Slack Generic OAuth2 User Token Account
In this article
Overview
Use this account type to connect Slack Snaps with data sources that use Slack Generic OAuth2 authentication, and then to perform the operations that Slack allows for your User Token account.
Prerequisites
- Valid Slack app
- Valid Client ID
- Valid Client secret
- User Scopes needed
- Redirect/Callback URLs. See Configuring Redirect URLs for your app for details.
Limitations
Do not use this account type to create a Bot Token Account for ease and convenience of working with Slack users and teams.
Known Issues
None.
Account Settings
To create your Slack Generic OAuth2 account in SnapLogic, you must create an application as per the application provider's instructions in Start building Slack apps to generate and supply Client ID, Client secret, OAuth2 endpoint, and OAuth2 token in the settings below and click Authorize. SnapLogic sends your account details to the OAuth2 endpoint specified and populates the Access token, Refresh token, and Access token expiration fields based on the details received from the endpoint.
| Parameter | Data Type | Description | Default Value | Example |
|---|---|---|---|---|
Label | String | Required. Enter a unique label for the account. | N/A | Slack_OAuth2_UserToken |
Client ID | String | Required. Enter the client ID associated with your Slack application. You can create the client ID as advised by your application provider. | N/A | 1394786838725.1307264331815 |
Client secret | String | Enter the client secret associated with your account. You can create the client secret as advised by your application provider. | N/A | bec1f9242f9nsh67f2276b9ws4cadd14 |
Access token | String | Auto-generated after authorization. The access token associated with the Slack application is used to make API requests on behalf of the user associated with the client ID. | N/A | N/A |
Refresh token | String | Auto-generated after authorization. The refresh token retrieval for the application is specified when setting up the account for the endpoint. There, the OAuth2 flow is executed and the resulting refresh token is stored in this field. If the refresh token is stored, then the access token is refreshed automatically before it expires. | N/A | N/A |
Access token expiration | Integer | Auto-generated after authorization. The access token expiration value in Epoch time. | N/A | N/A |
Header authenticated | Check box | Enable this if endpoint uses bearer header authentication. | Not selected | Selected |
OAuth2 Endpoint | String | Required. Enter the OAuth2 endpoint authorization URL to authorize the application. | https://slack.com/oauth/ v2/authorize | https://slack.com/oauth/ v2/authorize |
OAuth2 Token | String | Required. Enter the Token endpoint to get the access token. | https://slack.com/api/ oauth.v2.access | https://slack.com/api/ oauth.v2.access |
Token endpoint config | Use this field set to configure token endpoint parameters as necessary for the account. This field set comprises the following fields:
Specify each parameter in a separate row. Click | |||
Token endpoint parameter | String | Provide the name for the token endpoint parameter. | N/A | user_scope |
Token endpoint parameter value | String | Provide the value for the parameter. | N/A | users:read |
| Auth endpoint config | Use this field set to assign scopes for the OAuth2 Authentication endpoint for the user account. We recommend that you define at least one scope entry in this field set. This field set comprises the following fields:
Specify each parameter in a separate row. Click | |||
Authentication parameter | String | Provide the name for an authentication parameter. | N/A | user_scope scope |
Authentication parameter value | String | Provide the value for the parameter, typically at least one User scope. See the Scope and Permissions article in Slack API documentation for the complete list. | N/A | files:write |
Auto-refresh token | Check box | Do not select this check box as Slack (bot/user) tokens do not expire, and hence, need not be refreshed. Access Tokens If you have an Enterprise Admin account, you can set an expiry duration for your app's user token. See Revoke All OAuth Tokens to know about revoking all your OAuth tokens, if need be. | Not selected | Not selected |
| Authorize | Button | Click this button to acquire the required permissions for this account from the Slack app, when creating an account. For existing accounts, you can click this button to re-acquire the permissions (Access token, Refresh token and Access token expiration) to ensure that the account works as expected. This action does not require or result in any changes to the Access Token that is already generated. | N/A | N/A |
Configuring Redirect URLs for your app
While creating the Slack app, you must configure a Redirect (callback) URL for Slack to verify and authorize the communication between the app and your SnapLogic environment.- Open https://api.slack.com/apps/<app_ID>/oauth? in your browser, where <app_ID> is the 11-character alphanumeric identifier (starting with 'A') for your Slack app.
For example, https://api.slack.com/apps/A01AYUSRU5V/oauth? . You must log in to the site if you do not have a valid session running beforehand. - In the left navigation, navigate to Features > OAuth & Permissions, and then scroll down to the Redirect URLs section.
- Click Add New Redirect URL.
Enter the redirect URL in the following format:
https://<control-plane-name>.snaplogic.com/api/1/rest/admin/oauth2callback/<snap-pack-name>
where the<control-plane-name>corresponds to the domain part of your SnapLogic URL—elastic (global control plane) or emea (EMEA control plane).
For example:https://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/slack
https://emea.snaplogic.com/api/1/rest/admin/oauth2callback/slackhttps://elastic.snaplogic.com/api/1/rest/admin/oauth2callback/slackSlack app with REST Snap Pack
If you intend to use your Slack app with the REST Snap Pack, add the Redirect URL: https://<control-plane-name>/api/1/rest/admin/oauth2callback/rest in addition to the slack Redirect URL that you added in Step 4.
Click Add, and click Save URLs.
Revoke All OAuth Tokens
You can revoke all the OAuth tokens that you generated for your app if you want to revoke the various access permissions provided to your app's users.- Open https://api.slack.com/apps/<YOURAPPID>/oauth? in your browser, or select OAuth & Permissions from your app's Features section from the left navigation.
- Scroll down to the Revoke All OAuth Tokens section, and click Revoke Tokens.
This revokes all the OAuth tokens from your app. You must repeat the Token Generation process if you want to generate new tokens.
Troubleshooting
| Error | Reason | Resolution |
|---|---|---|
| Authentication failed | You have entered an incorrect Client ID or Client secret. | Verify whether you have supplied the correct and valid Client ID and Client secret for the account and assigned the required access privileges to the application. |
| Error in Authorization: Something went wrong when authorizing this app. Invalid client_id parameter | You have entered an incorrect Client ID. | Verify the Client ID entered for the account and try authorizing the app again. |
Snap Pack History
Related content
Have feedback? Email documentation@snaplogic.com | Ask a question in the SnapLogic Community
© 2017-2024 SnapLogic, Inc.