I have created a bot with a slash command that works, but it only responds to the channel in which the first Incoming Webhook was created. I would like it to respond in whatever channel (public or private) in which it was invoked.
I've tried creating a webhook for each channel and reinstalling the bot in my workspace, but it still reverts to the first channel.
I can see how I could hard code a webhook -> channel mapping in my code (php on my webserver) but that seems like a lot of very specific coding, and how would I ever release the bot to another workspace? I'm sure I'm missing something basic, but I can't work it out.
How do I deploy my bot so that it will respond to a slash command in whichever public or private channel it was invoked?
Fixed it. The example I was following had the webhook URL hard coded in the script. I just realised, upon re-reading the docs, that the actual webhook is passed in the POST data as response_url. Now it's all working fine. RTFM next time
Related
I'm completely new to slack development and I might sound crazy here.
This is what I have noticed. Whenever I use my incoming webhook URL to test messages using postman, it works fine. BUT, when I use it in my app and push the code in github (so it deploys to heroku), the incoming webhook gets removed. Is this something expected and that I missed reading in the documentation?
Ok, got answer to this. Basically, got an email from slack explaining the reason.
We recently discovered a publicly accessible incoming webhook associated with the Journey Alert Bot app installed on your sync.slack.com workspace. This can happen when someone who created or has access to a webhook URL posts it on a public site, such as Github or other code-sharing forums. None of your data is at risk — webhooks can only send messages into Slack and cannot access any data.
I have a Slack bot that is working fine and interacting with users. I'm using Bot Framework composer and the Slack Adapter.
In the Slack API portal I'm trying to change the Events Request Url the app uses to send Slack Events to my bot.
When I do that, slack sends a challenge request to my bot. The bot first tries to verify that the request is really coming from Slack following: https://api.slack.com/authentication/verifying-requests-from-slack#a_recipe_for_security
The problem is that this is failing and I can't understand why.
I see that Slack is sending all the right content, and that the ClientSigningSecret is being read, otherwise the other calls to the bot wouldn't work.
I know it's a bit far fetched to ask this since it seems to be a problem on my side. But since the bot is validating the requests just fine when users talk to the bot, and the code is from the Slack Adapter which is open source and there's nothing else I can thing of..... maybe someone struggled with the same problem.
I created a support ticket to Slack and they came back pretty quickly.
Pre publish state
Before publishing a Slack app the only configs that exist are the ones you see in the App configuration page. Those are what you use to test your app, this includes the secrets to authenticate the incoming messages from Slack into your backend.
After you publish your Slack App for the first time
Once your app is published, the production version that your users use will see the original settings, including the secrets and these are the ones your backend will get.
The settings you see in the configuration page are like development mode and they won't be persisted into the published app until you request Slack to approve your changes. That's sounds great and is what one would expect, but what you don't see and have no way of imagining is happening is that there are some development time secrets that are different from the ones you see on the settings screen.
When you change the endpoint url to be sent to your backend so that it can return the challenge and Slack would accept the new url, the message payload goes with this development secret and not the one you configured your backend with. Thus your backend will reject the call since it thinks it's not coming from Slack.
Proposed solution from Slack
Don't validate the signature of the incoming request for this type of call in an already published app. I don't like it but there was no other workaround unless Slack changes this. So what I did was:
Remove that check only for this request from the backend and publish to production.
Make the url change in Slack.
Revert the change from the backend.
:(
I have set up a slack app to allow me to send notifications from my code to a private slack channel.
I have invited the bot to the channel, and when I run the app from the command line, all is good.
However, when I try and run it from a docker container, I get channel not found. If I try and use exactly the same code, and send a message to a bot in a public channel, no issues all is good.
Both bots have permissions, chat:write and chat:write.public
Why would this only be working on some machines and not others?
I know this probably doesn't have enough detail, but I'm not sure what is needed to help diagnose this.
More information:
Thanks to #Suyash Gaur I didn't know about the groups scope. I've now added groups:write and groups:history to the app, but am still getting the same error from the docker version of the app.
The membership of the channel I'm trying to write too shows
cwpr_notifications on Aug 3, 2021
Can post messages to specific channels in slack, send messages as #cwprnotifications, send messages to channels #cwprnotifications isn't a member of, manage private channels that cwpr_notifications has been added to and create new ones, and view messages and other content in private channels that cwpr_notifications has been added to.
I am using a bottoken and channel ID to send the message. Do I need something else for a private channel.
When I first used the bot from the command line run, I had to invite the app to the channel to get it to work, but surely I only need to do that once?
I've confirmed that the environment variables are getting passed in correctly.
With limited set of information provided, I can only say that:
If the public channel is accessible and private channel is not,
It seems like an issue of scopes.
For public channels, scopes start with channels:*
For private channels, scopes start with groups:*
Can you look into the app's configuration and confirm the permissions are configured correctly?
I'm writing a simple slack bot which should execute other slack commands upon being called. Everything is up and running, however the slack commands this bot issues don't seem to be executed.
For instance my bot posts /giphy kitten every hour and the message appears just like that in the channel (so the sending side seems to work), but the slash command itself isn't executed. If I post the same command into the same channel myself it works as expected. Are bots not allowed to execute slash commands?
Bots can use the undocumented API method chat.command to invoke slash commands.
See here for an unofficial documentation page of this API method.
This question was also answered here.
The command chat.command needs the permission scope post, which only legacy tokens have and which is not available for Slack apps.
I just asked the Slack customer support if sending slash commands programmatically is still possible and received the following reply:
I'm afraid not. Slash commands can only be triggered by human-sent
messages from the client. Apologies.
I'm writing a simple slack bot which should execute other slack commands upon being called. Everything is up and running, however the slack commands this bot issues don't seem to be executed.
For instance my bot posts /giphy kitten every hour and the message appears just like that in the channel (so the sending side seems to work), but the slash command itself isn't executed. If I post the same command into the same channel myself it works as expected. Are bots not allowed to execute slash commands?
Bots can use the undocumented API method chat.command to invoke slash commands.
See here for an unofficial documentation page of this API method.
This question was also answered here.
The command chat.command needs the permission scope post, which only legacy tokens have and which is not available for Slack apps.
I just asked the Slack customer support if sending slash commands programmatically is still possible and received the following reply:
I'm afraid not. Slash commands can only be triggered by human-sent
messages from the client. Apologies.