Let's revisit that tempting Basic Information page. Here you'll find your app's Client ID, Client Secret and Verification Token under the App Credentials section.
The Client ID is used to identify your app when requests are sent to Slack's API's. The Client Secret is used to validate your app's authenticity during the OAuth negotiation process. The Verification Token is used to verify requests sent by Slack and received by your server.
Just like you wouldn't graffiti your email username and password at the bus stop, it's important to prevent your App Credentials from becoming part of a public repository. To protect your app's secrets, this project exports these secrets to your local environment.
If you're using Bash or Zsh and your virtual environment is activated, you can export your app's secrets like this:
export CLIENT_ID='XXXXXXXXXXX.xxxxxxxxxx'
export CLIENT_SECRET='xxXXxxXXXXXxxxxXXX'
export VERIFICATION_TOKEN='xxxXXXxxXXxxX'Note that if you have not "installed" your bot, you need to pass the BOT TOKEN to the slack_client. We can use export here as well and modify the bot init function to pass the TOKEN to the slack_client init.
export SLACK_BOT_TOKEN='xoxb-XXXXXXXXXXXX-xxxxxxxxxxxx-XXXXXXXXXXXXXXXXXXXXXXXX'
In bot.py, Line 24:
self.client = SlackClient(os.environ.get("SLACK_BOT_TOKEN"))
Our app will grab these secrets from our environment.
Next Section 5: Make it Go Previous Section 3: Subscribe to Events