I am trying to implement a Bot which can get all the Direct Message Channels, all the workspace Users and send Direct Messages to them.
If I work with my development workspace everything works as expected but when I try with my company workspace, my Bot is only capable to retrieve the Direct Message Channel it is belonging to.
Any idea on how to fix by production Bot.
You can't. Due to the security architecture of Slack one can only see the messages of channels he is part of. Its the same even for the "super admin" of a Slack team (the primary owner). Bots and apps inherit that right from the user who installed it (= authed the access token).
The reason it works on your development Slack, is that your user has probably created all private channels on Slack, and/or is the same that authed the access token your app uses.
Thanks to Slack support I got my answer:
The OAuth Token issued is specific to the user who has installed your app and represents the permission(s) to perform actions on behalf of the user. More detailed information here - https://api.slack.com/docs/oauth.
The token can only perform the same actions as the user who installed the app i.e If the user can’t view or post in the channel, they can’t grant permission to something they do not have.
Related
My bot currently works as a service to notify users of their application status on our platform. However, I am worried users who have strict privacy settings will miss these notifications.
Does anyone know other options to work around this? My best option currently is creating a private channel with said user. Maybe getting verified?
Thanks
I am using discordjs library and I can send DMs to users with their snowflake for now, no issues unless the user has these strict privacy settings.
All these users would be sharing at least one server with the bot.
I have attached below a small snippet illustrating where/ how I am sending these messages
code snippet example
Is there a way to send proactive cards from a bot to a Teams channel? The use case is a channel for service tickets. Once they get posted, a user will be able to interact with them with a few actions.
I’m looking at the documentation here for sending proactive messages. At the bottom, there’s a section for ”Creating channel conversations”, with a small reference to the startReplyChain(). However, the actual code and sample on GitHub still seem to reference a conversation with a member rather than sending something proactive to a channel.
There does appear to be documentation for incoming and outgoing webhooks, which is what I may end up doing. My only real concern is that it requires using Actionable Cards, which it references as legacy everywhere. This is despite saying that you can’t send Adaptive Cards with them. Perhaps they intend to enable these connectors to send Adaptive Cards, it’s not just very clear to me if this is a long-term solution I should be focusing on.
This is definitely possible, and it's important to note that you can even send from another process/application (e.g. on a schedule from an AWS Lamba). You can see a sample here for this.
The process of sending the message is just part of the story though - you need to have certain information already saved (e.g. in your database) to know how to contact the right user, group chat, or channel conversation, but there are a few ways to get that information. The most common is, when you bot is added to the conversation, to get it from the conversationUpdate event. You'll need conversation id, service url, tenant id, and your bot's App Id (what you get in the Azure portal for your bot, and which you're using already in your app's configuration, teams manifest, etc.). You can read more about the topic here and here.
Another option, if you don't have access to conversationUpdate (e.g. the user hasn't installed your app) is to call the Graph API to install your app. It's only possible to do this to a channel (on the v1 or beta api) (see here) or to a user (see here), but on the beta api only, and not (yet?) for a group chat.
Everything I see around slack bot say that a bot cannot post within a conversation it's not been invited to.
➡️ However, why /giphy or simple poll (/poll) can post in PM (one to one) OR in a conversation where the bot has not been added to?
The current permissions are chat:write,commands,files:write
The oauth token is a "Bot User OAuth Access Token"
The plan is to support the Add to slack and to distribute the app.
Functionality wise, it support a /command and post file to a conversation.
The bot can:
- receive the oauth token uppon app install (via add to slack)
- delete ephemeral messages
- post a file only where it's been added too, which suck because the bot does not need to read any message within anything.
Code of the bot here
If the bot is not invited too, the answer is either channel_not_found or not_in_channel.
What am I missing?
It is correct that bots in general can only post messages to channels they are invited to. However, there are two exceptions:
Bots can inherit the rights of the installing user. So bots can post to every private channel the installing user is a member of (including direct message channels).
Slash commands work differently. If a user issues a slash command from a channel the bot can reply to that slash command. That works for every channel and does not require the bot to be invited. Those replies are normal Slack messages, so the can contain all kind of message features incl. image attachments or blocks with images.
A common pattern to give bot full access to private channels is the following:
User starts the bot with a slash command
Bot checks if it has full access to the current channel
If not it asks the user to invite it to that channel
I would like to create a webservice capable of automatically sending messages in Microsoft Teams. I tried authenticating as an application, but currently Microsoft does not support granting application permissions to send messages in Teams, so the only choice here is to authenticate using a service account with real credentials (Unless there is another way?). This method only specifies using user interaction to log in as a user.
I would like to use a service account teamchatbot#domain.com to authenticate with Microsoft Graph in order to send messages on Microsoft Teams. (similar to this but since I'm not accessing a resource it is a little different.) Is there a way I can silently obtain an access token on behalf of the service account in order to send messages?
It seems that you have a misunderstanding.
Your scene is actually the same as this post.
You should use Resource Owner Password Credentials to call Microsoft Graph API to send messages.
Based on permissions, you need the Group.ReadWrite.All delegated permission. So you need to add this permission into your Azure AD app firstly.
Don't forget to click on "Grant admin consent for {your tenant}" after you add this permission.
Then you can get an access token like this:
You can see that https://graph.microsoft.com/Group.ReadWrite.All has been included in the response.
Now you could use this access token to call POST /teams/{id}/channels/{id}/messages.
There are a few other ways I can think of.
1) One is that you can create a Bot using the Microsoft Bot Framework, and once that bot is installed to the particular team, it can send "pro-active" messages (i.e. not a message in response to a user's message, but rather whenever you need).
Essentially, when you bot is added to the team, you get access to a specific event in your bot (OnMembersAdded for a general bot, and there's now a new event just for Teams). See more on this in my answer on Detect bot application open event. In this event, you get the information you need for later, which you can store in a database or wherever, and then create the message as if it's your bot posting to the channel. You can see more on that at Programmatically sending a message to a bot in Microsoft Teams.
This option above is a lot of work, but useful if there's other functionality you want from a bot (e.g. the ability to receive messages from the users)
2) Another, and even more simple way, is to create an incoming webhook directly to the channel. Here's a post on doing this using PowerShell, so you can do that for simple testing and extrapolate from there for Node.
Of course, things like Flow (Power Automate) are an option too, but you're already writing code so one of the above is probably easier.
Hope that helps
in Microsoft Teams we have a Team called "BD" and this team has a channel named "Global".
Now I have a ReactJS app with a NodeJS backend and I would like to
display all the messages that are written in the Global Channel of the Team "BD"
I only need to show which messages are written in the channel (so readonly would be sufficient).
What is the easiest way to achieve this ? Even an iFrame would be ok, if somehow possible.
Please take a look at List channel messages Graph API. First try these APIs in Graph Explorer.
To implement this in a code, you need to follow either Get access on behalf of a user or Get access without a user
Before calling this API with application permissions (access without a user), you must request access. For details, see Protected APIs in Microsoft Teams.