Generating a personal user token for a bot user

Noam Lustiger September 1, 2016

My add-on creates a bot user which connects to HipChat using XMPP. When a user converses with the bot, there are times when the bot needs to send a message to that user via the v2 REST API. (e.g. when sending a "Card" or for messages with an HTML format type).

I'm trying to use the endpoint `/user/{id_or_email}/message` in order to send the private message, but the standard access token doesn't work for this endpoint and I get this response:

 

{ error:
    { code: 403,
    message: 'Only requests matching one of these authenticated principals are allowed to access this resource: an active user',
    type: 'Forbidden' 
    }
}

 

I figured this is because I need to generate a `user generated token` on behalf of the bot user instead of an `add-on generated token`. My problem is that I can't figure out a good way of generating this specific type of token for the bot user. 

1 answer

Comments for this post are closed

Community moderators have prevented the ability to post new answers.

Post a new question

0 votes
Patrick Streule
Atlassian Team
Atlassian Team members are employees working across the company in a wide variety of roles.
September 11, 2016

I think the only option is to send the user through the OAuth2 authorization grant flow to get an access token for that user. 

I wrote a sample add-on a while back that illustrates how to do this:

https://bitbucket.org/pstreule/hipchat-oauth

HTH,

Patrick

TAGS
AUG Leaders

Atlassian Community Events