.
I'd like to automatically invite and remove users to our workspace using the app/bot. I should be able to do this with the Slack app/bot using the admin.users.invite and admin.users.remove API actions.
However, these two actions require the admin.users:write OAuth scope, which can only be used on an App that is installed organization-wide, so I can't use this scope on my workspace app:
The app requesting this scope must be installed by an admin or Owner of an Enterprise Grid organization. Also, the app must be installed on the entire org, not on an individual workspace.
Is there any other way I can have an automated system that invites/removes users to/from our workspace, without it being an organization-wide app? This is something I can do as a user through the Slack UI (and I'm not an organization admin, just a workspace admin), so one would think I should be able to do the same things via an app/bot that is installed and authorized to act on my behalf.
Unfortunately, the APIs currently provided by Slack are available for Org Owner & Org Admin roles.
The best course of action for you will be to collaborate with your org admins. Let them manage the app. It means you will not have access to token, but you can use the app as a user.
Create the app that will operate only on your workspace by using fixed teamId.
Ask the org admin to generate the admin token and update that in your app.
May be, if they find your app useful, it can be used across organization eventually.
I'm writing a bot for someone in python using Discord.py. Kindly share some knowledge regarding this issue.
To add a bot to a server you need to firstly have the "Manage Server" or "Administrator" permission in that server.
Then head to the Discord Developer Portal > Your Application > OAuth2 and click on the scopes you need ("Bot" is the one needed for bot commands although you will need "applications.commands" if you plan to use the new slash commands. It will generate a link that you (or someone else, if you have made it a public bot in the bot tab of the portal) can click on to add the bot to their server.
A bot must be created. To do this, log into the Discord Developer Portal and see your applications there.
To make the whole thing a bot navigate in your application as followed:
Application - New Application - Bot - Add Bot
To add the necessary permissions I recommend the following page:
https://discordapi.com/permissions.html#
Here you will get a number spit out when you are done.
To add the bot you need the Manage Server or Administrator permission. The bot does not have to be public, because you as the owner can always add it, but not others if it is set to "Private".
The invitation link is/can be structured as followed:
https://discord.com/oauth2/authorize?client_id=ApplicationID&scope=bot&permissions=Permissions
Just add the ApplicationID (You can find it in the Developer Portal of the application under "General Information") and the permissions of Discord Permissions Calculator to the end.
(Replace the words with your Application ID and the permission "code".)
You can't do this unless you selfbot, however this is against Discord's ToS and the account that you're using can get banned because Discord often checks for people who selfbot.
What is the best approach to manage app ownership in Slack?
Currently all devs in our team create their apps under their own Slack accounts. The risk with this is if they leave the company and their account gets closed then the apps they created will cease to work.
This must be a common solution but I couldn't find a definitive document with a good solution.
What would you recommend?
Here is what I would suggest for managing ownership of app development.
For this discussion we need to distinguish between
creating a Slack app
installing a Slack app.
Those are different concepts which need to be handled in different ways.
Creating a Slack app
A new Slack app is always created in a workspace and belongs to the user that created it. If that user leaves the workspace (or goes on a longer vacation) the Slack app can no longer be managed.
This risk can be mitigated by adding collaborators to every Slack app. Collaborators have the same rights (e.g. delete an app) and will keep their access when the initial creator is deactivated.
As the documentation states:
Slack apps are owned and contained by the team they are created on.
Slack apps may have multiple App Collaborators associated with it, and they can review & manage the application record. They can also add or remove other collaborators.
To further mitigate the risk of losing access to Slack app it might be prudent to create a dummy admin user that has to be added to every Slack app as collaborator. That way you won't loose access to your Slack app even if multiple users leave the workspace.
Installing a Slack app
When the creator or collaborator of a Slack app gets deactivated his app will automatically be uninstalled if he was also the installer. As it says in the documentation:
One caveat: this exception doesn't apply to the folks who created an
app or were added as an App Collaborator. When they leave, the app is
still uninstalled. Same goes for when an app uses additional scopes
beyond the ones listed above, taking on the behavior of a user.
One way to avoid this situation is to use a dummy admin account for app installation instead of the actual user.
Just looking for some general advice here.
I want to build a Slack app and publish it publicly to the Slack App Directory, for anyone to use. The basics of the app are:
When you paste a link to a specific domain in a Slack message, a bot will fetch additional information about that link from a Rest API my company built.
The roadblock I'm running into is that our Rest API uses Basic Auth for authentication, and I can't figure how or where in the Slack App setup flow to ask the user to enter their API key.
Does anyone have any advice on how to ask for user input when setting up a Slack app, so that the user can enter their API Key for our REST API?
Thanks!
OK, I will assume that the API key is individual to each user.
I would suggest to ask the API key as part of the installation process for your Slack app on your website and then store the connection between Slack user ID and API key as part of the installation process. It is in fact possible to have individual installations of the same Slack app to a workspace for each user. This is called "configurations" (e.g. the Twitter app for Slack is using this feature).
This requires each user who want to use the app to go through the installation process and also all users need to have permissions to install this particular Slack app (which can be configured by admin).
We've migrated our app from the old marketplace to the new one. After a few days we've received an email that we don't comply with an SSO policy - the user is not recognized after he installs the application.
In the old app we had a specific setup link, that was opened for the user after he installed the app - thus making him recognizable. Is there such a function in the market? Is there some sort of a callback for the installation event in the new marketplace?
P.S. the guy from Google told me to post technical questions on Stackoverflow and that "Our developer relations team monitors that forum and will be able to assist you."
EDIT:
There's the Additional app setup link in this after-installation popup (which clearly no user will click):
Is there a way to call the URL that of the Additional app setup in the background, without needing the user to click an obscure link?
That was an intentional design change which is different than how it used to work in v1 of the marketplace.
If you need interactive setup, best thing to do is put in a check on login to see if the domain has been configured. You can use the licensing API to check for a marketplace install record or directory API to check user permissions if those matter for your use case.
If you just need to run a background task, you can periodically poll the licensing API to detect new installations of the app. This shouldn't be done too often, so if you need to do things before a user logs you're still better off going with a check on login to route them to the setup flow as needed.