Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add token rotation section to docs #1009

Merged
merged 4 commits into from
Jul 21, 2021
Merged

Add token rotation section to docs #1009

merged 4 commits into from
Jul 21, 2021

Conversation

misscoded
Copy link
Contributor

@misscoded misscoded commented Jul 19, 2021
edited
Loading

Summary

Add section to documentation that outlines token rotation and links out to corresponding spec + API documentation.

Screen Shot 2021-07-19 at 9 24 04 AM

Requirements (place an x in each [ ])

@misscoded misscoded added the docs M-T: Documentation work only label Jul 19, 2021
@codecov
Copy link

codecov bot commented Jul 19, 2021
edited
Loading

Codecov Report

Merging #1009 (efc3a26) into main (b0343da) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #1009   +/-   ##
=======================================
  Coverage   66.41%   66.41%           
=======================================
  Files          13       13           
  Lines        1212     1212           
  Branches      357      357           
=======================================
  Hits          805      805           
  Misses        338      338           
  Partials       69       69

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b0343da...efc3a26. Read the comment docs.

@misscoded
Copy link
Contributor Author

Once the copy/content is agreed upon, need to introduce it into the Japanese docs, as well.

@stevengill
Copy link
Member

Looks great! It would be nice to point out the minimum version of bolt that ships with token rotation support.

seratch
seratch reviewed Jul 20, 2021
View reviewed changes
docs/_advanced/token_rotation.md Outdated

Instead of an access token representing an existing installation of your Slack app indefinitely, with token rotation enabled, access tokens expire. A refresh token acts as a long-lived way to refresh your access tokens.

Bolt for JavaScript supports token rotation automatically once enabled in your app's configuration.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As one of the prerequisites on the Bolt app side, we can mention the necessity to use @slack/oauth package's default authorize function along with InstallationStore. This sounds obvious to us but it's not the same particularly for the developers who are new to Bolt.

Also, we may want to update the OAuth package's document as well.

seratch
seratch approved these changes Jul 20, 2021
View reviewed changes
Copy link
Member

@seratch seratch left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Left one more comment on the link but this looks almost ready

docs/_advanced/token_rotation.md Outdated

Instead of an access token representing an existing installation of your Slack app indefinitely, with token rotation enabled, access tokens expire. A refresh token acts as a long-lived way to refresh your access tokens.

Bolt for JavaScript supports and will handle token rotation automatically so long as the [built-in OAuth](https://slack.dev/node-slack-sdk/oauth) functionality is used.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Directly linking to the underlying OAuth package may confuse readers. How about navigating to bolt-js's OAuth document instead?

Suggested change
Bolt for JavaScript supports and will handle token rotation automatically so long as the [built-in OAuth](https://slack.dev/node-slack-sdk/oauth) functionality is used.
Bolt for JavaScript supports and will handle token rotation automatically so long as the [built-in OAuth](https://slack.dev/bolt-js/concepts#authenticating-oauth) functionality is used.

@misscoded @stevengill
Update docs/_advanced/token_rotation.md
efc3a26 
Co-authored-by: Steve Gill <stevengill97@gmail.com>
@seratch
Copy link
Member

seratch commented Jul 20, 2021

Forgot to mention this:

For the Japanese translation work, can you create a “good first issue” like this? #994 I can work on it but am also happy to have the contributions from the community!

@misscoded misscoded merged commit 7bcbfb6 into slackapi:main Jul 21, 2021
@misscoded misscoded mentioned this pull request Jul 21, 2021
Closed
10 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@seratch seratch seratch approved these changes

@stevengill stevengill stevengill approved these changes

@shaydewael shaydewael Awaiting requested review from shaydewael

Assignees
No one assigned
Labels
docs M-T: Documentation work only
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@misscoded @stevengill @seratch