I want to create a bot that deactivates users under some criteria. I can not find any slash command that deactivates user accounts for free slack groups. I only see the option to kick from channel.
For paid versions the following can be used:
https://github.com/ErikKalkoken/slackApiDoc/blob/master/users.admin.setInactive.md
You can't do that. Slack exposes a SCIM API for user management, but it is not available for free teams.
To my knowledge there is no API methods to "kick" users automatically that works for free slack teams, so you will have to manually deactivate users you want to kick.
As a workaround I have a small bot running on my slack teams that report daily in a special admin channel which users need to be manually deactivated. That works of course only if you have a hard criteria that you can use to can test if a user is still eligible to be member of your Slack team.
Related
I'm trying to send Direct Messages (DMs) to a user on Slack using chat.postMessage using Bot token. But I'm only able to send messages to the users that are in my workspace.
How can I send message to any user on another workspaces?
When I try to do so, I get: "error": "channel_not_found"
I've that user's UserID (U02....), user's email and my Bot token.
When you create a bot/app in Slack, you grant it OAuth Scopes which provide the bot access to certain information in your Slack instance. So for example, I expect you have added the users:read Bot Token Scope to your Slack app, so that it can determine the users, and userId's in your workspace.
However, this scope restricts the bot to only see users in your workspace.
There's a couple of ways around this though:
Solution 1 - Slack Connect
Now in Slack, you can message users in other workspaces with a feature called Slack Connect.
You'll first need to establish a connection with the user you want the bot to message. This can be arranged via an invite process, and once completed that userId should become available to the bot. You can use that userId in the channel field of the chat.postMessage API to direct message the user from the other workspace.
Solution 2 - Org Level App
If you are on an Enterprise version of Slack, you should have multiple workspaces within a company, that are all linked by an enterpriseId.
In this case, a possible solution might be to create what is known as an Org Level App to have access to information across multiple workspaces. More information on Org Level apps can be found here.
I would like to implement the following Scenario:
Within a Meeting that should take place in the real world in a room (not necessarily within MS Teams), I want a Microsoft Azure Chat bot to post a message to the meeting-chat, without someone having to add the bot to that meeting chat.
I noticed, that real proactive messaging to MS Teams is still not possible, a workaround is necessary: Catching a conversation reference including the users teams-chat-id while he adds the bot e.g. via personal teams app. This works good, if the teams app is pushed to all users within an organization via policies.
This workaround however is not possible within a meeting-chat, that might not exist at the time the bot should write to it. So, no possibility to catch a conversation reference to post to.
Also, I noticed that there does not even exist a MS Graph endpoint neither a connector within Logic apps to post a teams message to several users without cannel-context.
Do you see any workaround for this scenario, or is it simply not supported?
To my knowledge, you're right on both accounts - a bot can't proactively message a chat that it's not part of, and I don't think Graph supports messaging to group chats altogether, which is your scenario.
Just on a point of correctness though, a bot can proactively message (a) individual users (1-1), (b) group chats, and (c) Team channels, each separately (i.e. it does not need to be installed by each user, and message each user privately, unless that is the desired scenario. All that's required for each of these is the relevant "conversationid" that represents the specific conversation, and the ServiceUrl.
I'm trying to convert some bot logic to use delegated permissions instead of application ones, but I'm running into an issue with a bot feature that can post to a Teams channel from a 1:1 conversation. The user can ask the bot to post to a channel, and this works fine, but when I take away Group.ReadWrite.All, I can't find a workaround that doesn't require admin consent. Here's the current flow:
Get the user's joined teams (me/joinedTeams-gets the user's joined Teams. This requires Team.ReadBasic.All.
Get the channels in the team (/teams/{id}/channels). This requires Group.Read.All (admin consent)
Post to the channel (/teams/{id}/channels/{id}/messages) which requires ChannelMessage.Send
So with delegated, non-admin permissions, I can list a user's teams, post a message to a channel on their behalf, but not list the channels on their joined teams? The docs here say that you need delegated Group.Read.All or ReadWrite.All, both of which require admin consent.
Is there another way that I'm missing to get a list of teams/channels for a user to cross-post to? I don't want to have to add the bot to the channel. I suppose I could create/store a list of connectors for each channel, but that's a lot of extra user overhead. The challenge is that I want to deploy this bot to an org that refuses to give any application/admin consent permissions to 3p apps.
I have no idea how I missed this, but there's a Channel.ReadBasic.All permission that doesn't require admin consent. This means I can do something like this in my bot:
Get a user's joined teams with graphClient.Users[aadUserId].JoinedTeams.Request().GetAsync()
Get the team's channels with graphClient.Teams[teamID].Channels.Request().GetAsync()
Post to the channel as outlined in the docs with c.Teams[teamID].Channels[channelID].Messages.Request().AddAsync(chatMessage).GetAwaiter().GetResult();
The only difference here is that the message is attributed to the user and not the bot, but as long as that's OK, this is a way to have a user initiated cross-post from a bot to a Team.
I want to list the bots owned by any user through the slack api. The list of applications owned by a user is missing from user.info and user.list. Which api method could I use to list the applications any one user owns? Or vice versa if I have a bot application id how could I determine who owns said bot?
The endpoint you are looking for is team.integrationLogs.
This method lists the integration activity logs for a team, including
when integrations are added, modified and removed. This method can
only be called by Admins.
You will have to parse through the log with all changes to get the current state, but this is the only endpoint with that kind of information.
I am enabling slack channel in MS bot framework. All mentioned steps are done and from my own ID i am able to communicate with bot.
However, I when I give "Add to Slack" button to another slack user, it asks for permissions. After allowing the permission, the user is transferred to https://bots.botframework.com/ webpage where following is written:
Persmissions snapshot: Permissions snapshot before bot framework page
error page
The Bot Directory is no longer accepting new submissions. Add your bot to the Bing channel so users will not only be able to find it, but chat with it too
I have already enabled bot for public in slack settings, and users should be able to chat with bot who have the ID of bot.
Looks like some change has been done from Microsoft, which I am not aware of. Ideally it should take the user to conversation page
In order for user to chat with your bot on Slack, you DO NOT need to use that link to connect them. The method you're attempting is to give them a roundabout admin access, which won't actually work.
In order for your users to communicate with your bot, once it's properly connected to Slack, they can simply select it on the app list, like so:
Additionally, you as the admin, can add the bot to a particular channel, where the users can chat with the bot directly.