This document defines the target state that Codex should reach when automating Feishu Open Platform through Chrome CDP.
- App type: enterprise self-built app
- Has bot capability enabled
- Event subscription mode: long connection / persistent connection
- Subscribed event:
im.message.receive_v1 - App version released and enabled for testing in the current tenant
Feishu permission labels change over time, so automate toward capabilities, not brittle literal strings.
Codex should search for and grant the smallest IM permission set that covers:
- receiving group messages
- receiving direct messages
- receiving group
@botmessages or group mention read access - creating bot messages
- updating messages or cards
- uploading and sending files
When the console provides both Chinese and English labels, either is acceptable as long as the capability above is covered.
- Open the app list in Feishu Open Platform.
- Reuse an existing app if it is obviously the intended bot app; otherwise create a new enterprise self-built app.
- Enable bot capability.
- Open the event subscription page.
- Select long connection / persistent connection mode.
- Add
im.message.receive_v1. - Open the permissions page and add the IM permissions listed above.
- Open version management / release.
- Create and release a version so the bot is usable in the tenant.
- Copy the App ID and App Secret back into
.env.real.
Only pause for the user when one of these happens:
- Feishu login is required.
- SSO / 2FA is required.
- Tenant admin approval is required.
- The console presents multiple plausible existing apps and the target is genuinely ambiguous.
Otherwise continue autonomously.