search

integrations / slack

Bring your code to the conversations you care about with the GitHub and Slack integration
https://slack.github.com/
MIT License
2.99k stars 468 forks source link

User Signed Out After Months Of No Access #1703

Open MikeBourgault opened 1 year ago

MikeBourgault commented 1 year ago

Describe the bug My private organization removed a user more than 6 months ago. Today, we received a notification that the user signed out from the Github app in slack on one of our channels. The notification informed us that we should run /subscribe [repo] to keep receiving notifications for that private repo.

To Reproduce N/A We are not sure how this happened.

Expected behavior When a user is removed from our Github org, and from our Slack, we would expect all of their integration tokens to be null and void.

Screenshots image

Additional context Our github is fully integrated with SAML, and users are provisioned and deprovisioned using SCIM. This user was added to our organization before the SAML and SCIM was set up, but they were there to be deprovisioned by the SCIM.

Our slack is the same.

timon0305 commented 1 year ago

great

janbo24 commented 8 months ago

This happened to me also, before we rush into security lookout could you provide more info why this is happening?

We are suspecting that the user in question has made the subscription / gh integration with slack

Looking forward to hearing from you

gthomson31 commented 4 months ago

Was there any resolution to this ?