Slack Oauth/Authorize API Call

Question

I'm new to OAuth (and the Slack API) and have a question regarding Step 1 of Slack's OAuth Flow.

It says "Your web or mobile app should redirect users to the following url: https://slack.com/oauth/authorize". At first I thought I should do an XHR request but then came to understand that that is not what I want.

After more research, I found that the initial oauth/authorize request should be sent as a direct request in the browser. My problem is I can't begin to visualize how this should be done. I've been referencing parts of this tutorial (scroll down to 'Web Server Apps' section) but it doesn't help me to be able to wrap my head around the oauth/authorize petition.

So basically, I'm looking for someone to better explain to me how that initial petition is supposed to be made. Any and all help is greatly appreciated!

Thanks in advance

Answer 1

You should check out the Slack button docs.

There you will find an example for your slackapp, something like:

<a href="https://slack.com/oauth/authorize?scope=incoming-webhook&client_id=CLIENT_ID">
   <img alt="Add to Slack" height="40" width="139" 
   src="https://platform.slack-edge.com/img/add_to_slack.png" />
</a>

This button asks for authorization for a slackapp that includes incoming webhooks, you can add more features needed inside scope separating them by commas. scope=incoming-webhook,commands,bot,channels:read

As of your tutorial link, when it says you should link them to https://oauth2server.com/auth?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&scope=photos

It is refering to wrap that into a button for the user:

<a href="https://oauth2server.com/auth?response_type=code&client_id=CLIENT_ID&redirect_uri=REDIRECT_URI&scope=photos">
   Auth Button
</a>

Hope this helps clarify the usage of /oauth/authorize