Telegram - authorised/unauthorised users

I'm finally trying out Telegram (using node-red-contrib-telegrambot ) and I've set up a bot and using receiver node to get messages from my mobile phone.

The rx node as two outputs - one from authorised user and from non-authorised

Mine are appearing on non-authorised

Does this mean anyone with who knows name of my bot could send it messages?

How do I get my messages to be authorised?

Authorised includes those with 'chatid's specified when you set up the Telegram Receive Node.

I have only just discovered that myself.

Consequently you can ignore messages from the second output if you have specified a chatid as 'authorised' as they will appear from the first output.

Hope this helps


Yes, and that is a nice way to add some additional security to your bot - assuming that you know who might need to interact with it. Personally, I would attach a small flow to the unauthorised side to capture/log unknown chatids which makes it easy to add new ones to the authorised list just by getting, say Mrs Cymplecy, to send a message to the bot.

1 Like

Version 7.2.0 allows to control the usernames and chatids that are authorized from within the flow.

1 Like