How to set up authorization with OAuth in SlackAPP for new users?











up vote
0
down vote

favorite












I have a c#-based program that can send messages and files to our SlackWorkspace via my SlackApp (I'm using HttpClient to communicate with Slack).



Now, to distribute this program in my workspace and to make it so that every user will have his own identity, it says that I have to use OAuth and create verification-tokens, specific for each user.
It says in the Slack-documentation I have to use a redirect-URL (as per docs) to my own server.



We have a server that I potentially could use for this. But I have never done anything like this before and I am unclear on what "answer" I have to provide from our server. I thought the verification-process would be handled by Slack.



Anyone has an idea on how to approach this?



And before anyone asks - yes we need to install it for everyone and make them identifiable as themselves. We can't use the "SlackApp" as user. :)



I would be very grateful for code examples(in c#) and explanations on how this whole redirect-thing is working.










share|improve this question




























    up vote
    0
    down vote

    favorite












    I have a c#-based program that can send messages and files to our SlackWorkspace via my SlackApp (I'm using HttpClient to communicate with Slack).



    Now, to distribute this program in my workspace and to make it so that every user will have his own identity, it says that I have to use OAuth and create verification-tokens, specific for each user.
    It says in the Slack-documentation I have to use a redirect-URL (as per docs) to my own server.



    We have a server that I potentially could use for this. But I have never done anything like this before and I am unclear on what "answer" I have to provide from our server. I thought the verification-process would be handled by Slack.



    Anyone has an idea on how to approach this?



    And before anyone asks - yes we need to install it for everyone and make them identifiable as themselves. We can't use the "SlackApp" as user. :)



    I would be very grateful for code examples(in c#) and explanations on how this whole redirect-thing is working.










    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      I have a c#-based program that can send messages and files to our SlackWorkspace via my SlackApp (I'm using HttpClient to communicate with Slack).



      Now, to distribute this program in my workspace and to make it so that every user will have his own identity, it says that I have to use OAuth and create verification-tokens, specific for each user.
      It says in the Slack-documentation I have to use a redirect-URL (as per docs) to my own server.



      We have a server that I potentially could use for this. But I have never done anything like this before and I am unclear on what "answer" I have to provide from our server. I thought the verification-process would be handled by Slack.



      Anyone has an idea on how to approach this?



      And before anyone asks - yes we need to install it for everyone and make them identifiable as themselves. We can't use the "SlackApp" as user. :)



      I would be very grateful for code examples(in c#) and explanations on how this whole redirect-thing is working.










      share|improve this question















      I have a c#-based program that can send messages and files to our SlackWorkspace via my SlackApp (I'm using HttpClient to communicate with Slack).



      Now, to distribute this program in my workspace and to make it so that every user will have his own identity, it says that I have to use OAuth and create verification-tokens, specific for each user.
      It says in the Slack-documentation I have to use a redirect-URL (as per docs) to my own server.



      We have a server that I potentially could use for this. But I have never done anything like this before and I am unclear on what "answer" I have to provide from our server. I thought the verification-process would be handled by Slack.



      Anyone has an idea on how to approach this?



      And before anyone asks - yes we need to install it for everyone and make them identifiable as themselves. We can't use the "SlackApp" as user. :)



      I would be very grateful for code examples(in c#) and explanations on how this whole redirect-thing is working.







      c# oauth-2.0 slack-api






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited 6 hours ago









      Erik Kalkoken

      11.5k32145




      11.5k32145










      asked 18 hours ago









      Fabian Held

      347




      347
























          2 Answers
          2






          active

          oldest

          votes

















          up vote
          0
          down vote













          From the Slack API wiki:
          https://github.com/Inumedia/SlackAPI/wiki/Examples



          Getting Authentication token from email and password:



          SlackClient.StartAuth((authStartResponse) =>{
          // Here authStartResponse has a field ('users') containing a list of teams you have access to.
          SlackClient.AuthSignin(
          (authSigninResponse) =>{
          //Here, authSigninResponse contains a field 'token' which is your valid authentication token.
          },
          authStartResponse.users[0].user_id,
          authStartResponse.users[1].team_id,
          YOUR_PASSWORD_HERE
          );
          }, YOUR_EMAIL_HERE);


          There is also much more in the wiki of how to do everything. The question is, how do you choose to get everybody's email and password for slack. If this is an inside work thing and security is not an issue, just have them enter their password and email at some point and time that you can then use inside of the method above. What kind of app is it? I could be more specific to the platform.






          share|improve this answer





















          • Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
            – Erik Kalkoken
            4 hours ago




















          up vote
          0
          down vote













          Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.



          To enable a Slack app to generate tokens via Oauth a web app is needed:




          • can be reached from the Internet

          • able to handle HTTP requests like a web server

          • has persistent storage for the newly generated tokens


          For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.



          Main concepts for implementing such a solutions in C# with .NET core include:





          • HttpListener class for providing fundamental ability to listen and respond to HTTP requests

          • Multi-threading of HttpListener

          • Cookies / Session handling

          • MD5 hashes


          The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.






          share|improve this answer























            Your Answer






            StackExchange.ifUsing("editor", function () {
            StackExchange.using("externalEditor", function () {
            StackExchange.using("snippets", function () {
            StackExchange.snippets.init();
            });
            });
            }, "code-snippets");

            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "1"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














             

            draft saved


            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53371810%2fhow-to-set-up-authorization-with-oauth-in-slackapp-for-new-users%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            2 Answers
            2






            active

            oldest

            votes








            2 Answers
            2






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes








            up vote
            0
            down vote













            From the Slack API wiki:
            https://github.com/Inumedia/SlackAPI/wiki/Examples



            Getting Authentication token from email and password:



            SlackClient.StartAuth((authStartResponse) =>{
            // Here authStartResponse has a field ('users') containing a list of teams you have access to.
            SlackClient.AuthSignin(
            (authSigninResponse) =>{
            //Here, authSigninResponse contains a field 'token' which is your valid authentication token.
            },
            authStartResponse.users[0].user_id,
            authStartResponse.users[1].team_id,
            YOUR_PASSWORD_HERE
            );
            }, YOUR_EMAIL_HERE);


            There is also much more in the wiki of how to do everything. The question is, how do you choose to get everybody's email and password for slack. If this is an inside work thing and security is not an issue, just have them enter their password and email at some point and time that you can then use inside of the method above. What kind of app is it? I could be more specific to the platform.






            share|improve this answer





















            • Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
              – Erik Kalkoken
              4 hours ago

















            up vote
            0
            down vote













            From the Slack API wiki:
            https://github.com/Inumedia/SlackAPI/wiki/Examples



            Getting Authentication token from email and password:



            SlackClient.StartAuth((authStartResponse) =>{
            // Here authStartResponse has a field ('users') containing a list of teams you have access to.
            SlackClient.AuthSignin(
            (authSigninResponse) =>{
            //Here, authSigninResponse contains a field 'token' which is your valid authentication token.
            },
            authStartResponse.users[0].user_id,
            authStartResponse.users[1].team_id,
            YOUR_PASSWORD_HERE
            );
            }, YOUR_EMAIL_HERE);


            There is also much more in the wiki of how to do everything. The question is, how do you choose to get everybody's email and password for slack. If this is an inside work thing and security is not an issue, just have them enter their password and email at some point and time that you can then use inside of the method above. What kind of app is it? I could be more specific to the platform.






            share|improve this answer





















            • Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
              – Erik Kalkoken
              4 hours ago















            up vote
            0
            down vote










            up vote
            0
            down vote









            From the Slack API wiki:
            https://github.com/Inumedia/SlackAPI/wiki/Examples



            Getting Authentication token from email and password:



            SlackClient.StartAuth((authStartResponse) =>{
            // Here authStartResponse has a field ('users') containing a list of teams you have access to.
            SlackClient.AuthSignin(
            (authSigninResponse) =>{
            //Here, authSigninResponse contains a field 'token' which is your valid authentication token.
            },
            authStartResponse.users[0].user_id,
            authStartResponse.users[1].team_id,
            YOUR_PASSWORD_HERE
            );
            }, YOUR_EMAIL_HERE);


            There is also much more in the wiki of how to do everything. The question is, how do you choose to get everybody's email and password for slack. If this is an inside work thing and security is not an issue, just have them enter their password and email at some point and time that you can then use inside of the method above. What kind of app is it? I could be more specific to the platform.






            share|improve this answer












            From the Slack API wiki:
            https://github.com/Inumedia/SlackAPI/wiki/Examples



            Getting Authentication token from email and password:



            SlackClient.StartAuth((authStartResponse) =>{
            // Here authStartResponse has a field ('users') containing a list of teams you have access to.
            SlackClient.AuthSignin(
            (authSigninResponse) =>{
            //Here, authSigninResponse contains a field 'token' which is your valid authentication token.
            },
            authStartResponse.users[0].user_id,
            authStartResponse.users[1].team_id,
            YOUR_PASSWORD_HERE
            );
            }, YOUR_EMAIL_HERE);


            There is also much more in the wiki of how to do everything. The question is, how do you choose to get everybody's email and password for slack. If this is an inside work thing and security is not an issue, just have them enter their password and email at some point and time that you can then use inside of the method above. What kind of app is it? I could be more specific to the platform.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered 6 hours ago









            The.NetDeveloper

            13




            13












            • Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
              – Erik Kalkoken
              4 hours ago




















            • Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
              – Erik Kalkoken
              4 hours ago


















            Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
            – Erik Kalkoken
            4 hours ago






            Thanks for your contribution. I am however a bit skeptical whether this really is a solution. 1) Your are not linking to the official Slack API, but to a 3rd party library called "SlackAPI" 2) The standard OAuth process does not require email and password to be provided (which btw would be huge security concern). So I doubt this actually works.
            – Erik Kalkoken
            4 hours ago














            up vote
            0
            down vote













            Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.



            To enable a Slack app to generate tokens via Oauth a web app is needed:




            • can be reached from the Internet

            • able to handle HTTP requests like a web server

            • has persistent storage for the newly generated tokens


            For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.



            Main concepts for implementing such a solutions in C# with .NET core include:





            • HttpListener class for providing fundamental ability to listen and respond to HTTP requests

            • Multi-threading of HttpListener

            • Cookies / Session handling

            • MD5 hashes


            The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.






            share|improve this answer



























              up vote
              0
              down vote













              Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.



              To enable a Slack app to generate tokens via Oauth a web app is needed:




              • can be reached from the Internet

              • able to handle HTTP requests like a web server

              • has persistent storage for the newly generated tokens


              For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.



              Main concepts for implementing such a solutions in C# with .NET core include:





              • HttpListener class for providing fundamental ability to listen and respond to HTTP requests

              • Multi-threading of HttpListener

              • Cookies / Session handling

              • MD5 hashes


              The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.






              share|improve this answer

























                up vote
                0
                down vote










                up vote
                0
                down vote









                Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.



                To enable a Slack app to generate tokens via Oauth a web app is needed:




                • can be reached from the Internet

                • able to handle HTTP requests like a web server

                • has persistent storage for the newly generated tokens


                For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.



                Main concepts for implementing such a solutions in C# with .NET core include:





                • HttpListener class for providing fundamental ability to listen and respond to HTTP requests

                • Multi-threading of HttpListener

                • Cookies / Session handling

                • MD5 hashes


                The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.






                share|improve this answer














                Slack uses the standard Oauth 2.0 protocol to authenticate apps, similar to Google and Facebook.



                To enable a Slack app to generate tokens via Oauth a web app is needed:




                • can be reached from the Internet

                • able to handle HTTP requests like a web server

                • has persistent storage for the newly generated tokens


                For the local development of such a web app its recommend to use a VPN tunnel like ngrok, that allows one to expose a local machine securely to the Internet and Slack.



                Main concepts for implementing such a solutions in C# with .NET core include:





                • HttpListener class for providing fundamental ability to listen and respond to HTTP requests

                • Multi-threading of HttpListener

                • Cookies / Session handling

                • MD5 hashes


                The details go a bit beyond the scope of one answer. But I am happy to share a working example implementation on this GitHubGist.







                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited 1 hour ago

























                answered 2 hours ago









                Erik Kalkoken

                11.5k32145




                11.5k32145






























                     

                    draft saved


                    draft discarded



















































                     


                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f53371810%2fhow-to-set-up-authorization-with-oauth-in-slackapp-for-new-users%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    android studio warns about leanback feature tag usage required on manifest while using Unity exported app?

                    SQL update select statement

                    'app-layout' is not a known element: how to share Component with different Modules