Email verified field for user

[RScicomp]

Hello! I was looking through some documentation here: https://api.slack.com/authentication/sign-in-with-slack And saw a field called email_verified field. I was wondering if this field is what i think it is - that the user has claimed their email (ie. they logged in their email and verified that they own the email associated with the slack account).

I was wondering if in bolt we could get this field using slack bolt? ie. when users send messages? Is it only available when you go through the oauth flow? I don't quite see a straightforward way to getting that field

[filmaj]

Events raised by Slack (and thus propagated through to bolt) won't include this information as event payloads will only include Slack domain objects like Slack user IDs, Slack workspace IDs, etc. Slack user IDs have an implied verified email as, as far as I can tell, an email is required to create a Slack user object. You can retrieve the email associated with a Slack user ID in bolt using the users.info API though your app will require a few additional email-related scopes (more info about that here).

[RScicomp]

Thank you for the info! So i can assume that whenever i cross search for the user using their users.info, the email returned is verified. A followup question to this is, when going through the oauthflow: https://github.com/slackapi/bolt-python/blob/880c13323ac4956096e5396508a45ca0113d5aa6/slack_bolt/oauth/oauth_flow.py#L28 I noticed that during run_installation that a user_id is used;

                app_id=oauth_response.get("app_id"),
                enterprise_id=installed_enterprise.get("id"),
                enterprise_name=installed_enterprise.get("name"),
                enterprise_url=enterprise_url,
                team_id=installed_team.get("id"),
                team_name=installed_team.get("name"),
                bot_token=bot_token,
                bot_id=bot_id,
                bot_user_id=oauth_response.get("bot_user_id"),
                bot_scopes=oauth_response.get("scope"),  # comma-separated string
                bot_refresh_token=oauth_response.get("refresh_token"),  # since v1.7
                bot_token_expires_in=oauth_response.get("expires_in"),  # since v1.7
                user_id=installer.get("id"),
                user_token=installer.get("access_token"),
                user_scopes=installer.get("scope"),  # comma-separated string
                user_refresh_token=installer.get("refresh_token"),  # since v1.7
                user_token_expires_in=installer.get("expires_in"),  # since v1.7
                incoming_webhook_url=incoming_webhook.get("url"),
                incoming_webhook_channel=incoming_webhook.get("channel"),
                incoming_webhook_channel_id=incoming_webhook.get("channel_id"),
                incoming_webhook_configuration_url=incoming_webhook.get("configuration_url"),
                is_enterprise_install=is_enterprise_install,
                token_type=oauth_response.get("token_type"),
            )

can i assume that as long as there is a userid, this is a user with verified email

[RScicomp]

Also another question that i had was - is there a pro or con to using openid vs the oauth flow that slack bolt provides?

[github-actions[bot]]

👋 It looks like this issue has been open for 30 days with no activity. We'll mark this as stale for now, and wait 10 days for an update or for further comment before closing this issue out. If you think this issue needs to be prioritized, please comment to get the thread going again! Maintainers also review issues marked as stale on a regular basis and comment or adjust status if the issue needs to be reprioritized.

[github-actions[bot]]

As this issue has been inactive for more than one month, we will be closing it. Thank you to all the participants! If you would like to raise a related issue, please create a new issue which includes your specific details and references this issue number.