Open MikeBourgault opened 1 year ago
great
This happened to me also, before we rush into security lookout could you provide more info why this is happening?
We are suspecting that the user in question has made the subscription / gh integration with slack
Looking forward to hearing from you
Was there any resolution to this ?
Describe the bug My private organization removed a user more than 6 months ago. Today, we received a notification that the user signed out from the Github app in slack on one of our channels. The notification informed us that we should run /subscribe [repo] to keep receiving notifications for that private repo.
To Reproduce N/A We are not sure how this happened.
Expected behavior When a user is removed from our Github org, and from our Slack, we would expect all of their integration tokens to be null and void.
Screenshots![image](https://github.com/integrations/slack/assets/32211716/9937af62-9ae5-45ea-ae15-e59ba8766403)
Additional context Our github is fully integrated with SAML, and users are provisioned and deprovisioned using SCIM. This user was added to our organization before the SAML and SCIM was set up, but they were there to be deprovisioned by the SCIM.
Our slack is the same.