What limits does Telegram API impose on viewing subscribers of a private/public channel? I know you can list all participants of a public group without issue. Not sure about private groups, but the same is probably true (just need to be admin). However, I don't have a channel of my own anywhere near large enough to check if it's limited.
The reason I'm asking is because this website claims only 200 subs are visible even for the channel admin. It would be unpleasant to run into that limitation halfway into a project.
The end goal is to fetch all subs from a given channel where the user has admin rights.
Related
What is the correct strategy to make a bot that can serve many subscribers (say, 10,000) provided each chat is 1-to-1 (user-to-bot) and within a single chat there is no heavy communication (i.e. less than 1 message in a minute on average and chat sessions are limited to 20-30 minutes a day on average per user).
There is plenty of information on the telegram bot API rate limit but one thing still evades me. I struggle to understand how exactly API rate limits are applied when many users have an open 1-to-1 chat with a bot account (not a group chat with bot being a member).
Currently, the docs say a limit of 30 messages / second if sent to different users. Does it mean that if there are 31 users sending messages simultaneously then I will have to apply throttling on the bot backend?
Priorities here are to make sure that the bot responds as fast as possible and uninterrupted service is required even at peak times.
Can someone guide me in the right direction? I find official documentation had to understand in this regard.
Is there a way to retrieve MS Teams private chat posts versions and deletions via Graph API?
My target is to backup 1:1 chats for organisation on daily basis, there are thousands users, i.e. it must work quickly. I am able to pull out what I need with EWS from mailbox, but to let it work it requires full_access_as_app permissions (impersonation mechanism), which is not available because of security reasons. Graph API has more granular permission levels (Chat.Read.All, https://learn.microsoft.com/en-us/graph/api/chatmessage-list?view=graph-rest-beta&tabs=http), so it will work for the main thread, but I don't see a way to get original message version if it was changed.
Seems like majority of solutions here require the developer to manually save each user's push token in addition to Firebase saving these tokens as well, then iterate through these and send out notifications. This is not really desirable since I would be storing push tokens in two separate places and need to make sure their lifecycle management is synchronized, which is error prone π’Is there a better way?
Some options I considered:
Give each user a person/unique topic, then map out a geolocation per topic; then filter through these locations, aggregate these topics into batches of 500 and send a push. This is probably the best option so far π€·ββοΈ but seems like a silly use of topics API.
Bucket users in cities, with each city corresponding to a topic; then find all cities near a location, and send a push to those topics. This is doable, but lots of complex city mapping code without much flexibility (vs. considering a simple radius).
Manually store push token β user β geolocation; filter out the ones you want, then send a push to the token specifically. This is problematic for many reasons (multiple device management, push token lifecycle management, data duplication, etc.)
Ideally, there is a way to send out a push notification to a list of user IDs, without even touching push tokens, is there a way to do this?
The only way to associate a device token to a user ID is to store that mapping yourself. You should also assume that one user could have multiple devices. FCM doesn't have a concept of a "user". It only knows device tokens. Your app has to bring the concept of a user, then map that to tokens in code.
Note that any messaging solution that requires topics is not "secure". Anyone can effectively receive messages from any topic.
When we are talking about individual private push notifications per user (rather than per device), there are couple of ways to send them via Firebase:
Collect registration tokens, associate them with the user on the trusted server and send notifications to all registered tokens.
Assign a topic per user, e.g. topics/user-id and let the app subscribe to it upon successful login / unsubscribe on logout.
However, Firebase documentation recommends to use approach no. 1, saying "For fast, secure delivery to single devices or small groups of devices, target messages to registration tokens, not topics."
One concern is the latency (referring to "fast") issue. Is it really that significant in practice comparing registration tokens vs topics-based messaging?
More serious concern is security.
What does Firebase documentation mean exactly by "... secure delivery..." as opposed to topics?
In our case one device will likely be used by multiple users logging in and out. That means registration tokens will have to be disassociated from the user in the backend when user logs out. If something goes wrong and registration token is not disassociated, device will continue getting previous person's notifications.
Is this the trade-off I have to accept or am I missing some other option?
There are a few questions in there. Let's see if I can cover them main ones.
If you need to deliver messages to multiple tokens, the two approaches you're considering are:
Subscribe the app installs/tokens to a specific topic, that you then deliver the message to.
Keep your own registry of tokens for the user, and do the fan-out of user-to-tokens in your own code.
The biggest difference is in where the fan-out of a user to their tokens happens. When you use topics it is done by Firebase on Google's servers, while in the second case you do it yourself. There is no guaranteed performance difference between these two, but in the latter case you have more control. So you spend more effort (writing your own code for something Firebase can do for you), and in turn gain more control (which may or may not translate into better performance)..
The second question is around the security of topics. The documentation contains that note because topics often have a much simpler structure than tokens. For example, if you have a topic-per-user, you will often use the UID as the topic ID. And since you may be sharing that UID in other places, it is possible that other users may know a user's UID. And since subscribing to a topic only requires that you know your own token and the topic ID, that means that any user can subscribe to another user's topic.
As an example, I know this account exists "https://t.me/everexio" but when I click view, it fails with "There is no Telegram account with the username you provided."
I have seen this issue many times and with different groups.
And I know that it is not only my problem.
Tying mobile app, desktop app, or web base program without success.
edit
A lot of global projects, companies and organizations are using this app to communicate with their audience, if this kind of restrictions exist then their group is not available everywhere and by using it as a main tool they won't be able to connect all of their community members.
So it is important for both parties to know clearly about this restrictions.
It's not your problem, it's all Iranians problem(At least). Telegram servers didn't allow Iranian Phone number to join this groups. You can join to this groups using a (not Iranian) virtual number while your VPN is turned on.
You maybe temporary banned this function of Telegram, check #SpamBot for your status and more information.
If #SpamBot say you are free, contact support team, them should have permission to help you.
Please contact in-app Support if you have more questions (Settings β Ask a question).
Notice that we rely on volunteers support in Telegram
(so please be nice).
Iranians cannot join telegram group with short link by their own phone number. We are banned from inside and restricted from outside. Hope Telegram team remove this restriction or at least explain why they did this to us.https://twitter.com/yoosofan/status/1001923754950381569. If you are in Iran you can test it by clicking on https://t.me/publictestgroup which is the official group of telegram represented in https://telegram.org/faq#q-what-makes-telegram-groups-cool.
If you have any doubt about this, you can easily get an mobile phone number from Iran (starting with 98 9) and create a telegram account on it. Then try to join groups like #PangeaBitnation, you will not able to join them. You cannot even find them by search on your telegram application.
I checked it by my own Irancell phone number (starting by 98 938).