seratch
commented
3 days ago Hi @kennym, thank you for writing in again.
Your documentation on authentication for Enterprise Grids also suggest that we don't follow the workspace-based approach, but rather the org-level approach: https://api.slack.com/enterprise/testing#set_up_authentication Can you give us clear guidance on what to best do here in a production scenario + how to test this locally with a Sandbox enterprise Grid?
I understand that this feature inconsistency is very frustrating, but the document you linked covers only Slack app installation OAuth flows. As I mentioned in the previous issue you opened, SIWS (Sign in with Slack / OpenID Connect) does not work at the org level as of today, and we're unable to tell whether and when this can be improved.
As for your Slack app installations, org-level installation is highly recommended for enterprise customers because supporting it ensures a much more convenient user experience within your customer's enterprise grid organization workspaces. However, SIWS is not part of it, and this lack of this feature parity is causing the issue you're experiencing.
Can you also explain why we are seeing that screen? We have not encountered it before - does this potentially mean our client hasn't correctly authorized our bot, or didn't add it specific workspaces?
The not-authorized error your customer encountered looks like the workspace where the end-user tried to use might restrict app permission grants by utilizing the workspace/org admin feature. Since this is not an SDK-specific issue, please contact our experts in the technical support team for more details.
Lastly, I do hear this is still confusing and frustrating to you, but it cannot be improved solely by our efforts on the Python SDK side. We will communicate internally as well, but please share your feedback using your customer Slack account in a conversation with our customer support team. You can contact them either through /feedback in your Slack workspace/org or https://my.slack.com/help/requests/new. It'd be appreciated if you could understand this.
We have a distributed Slack App with org_deploy_enabled=True.
Our customer has successfully added it to their Enterprise Grid, we have a
SlackBotandSlackInstallationrecord with bothis_enterprise_install=True.We followed your guidance on Slack Login here: https://github.com/slackapi/bolt-python/issues/1157#issuecomment-2334966602
Basically, we setup Slack Login via workspace although our Slack App is set up using an org install as specified above.
The issue we're running into is this on our client's production Enterprise Grid:
Your documentation on authentication for Enterprise Grids also suggest that we don't follow the workspace-based approach, but rather the org-level approach: https://api.slack.com/enterprise/testing#set_up_authentication
Can you give us clear guidance on what to best do here in a production scenario + how to test this locally with a Sandbox enterprise Grid?
Can you also explain why we are seeing that screen? We have not encountered it before - does this potentially mean our client hasn't correctly authorized our bot, or didn't add it specific workspaces?