I have a Slack bot application that needs to authenticate messages received. Instead of receiving a token from Slack, my application will provide a token to Slack. Slack would then send the token to my application during each request. My application can then authenticate who the message came from.
Is there a way on Slack's platform to be an Oauth provider to Slack or some way to authenticate messages?
Thank you
Ah I see! So, again, this is not precisely what you are looking for, but it comes pretty close:
What you can do is use your own OAuth system external to Slack and then tie the users in that system to the user_ids from your Slack team.
On request from a particular user, your bot could DM this user a unique URL that is tied to your own (slack-external) OAuth system. Once the process is complete you can associate your way of identifying users with that of Slack (ie. team_id and user_id)
As a result any message that your bot receives, which would include the user_id of the user that sent it, can now be checked against your own User model to see if this particular user has the required permissions or anything of that nature.
This way you can essentially use any OAuth system in conjunction with Slack's methods of identifying users. It's a bit hacky, but it works.
I built something like this a few months ago. Here we are using the Mondo API's OAuth on top of Slack's own OAuth: Mondobot The file with the relevant code is this one.