In OAuth permission scopes, I don't see rtm:stream, but I'm getting an error on "@slack/client": "4.8.0" telling me that it is a missing scope. It doesn't occur every time so I can't reproduce it, but I thought I should still report in case anyone else sees it too.
{
"code": "slackclient_platform_error",
"data": {
"ok": false,
"error": "missing_scope",
"needed": "rtm:stream",
"provided": "admin,identify,bot,commands,channels:history,chat:write:bot",
"scopes": [
"admin",
"identify",
"bot",
"commands",
"channels:history",
"chat:write:bot"
],
"acceptedScopes": [
"rtm:stream"
]
}
}
x in one of the [ ])x in each of the [ ])@slack/client version: 4.8.0
node version: 8.11
OS version(s): OSX 10.13.6
Hi @CoreyCole đź‘‹
I apologize that it's taken our team so long to respond to this issue, and thank you for reporting!
Are you by any chance trying to use a hidden (undocumented) API method? If not, it would be useful to know which method (or methods) you saw this occur with. If it is hidden, unfortunately it's not meant to be used through the platform so we're not likely to change the behavior (but I'm always open to hearing which kinds of methods people do want to use, so I'd still like to hear đź‘‚).
It was so long ago I don't remember what I was doing to get the error message. But, it is working now and I just grep'd the production logs and don't see the error. This is the code I'm using now and it's working great!
this.rtm = new RTMClient(this.env.getSlackToken());
this.rtm.on('message', (message) => {
if (this.validSendMsgCmd(message)) {
this.handleSendMsgCmd(message.text, message.user);
} else {
console.log(JSON.stringify(message, null, 2));
}
});
this.rtm.on('connecting', () => console.log('[SlackService][constructor]: connecting to slack API...'));
this.rtm.on('disconnecting', () => console.log('[SlackService][constructor]: disconnecting from slack API...'));
this.rtm.on('disconnected', () => console.error('[SlackService][constructor]: disconnected from slack!'));
this.rtm.on('reconnecting', () => console.log('[SlackService][constructor]: reconnecting to slack API...'));
this.rtm.on('unable_to_rtm_start', (error) => console.error(JSON.stringify(error, null, 2)));
this.rtm.on('error', (error) => {
console.error(JSON.stringify(error, null, 2));
if (this.rtm.connected) this.postErrorMessage(JSON.stringify(error, null, 2));
});
this.rtm.start()
.then((res: WebAPICallResult) => {
console.log(`[SlackService][constructor]: connected to slack!`);
})
.catch(err => {
console.error(`[SlackService][constructor]: err = ${err}`);
});
Thanks for following up!
This thread looks fresh some I'm adding my two cents ... I'm just starting on slackbot development, and I'm encountering this issue. Perhaps I should just come back in a month. :-)
I'm trying to do something very basic with a newly-created workspace. I create an app with 'bot' scope, I install it and feed the token to botkit's example slack_bot.js:
token=xoxp-***************** node slack_bot.js
Here's what I get back:
Got response null {"ok":false,"error":"missing_scope","needed":"rtm:stream","provided":"identify,bot"}
It looks like I'm given the 'identify' scope without selecting it, plus the 'rtm:stream' scope is required but I have no way to select it. Anyway, it's clear that I have no idea what I'm talking about!
Thanks for your time.
@kaweah have you installed the bot to your workspace and granted it permission to read messages? Have you added that bot user to the slack channel you're trying to read from? There is more info here if you haven't seen this https://api.slack.com/bot-users
I think I've gotten to the bottom of this one, and I think it comes down to a documentation issue.
You should be connecting to the RTM API using a bot token. These are tokens that start with the letters xoxb-. More info about what a bot token is can be found here.
Each of these occurrences seem to come down to using a user token (start with xoxp-) to connect to the RTM API. And for completeness, I do want to acknowledge that its possible to use a user token for the RTM API, but its discouraged because there is usually a better way to do what you're trying to do. So unless you have some specialized use case and you know what you're doing, avoid this. In that case, your xoxp- token needs to contain the client scope for it to work. We have logged an internal bug for changing the error payload to something a little more clear, because rtm:stream is an internal scope that's used for some other purpose, and this error message is not accurate or helpful.
I’ll try it out. Thanks
Sent from my iPhone
On Dec 17, 2018, at 2:22 PM, Ankur Oberoi notifications@github.com wrote:
I think I've gotten to the bottom of this one, and I think it comes down to a documentation issue.
You should be connecting to the RTM API using a bot token. These are tokens that start with the letters xoxb-. More info about what a bot token is can be found here.
Each of these occurrences seem to come down to using a user token (start with xoxp-) to connect to the RTM API. And for completeness, I do want to acknowledge that its possible to do to use a user token for the RTM API, but its discouraged because there is usually a better way to do what you're trying to do. So unless you have some specialized use case and you know what you're doing, avoid this. In that case, your xoxp- token needs to contain the client scope for it to work. We have logged an internal bug for changing the error payload to something a little more clear, because rtm:stream is an internal scope that's used for some other purpose, and this error message is not accurate or helpful.
—
You are receiving this because you were mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.
@aoberoi I've managed to add client scope if it's not available for selecting from permissions selectbox, but I'm getting Cannot request object scopes with deprecated scopes error now:

Is there any way to use RTM with user's token?
@ptmt is your app already distributed in the App Directory? One limitation I’m aware of is that the client scope is not available for App Directory apps.
For the record, the technique I’ve used to successfully request the client scope is just a matter of pointing the browser to the OAuth authorization URL with client in the scope GET param (query string).
My colleague just reminded me of another possible issue. You cannot request the client scope in the same installation as a “traditional” scope (e.g. channels:read). If you need both kinds of scopes for your app, you need to facilitate the user performing 2 installations. Each one will be additive, so the resulting token will be the same each time, but the token will have all the scopes granted.
You cannot request the client scope in the same installation as a “traditional” scope (e.g. channels:read)
Thanks! It seems that is the case!
@ptmt is your app already distributed in the App Directory? One limitation I’m aware of is that the
clientscope is not available for App Directory apps.For the record, the technique I’ve used to successfully request the client scope is just a matter of pointing the browser to the OAuth authorization URL with
clientin thescopeGET param (query string).
@aoberoi I was trying to pointing the browser to the OAuth authorization URL with client in the scope GET param, but the client scope is still cannot be added. Also I made sure the traditional scope is not enabled. Can you tell me if slack still has a way to enable the "client" scope for rtm api
Most helpful comment
I think I've gotten to the bottom of this one, and I think it comes down to a documentation issue.
You should be connecting to the RTM API using a bot token. These are tokens that start with the letters
xoxb-. More info about what a bot token is can be found here.Each of these occurrences seem to come down to using a user token (start with
xoxp-) to connect to the RTM API. And for completeness, I do want to acknowledge that its possible to use a user token for the RTM API, but its discouraged because there is usually a better way to do what you're trying to do. So unless you have some specialized use case and you know what you're doing, avoid this. In that case, yourxoxp-token needs to contain theclientscope for it to work. We have logged an internal bug for changing the error payload to something a little more clear, becausertm:streamis an internal scope that's used for some other purpose, and this error message is not accurate or helpful.