slackapi
Slack Login for Enterprise Grid guidance
We have a distributed Slack App with org_deploy_enabled=True.
Our customer has successfully added it to their Enterprise Grid, we have a SlackBot and SlackInstallation record with both is_enterprise_install=True.
We followed your guidance on Slack Login here: https://github.com/slackapi/bolt-python/issues/1157#issuecomment-2334966602
Basically, we setup Slack Login via workspace although our Slack App is set up using an org install as specified above.
The issue we're running into is this on our client's production Enterprise Grid:
Your documentation on authentication for Enterprise Grids also suggest that we don't follow the workspace-based approach, but rather the org-level approach: https://api.slack.com/enterprise/testing#set_up_authentication
Can you give us clear guidance on what to best do here in a production scenario + how to test this locally with a Sandbox enterprise Grid?
Can you also explain why we are seeing that screen? We have not encountered it before - does this potentially mean our client hasn't correctly authorized our bot, or didn't add it specific workspaces?
Hi @kennym, thank you for writing in again.
Your documentation on authentication for Enterprise Grids also suggest that we don't follow the workspace-based approach, but rather the org-level approach: https://api.slack.com/enterprise/testing#set_up_authentication Can you give us clear guidance on what to best do here in a production scenario + how to test this locally with a Sandbox enterprise Grid?
I understand that this feature inconsistency is very frustrating, but the document you linked covers only Slack app installation OAuth flows. As I mentioned in the previous issue you opened, SIWS (Sign in with Slack / OpenID Connect) does not work at the org level as of today, and we're unable to tell whether and when this can be improved.
As for your Slack app installations, org-level installation is highly recommended for enterprise customers because supporting it ensures a much more convenient user experience within your customer's enterprise grid organization workspaces. However, SIWS is not part of it, and this lack of this feature parity is causing the issue you're experiencing.
Can you also explain why we are seeing that screen? We have not encountered it before - does this potentially mean our client hasn't correctly authorized our bot, or didn't add it specific workspaces?
The not-authorized error your customer encountered looks like the workspace where the end-user tried to use might restrict app permission grants by utilizing the workspace/org admin feature. Since this is not an SDK-specific issue, please contact our experts in the technical support team for more details.
Lastly, I do hear this is still confusing and frustrating to you, but it cannot be improved solely by our efforts on the Python SDK side. We will communicate internally as well, but please share your feedback using your customer Slack account in a conversation with our customer support team. You can contact them either through /feedback in your Slack workspace/org or https://my.slack.com/help/requests/new. It'd be appreciated if you could understand this.
👋 It looks like this issue has been open for 30 days with no activity. We'll mark this as stale for now, and wait 10 days for an update or for further comment before closing this issue out. If you think this issue needs to be prioritized, please comment to get the thread going again! Maintainers also review issues marked as stale on a regular basis and comment or adjust status if the issue needs to be reprioritized.
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
As this issue has been inactive for more than one month, we will be closing it. Thank you to all the participants! If you would like to raise a related issue, please create a new issue which includes your specific details and references this issue number.