Restrict slack-slash command access Restrict slack-slash command access jenkins jenkins

Restrict slack-slash command access


jenkins slack-api slack

In order to restrict access to a custom slash command just check which user invoked the slash command in your script and then either execute the command or deny it (and reply with an appropriate message).

Slack is always providing the user ID and user name with the request, so that information is available in your scripts. See the example below for a command request from Slack: (from the official documentation)

token=gIkuvaNzQIHg97ATvDxqgjtOteam_id=T0001team_domain=exampleenterprise_id=E0001enterprise_name=Globular%20Construct%20Incchannel_id=C2147483705channel_name=testuser_id=U2147483697user_name=Stevecommand=/weathertext=94070response_url=https://hooks.slack.com/commands/1234/5678

To manage who has access I would recommend using private channels, so that a user has to be member of a specific private channel if he wants to execute a specific slash command. You can call groups.info to get the user IDs of all members of a private channel in your script.

Note that slash commands are always accessible to all users and there is no global configuration option in Slack, which would allows you to grant access to specific slash commands. So you have to do this in your script as detailed above.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last