node-slack-sdk: Password Input type not supported on slack

Description

Describe your issue here. We are trying to take passwords as inputs from users on slack while chatting with our chatbot, but there seems to be no supporting functionality for that. I have googled a lot about this with no luck. So if someone can let me know whether this is functionality is supported on slack or not and are there any plans to enable it in the future.

What type of issue is this? (place an x in one of the [ ])

  • bug
  • enhancement (feature request)
  • question
  • documentation related
  • testing related
  • discussion

Requirements (place an x in each of the [ ])

  • I’ve read and understood the Contributing guidelines and have done my best effort to follow them.
  • I’ve read and agree to the Code of Conduct.
  • I’ve searched for any related issues and avoided creating a duplicate issue.

Bug Report

Filling out the following details about bugs will help us solve your issue sooner.

Reproducible in:

@slack/client version:

node version: All versions

OS version(s): SUSE 11.2 Linux

Steps to reproduce:

Expected result:

What you expected to happen

Actual result:

What actually happened

Attachments:

Logs, screenshots, screencast, sample project, funny gif, etc.

About this issue

  • Original URL
  • State: closed
  • Created 6 years ago
  • Reactions: 4
  • Comments: 21 (5 by maintainers)

Most upvoted comments

+1.

The real request here is for a text box which doesn’t display information typed into it. Not for slack to take ownership of secure transmission of sensitive data. A warning about this within the API would be sufficient to protect slack from any potential legal backlash of leaked information. It is currently and always has been on the user to securely handle their own info.

Eagerly awaiting this feature 😃

+2
DuTogira on Jul 7, 2021

On principle, I don’t think there’s anything wrong with sending secure information over Slack (all user data is handled with security controls). However, most software treat passwords as so sensitive that they don’t even appear on a screen (masked with **** in UI controls instead of the text). Slack doesn’t currently have a support for this masking, but I’d be happy to bring your feedback to the team. My instinct is that masked fields aren’t likely to be added to the platform soon.

I’d like to learn more about what your chatbot is doing before I make a recommendation on how to handle this. Is your bot taking passwords as input because that password has to be forwarded onto some other system?

+2
aoberoi on Aug 9, 2018

@seratch Just want to double confirm: is there any plan to support the feature of masking the characters when they are typed into the input box?

+1
Wusong-Fang on Dec 23, 2023

@bbilginn Unfortunately, still the password type block element does not exist, and we don’t have any updates on this.

+1
seratch on Mar 1, 2022

This is more of a question about the Slack API than it is about the node SDK (for the API). In the future, I’d recommend looking into the wonderful API community and official Developer Support with questions about the API.

I’m guessing this type of functionality is unsupported because Slack doesn’t want to be responsible for securely transferring passwords to API consumers/users. Maybe look for a different way of implementing your app.

I don’t know what your use case is, but hopefully this recommendation might shed some light: If you’re trying to auth a Slack user and connect them to a user on your service, I’d recommend looking into Sign in with Slack. It’s essentially an easy way to link Slack users with users of your service.

+1
clavin on Aug 8, 2018
Read more comments on GitHub
← node-slack-sdk: error: message received with unknown reply_to after every message
node-slack-sdk: presence_change event detection stops after a few hours →