Source of `Slack - Access Token` is wrong
Closed this issue · 5 comments
https://hooks.slack.com/services/T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24} is meaningless.
It appears Slack has deprecated legacy access token implementation.
There are now prefixes supported for bot, user.
Bot token strings begin with xoxb-
User token strings begin with xoxp-
Configuration tokens include a rotating refresh token.
App Configuration Token
workspace has been deprecated officially as of August 2021.
I would prefer not to cite another repository's entry without an original source.
In this case, the now outdated source for this entry brought attention to this recent change in implementation.
Thank you!
I mean the link of Slack - Access Token's Source column is maybe wrong. Where did you cite this regex from?
Oh I see what you mean.
Nice catch.
I understand now how that "source" is vague and confusing.
I believe I meant to refer to this legacy source:
Using OAuth 2.0 Note: deprecated.
This pattern is pulled from the Webhook URL, which you correctly pointed out does not validate to any URL.
T[a-zA-Z0-9_]{8}/B[a-zA-Z0-9_]{8}/[a-zA-Z0-9_]{24}
The source is mislabeled, and should be removed and updated anyways to the new v2 implementation.
Please close this issue when you fix it.
This issue has been marked as resolved.