Reputation: 1031
chat.postMessage xoxb token that works to post messages to all users in all workspaces
I use: https://www.npmjs.com/package/@slack/interactive-messages and https://www.npmjs.com/package/@slack/events-api for my Slack/Node.js bot. I catch any interaction to the bot using:
slackEvents.on(‘message’, (message: any, body: any) => …);
Before Slack users can chat with the bot they must integrate it into their workspace using: https://api.slack.com/docs/sign-in-with-slack which is available in my website for logged on users. On successful response I get two different access tokens:
- xoxb based auth tokens from bot_access_token (if im correct this is workspace based access token)
- xoxp based auth tokens from access_token (if im correct this is user based access token)
I store above tokens in the users record in my database. I use the xoxb token to execute methods from my bot engine which also has access to the database, methods such as: https://api.slack.com/methods/chat.postMessage
However, once the bot is integrated the bot is exposed to many users. Users that did not do the 'Sign in with slack'-process and does not have any xoxp or xoxb tokens in their user record in the database. What xoxb token can I use to chat.postMessage to them?
I see there is an OAuth Access Token (xoxp) and Bot User OAuth Access Token (xoxb) in the Slack API Bot Dashboard under ‘OAuth & Permission’ link. Is this a master xoxb token that can be used to chat.postMessage to all users in Slack in any workspace that integrated my app?
Upvotes: 1
Views: 949
Answers (1)
Reputation: 32757
Tokens are always bound to one workspace and one user. There is no "master" token that would work for multiple workspaces.
However, an app usually only needs one token per workspace, which it receives during the on-time installation process (as you described). You obviously want to store that token (bot user token and access token if you have a bot user) in your app database.
Provided your app has the necessary scopes it can use that token for all API calls involving that workspace. e.g. you can send messages to any user with the same token. For this to work with different workspaces all you need to do is match the team ID from the incoming request to the right token for your response.
To send a direct message to any user just use the ID of the user as channel with chat.postMessage. You get that ID in the message event.
Since you have a bot user I would recommend you to use the bot token whenever possible and the access token only in cases where the bot token does not work (not all API methods work with bot token).
A detailed description of the differences between those tokens can be found here.
See also How to get a workspace agnostic Slack bot token?
Upvotes: 2
Related Questions
- Is it possible to post to chat.postMessage as any user in a Slack team?
- Slack bot - Sending messages to different users in multiple Workspaces
- SLACK: Is it possible to invite users to a workspace via api?
- How to post slack message as a workspace user using chat.postmessage?
- How to get a workspace agnostic Slack bot token?
- Getting tokens for all users in a workspace
- Open direct message channel to a user with a Slack Workspace token?
- Slack Send Direct Message to ALL on SLACK (Not group message I want to send individual message
- Slack Channel/User Ids and chat.postMessage
- Can slack incoming webhooks post message to all private groups?