Understanding the OAuth process
In order to implement a bot user in a team that is not our own, we require a bot token similar to the ones we created earlier for our own team. We can request this token, but first we must prove that we are who we say we are using the OAuth process. OAuth (Open Authentication) is an open standard for authentication used by many companies, large and small.
The authentication process works through the following steps:
- The user clicks the Add to Slack button.
- Slack sends a request to the redirect URI provided in our app's settings page.
- Once the request is received on our server, we redirect it to the authorization API endpoint (https://slack.com/oauth/authorize) and include the following parameters in the query string:
client_id: This is the unique ID given to us when we first created our app.scope: This includes the permissions we require for our app. We will go into more detail on scopes later in this chapter.redirect_uri: This is an optional parameter. This...
