What are client actions?
Flock currently supports three kinds of client actions. They are:
- Opening a widget inside the Flock client
- Opening a URL in the system browser;
- Sending an event to the event listener URL.
Opening a Widget
Apps can use widgets to render web applications inside an iframe or webview within Flock. These webapps can not only do everything that a normal webapp can, but also interact with the Flock client hosting them.
To know more about setting up a widget, see How do I configure a widget?
How do I configure a client action?
Different controls have different ways in which their respective client actions can be configured:
- For an attachment picker, chat tab button, launcher button or a slash command, the client action is configured in the dev dashboard
- For an attachment button, the client action is configured using an object provided along with other button attributes when creating the Attachment.
- From inside a widget, a client action can be triggered by calling
flock.openBrowsermethods provided by flock.js.
- A FlockML view can trigger a client action by using the
What happens when a client action is triggered?
An event is generated every time a client action is triggered.
- If the configured action is to open a widget or browser URL, the event is appended as a query parameter to the URL.
- Or if the configured action is to send the event to the event listener URL, it is sent to the app service URL.
The events sent by various controls when a client action is triggered are listed below:
The event name along with its attribute provides sufficient context for the client action.
Can client actions be triggered for users who haven't installed the app?
Yes. Your app may send a message to a user who may not have installed your app, or a group where some users may not have installed your app. When these users interact with this message's attachment (e.g. click on an attachment button, or take some action inside the attachment widget), a client action is triggered.
If you verify that the event token sent with the corresponding event is really signed using your app's secret (you should always do this anyways), you can be certain that the event originated from Flock and was actually triggered by the user whose userId is included in the event token (even if they haven't installed the app).