Bolt-js: Slack cannot verify Event URL when running on server, validates on localhost tunneling through ngrok

Created on 9 Sep 2020  路  4Comments  路  Source: slackapi/bolt-js

Description

Describe your issue here.

What type of issue is this? (place an x in one of the [ ])

  • [X ] bug
  • [ ] enhancement (feature request)
  • [ ] question
  • [ ] documentation related
  • [ ] testing related
  • [ ] discussion

Requirements (place an x in each of the [ ])

  • [X ] I've read and understood the Contributing guidelines and have done my best effort to follow them.
  • [X ] I've read and agree to the Code of Conduct.
  • [ X] I've searched for any related issues and avoided creating a duplicate issue.

Bug Report

Filling out the following details about bugs will help us solve your issue sooner.

Reproducible in:

package version:
2.3.0
node version:
10.15.0
OS version(s):
Mac OS Mojave 10.14.6

Steps to reproduce:

I am following the "Getting Started" instructions on the bolt/slack page.
https://slack.dev/bolt-js/tutorial/getting-started

On Slack API page, create a new Slack app for a workspace, then create a new bot user
Copy the signing secret and bot auth token
On local machine, setup new Bolt project:
On local machine, start ngrok to proxy http port 3000
On Slack API Events Subscriptions page, enable events, then in the Request URL field, post the ngrok https URL followed by /slack/events path.

When my app is deployed to my server, I use the /slack/events page and I get the following error

Screen Shot 2020-09-09 at 15 00 09

If I create a request to the endpoint with Postman, I get a 200 OK response.
_Image has been removed_

Expected result:

Events URL is verified

What you expected to happen

Actual result:

Screen Shot 2020-09-09 at 15 00 09

Attachments:

Logs, screenshots, screencast, sample project, funny gif, etc.

needs info question

Most helpful comment

Hey @aguayov, I was glancing over your screenshots today and noticed that your Postman image displayed (what I think is) your verification token.

Just to be safe, I've edited your post and removed the image. I'd recommend that you regenerate your verification token in your app management page (https://api.slack.com/apps -> Basic Information -> Verification Token).

All 4 comments

Hey @aguayov, thanks for providing the screenshots and testing that you can hit the endpoint manually! 馃檹馃徎

I noticed that the endpoint URL includes intranet.ibm.com. Is the endpoint part of the corporation's intranet - meaning it's behind the firewall and isolate from the public?

Since Slack is an external service outside of the corp's intranet, the intranet's security would block requests from Slack. Unfortunately, Slack will need a publicly available Request URL. The reason why your manually request to the endpoint would work is because your computer is connected to the Intranet.

Hey Michael, you are absolutely correct, the server is only running on our internal intranet. I did not think that was the case since it was my understanding the server was configured to allow internet facing applications. I will work on this internally and get it sorted out, thank you for the time!

Glad to hear that you've figured out why the server wasn't receiving the challenge. Good luck with getting the configuration setup correctly! 馃檶馃徎

Hey @aguayov, I was glancing over your screenshots today and noticed that your Postman image displayed (what I think is) your verification token.

Just to be safe, I've edited your post and removed the image. I'd recommend that you regenerate your verification token in your app management page (https://api.slack.com/apps -> Basic Information -> Verification Token).

Was this page helpful?
0 / 5 - 0 ratings

Related issues

jacklein picture jacklein  路  4Comments

TK95 picture TK95  路  3Comments

erkand-imeri picture erkand-imeri  路  4Comments

kmartin-215 picture kmartin-215  路  5Comments

johnsonsamuel picture johnsonsamuel  路  4Comments