When an unauthenticated user clicks the "Approve" button on a Slack message integration, the Slack UI updates to show the request as "Approved" even though the backend call failed with an unauthorized error. This creates a discrepancy where the UI shows a success state that does not reflect the actual state of the data.
Expected Behavior
The Slack message should remain in its original "Pending" state (or revert to it). An error message should ideally be displayed to the user (e.g., via an ephemeral message) stating that the action failed due to lack of authorization.
The Slack integration is likely using an "optimistic update" pattern. The UI should be updated to:
- Wait for a 200 OK response from the server before changing the message blocks.
- If a non-200 response is received, use respond_url to send an ephemeral message to the user explaining the failure.
When an unauthenticated user clicks the "Approve" button on a Slack message integration, the Slack UI updates to show the request as "Approved" even though the backend call failed with an unauthorized error. This creates a discrepancy where the UI shows a success state that does not reflect the actual state of the data.
Expected Behavior
The Slack message should remain in its original "Pending" state (or revert to it). An error message should ideally be displayed to the user (e.g., via an ephemeral message) stating that the action failed due to lack of authorization.
The Slack integration is likely using an "optimistic update" pattern. The UI should be updated to: