-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New Permission Scopes (RTM?) #654
Comments
edit - I was wrong. Slack has made changes to their API and this is not correct. |
edit - I was wrong. Slack has made changes to their API and this is not correct. See my comment below. |
On second thought, I did quite a bit of digging on this and have written up a brief doc on getting a legacy token. https://github.com/threatsimple/smug-broker/blob/master/doc/slack.md |
Thanks! I heard that there was a link to get a legacy bot token/permissions but couldn't find it myself. I wonder how long this will stay active for? Seems like slack is trying to get away from this type of bot user. ¯_(ツ)_/¯ |
@mathew-fleisch I pinged Slack on both support and through twitter trying to find out what their intentions are. If they're deprecating RTM for bots, that's going to seriously hamper enteprise projects and I'll have to migrate away from them. |
That's great! Thanks for checking with them. Is there a thread I can follow, or can you update this thread with the info you find out? I'd love to stay in the loop. I will also need to know if I'll need to migrate away from RTM as well. |
I'll update here if I hear anything back. RTM is a big enough deal that I may have to migrate away from Slack altogether. |
I've always generated my bot tokens using the Slack bots app, which I get to via this URL: Nothing there indicates this is legacy, deprecated, or will otherwise stop working. Am I missing something? Likewise for me with RTM; if it goes away, I'll likely stop using Slack - unless they have a really good alternate solution for a chat bot connecting from behind a firewall. This is currently why I don't support Teams at all; too hard to make a working bot in our environment. |
It might be that slack just hasn't added RTM to their new permissions model, but it isn't in there right now, as far as I can tell. |
This page is pretty clear.. https://api.slack.com/authentication/quickstart
|
Follow up from slack. I let them know that this apparent deprecation was pretty horrendous from a slack adoption standpoint for enterprise integrations and gave a couple of examples of how this could be harmful. ----8<------ Thanks for your patience here. It sounds like you may have either created a Granular Bot Permissions app (this is actually the default app that gets created) or upgraded your existing Slack API app to use granular scopes. Unfortunately, I'm afraid that our new 'Granular Bot Permission' app type does not support the RTM API. This is indicated on the following page: https://api.slack.com/authentication/migration#select_user
Also, unfortunately, it's not possible to revert an app that have been converted to use granular scopes back to being a classic app. Therefore, you'll need to re-create a new classic app here: https://api.slack.com/apps?new_classic_app=1 Given this, hopefully, you can create a new app with the bot scope and get it set back up to use our RTM API. We're very sorry for the trouble here, and hope to find a way to make it more clear during the migration process about the limitations of the 'Granular Bot Permission' apps. ---->8------ |
oof. that's dumb. Any idea how long they'll keep this legacy option available? |
@mathew-fleisch They didn't say, but I have communicated that merely calling it "classic" indicates they're looking to deprecate it and that's a bad sign for enterprise users. |
The FAQ doesn't sound scary at all: My reading of that is Slack understands some use cases will always need a websocket. |
It looks like this new legacy options will be pulled on May 5! https://api.slack.com/legacy/custom-integrations/legacy-tokens |
dude. @nod who else can we complain to about this? There's gotta be a way for them to scope permissions for the RTM functionality. |
So for the moment we cannot use new endpoint with legacy/RTM tokens ? |
For those looking to use the RTM API with legacy tokens now gone, there are a bunch of different methods documented here: https://github.com/erroneousboat/slack-term/wiki#running-slack-term-without-legacy-tokens. I ended up using method 4:
This method is preferable from the standpoint it doesn't require installing an application into your organization, although it is undocumented and who knows if it will continue to work. If that method stops working, I also created a tool slack-rtm-token that uses the recommended approach from Slack of creating a classic app in your organization (you need permission to do this) and it will locally generate an OAuth token that provides access to the RTM API. This is the same as method 1 from that wiki, but it doesn't require sending sensitive data to Github pages (and method 2 to workaround this did not work for me). |
Now you can use Socket Mode instead of RTM API in many cases and we support it several days ago. |
I have used this library successfully a few times mainly by parsing text through the RTM flow. I just tried to set up a new bot in the same way, and can't figure out what permissions I need to give the bot to connect to the RTM socket. The old bots still work for the moment, but I get a deprecated scope error when I log into the "my apps" permissions section. Looks like this bot user method will be sunset by 2/21/2020. Any thoughts about how to keep this functionality up and running?
Event: {connection_error not_allowed_token_type}
This scope is deprecated. Please update scopes to use granular permissions.
The text was updated successfully, but these errors were encountered: