Clarify oauth setup requirements and customization options #1122
Conversation
docs/_basic/authenticating_oauth.md
Outdated
| @@ -27,7 +68,7 @@ const app = new App({ | |||
| clientId: process.env.SLACK_CLIENT_ID, | |||
| clientSecret: process.env.SLACK_CLIENT_SECRET, | |||
| stateSecret: 'my-state-secret', | |||
| scopes: ['channels:read', 'groups:read', 'channels:manage', 'chat:write', 'incoming-webhook'], | |||
| scopes: ['chat:write', 'incoming-webhook'], | |||
There was a problem hiding this comment.
Doesn't need so many scopes. It's already a very cluttered code sample.
There was a problem hiding this comment.
I agree. If we revisit this part, we may want to have commands and chat:write instead because that's a common minimum set for Bolt apps (you use say(), shortcuts, slash commands etc. but don't use incoming webhooks with Bolt, right?)
There was a problem hiding this comment.
Sure thing - I've modified the scopes and also adjusted the comments in the storeInstallation bit.
srajiang
requested review from
seratch,
stevengill and
filmaj
and removed request for
seratch and
stevengill
srajiang
changed the title
docs/_basic/authenticating_oauth.md
Outdated
| clientId: process.env.SLACK_CLIENT_ID, | ||
| clientSecret: process.env.SLACK_CLIENT_SECRET, | ||
| scopes: ['chat:write'], | ||
| stateVerification: false, |
There was a problem hiding this comment.
We don't want to highlight this way (=as the first example code in the section). Can we we move this to the bottom of the section?
There was a problem hiding this comment.
Yes, I agree that having it appear as the first code sample in the section may not be great. More than that it's an org-wide app installation related section so it probably makes more sense in it's own section under a new heading Org-wide installation. I've added that to the latest changes.
docs/_basic/authenticating_oauth.md
Outdated
| @@ -27,7 +68,7 @@ const app = new App({ | |||
| clientId: process.env.SLACK_CLIENT_ID, | |||
| clientSecret: process.env.SLACK_CLIENT_SECRET, | |||
| stateSecret: 'my-state-secret', | |||
| scopes: ['channels:read', 'groups:read', 'channels:manage', 'chat:write', 'incoming-webhook'], | |||
| scopes: ['chat:write', 'incoming-webhook'], | |||
There was a problem hiding this comment.
I agree. If we revisit this part, we may want to have commands and chat:write instead because that's a common minimum set for Bolt apps (you use say(), shortcuts, slash commands etc. but don't use incoming webhooks with Bolt, right?)
Codecov Report
@@ Coverage Diff @@
## main #1122 +/- ##
==========================================
- Coverage 71.71% 70.92% -0.80%
==========================================
Files 15 14 -1
Lines 1354 1324 -30
Branches 402 392 -10
==========================================
- Hits 971 939 -32
+ Misses 312 311 -1
- Partials 71 74 +3
Continue to review full report at Codecov.
|
srajiang
force-pushed
the
1101_add_state_validation_docs
branch
from
f1d7e95 to
eae1b3f
Compare
srajiang
force-pushed
the
1101_add_state_validation_docs
branch
from
a51c65f to
7506067
Compare
Summary
Updates Oauth documentation to be consistent with changes in bolt-js/pull//#1116. Adjusts formatting for better readability and adds clarifying language to concepts (Redirect URI vs. Redirect URI path) etc.
Requirements (place an
xin each[ ])