![]() Do not distribute client secrets in email, distributed native applications, client-side javascript, or public code repositories. It is how you securely identify your application's rights and identity when exchanging tokens with Slack. Your Client Secret should be treated delicately. Your Client ID can be shared freely in code and email and cannot be used alone to act on your application's behalf. Your Client ID is one piece of information used to identify your application and frequently appears in OAuth negotiation URLs and other contexts. ![]() Practical considerations Security considerations for Slack appsĪs a Slack App developer, you'll be working with credentials issued to you from Slack, as well as token values representing members, workspaces, and specific features of your application. Keeping credentials secure is important whether you're developing open source libraries and tools, internal integrations for your workspace, or Slack apps for distribution to workspaces across the world.Įven if you're not working with OAuth 2.0 and user access tokens, please consider these safety suggestions when working with the Slack Platform.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |