github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-23 07:18:56 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

Sign in with Telegram Login Widget #1546

New Issue
Open
opened 2026-03-13 08:46:59 -05:00 by GiteaMirror · 20 comments
GiteaMirror commented 2026-03-13 08:46:59 -05:00
Owner
Copy Link

Originally created by @Re4GD on GitHub (Jul 21, 2025).

https://core.telegram.org/widgets/login

Telegram login does not follow the standard oauth implementation. Custom plugin for submitting and validating the window.Telegram.Login.auth() callback is needed. I can open a PR to implement this plugin

Originally created by @Re4GD on GitHub (Jul 21, 2025). https://core.telegram.org/widgets/login Telegram login does not follow the standard oauth implementation. Custom plugin for submitting and validating the window.Telegram.Login.auth() callback is needed. I can open a PR to implement this plugin
GiteaMirror added the plugin label 2026-03-13 08:46:59 -05:00
GiteaMirror commented 2026-03-13 08:47:01 -05:00
Author
Owner
Copy Link

@Kinfe123 commented on GitHub (Jul 22, 2025):

Yeah. feel free to do that.

@Kinfe123 commented on GitHub (Jul 22, 2025): Yeah. feel free to do that.
GiteaMirror commented 2026-03-13 08:47:02 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Jul 26, 2025):

@Re4GD wen pr?

@iatomic1 commented on GitHub (Jul 26, 2025): @Re4GD wen pr?
GiteaMirror commented 2026-03-13 08:47:03 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Jul 26, 2025):

I'll open in a few days, been busy. Also trying to polish the plugin

@Re4GD commented on GitHub (Jul 26, 2025): I'll open in a few days, been busy. Also trying to polish the plugin
GiteaMirror commented 2026-03-13 08:47:04 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Jul 26, 2025):

I'll open in a few days, been busy. Also trying to polish the plugin

Okay man, would ur plugin also provide linking an already existing user to their tg acct?

@iatomic1 commented on GitHub (Jul 26, 2025): > I'll open in a few days, been busy. Also trying to polish the plugin Okay man, would ur plugin also provide linking an already existing user to their tg acct?
GiteaMirror commented 2026-03-13 08:47:04 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Jul 26, 2025):

Didn’t think of that actually, I will add that for sure

@Re4GD commented on GitHub (Jul 26, 2025): Didn’t think of that actually, I will add that for sure
GiteaMirror commented 2026-03-13 08:47:05 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Jul 26, 2025):

Is this authentication plugin designed exclusively for bots?
I'm building a Telegram bot (not a mini app) and want to add authentication to restrict access to certain commands until the user successfully authenticates

@iatomic1 commented on GitHub (Jul 26, 2025): Is this authentication plugin designed exclusively for bots? I'm building a Telegram bot (not a mini app) and want to add authentication to restrict access to certain commands until the user successfully authenticates
GiteaMirror commented 2026-03-13 08:47:06 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Jul 26, 2025):

The plugin is for Telegram login via Telegram Login Widget. Essentially like social Telegram login. (Just like sign in with Google, it opens a window, you sign in, it gets redirected to your page or a callback is called)

What do you mean by “authentication” and “until the user successfully authenticates”? Do you want to connect the tg bot with your web app? What is the use case here

@Re4GD commented on GitHub (Jul 26, 2025): The plugin is for Telegram login via Telegram Login Widget. Essentially like social Telegram login. (Just like sign in with Google, it opens a window, you sign in, it gets redirected to your page or a callback is called) What do you mean by “authentication” and “until the user successfully authenticates”? Do you want to connect the tg bot with your web app? What is the use case here
GiteaMirror commented 2026-03-13 08:47:07 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Jul 26, 2025):

Yes wanna connect the tg bot to my web app
Currently building like a wallet tracker app, web app is done auth is in better auth of course but I want users to be able to manage their wallets through my tg bot as well
Tried using ott one time token my bot verifies it but when I get the session it returns null so I thought your plugin could fix it
Ig they are 2 diff things

@iatomic1 commented on GitHub (Jul 26, 2025): Yes wanna connect the tg bot to my web app Currently building like a wallet tracker app, web app is done auth is in better auth of course but I want users to be able to manage their wallets through my tg bot as well Tried using ott one time token my bot verifies it but when I get the session it returns null so I thought your plugin could fix it Ig they are 2 diff things
GiteaMirror commented 2026-03-13 08:47:07 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Jul 26, 2025):

This plugin can partially fix your problem,

The telegram user ids are unique so what you can do is:

  • if the user is on web, make them login with telegram, or link with telegram (this is about this plugin). then tell them that you have a tg bot as well (you can link them to the bot with a start param: t . me/mybot?start=param1, it was something like that. you can use the verification table for creating an otp. verification => telegram-otp-{id}=param1 )

  • if the user is on telegram, before every command check for your database (you can cache this), query account table with providerId=telegram & accountId=ctx.from.userId. if both match, then the user is authenticated through both web (user has account on db) and telegram (tg bot is always authed). show them their wallets

  • if the user is on telegram and does not have an account, you can retry the otp approach. create them a credential account, and ask them to connect their tg on web for the bot to correctly function (then the user will have a credential account and a telegram provider account). If that is too much to ask from the user, after credential sign in, create an account with accountId={tg id} & provider=telegram-bot (differrent from web login). so the user will have both credential account and a tg bot connection account (different from this plugin).

@Re4GD commented on GitHub (Jul 26, 2025): This plugin can partially fix your problem, The telegram user ids are unique so what you can do is: - if the user is on web, make them login with telegram, or link with telegram (this is about this plugin). then tell them that you have a tg bot as well (you can link them to the bot with a start param: t . me/mybot?start=param1, it was something like that. you can use the verification table for creating an otp. verification => telegram-otp-{id}=param1 ) - if the user is on telegram, before every command check for your database (you can cache this), query account table with providerId=telegram & accountId=ctx.from.userId. if both match, then the user is authenticated through both web (user has account on db) and telegram (tg bot is always authed). show them their wallets - if the user is on telegram and does not have an account, you can retry the otp approach. create them a credential account, and ask them to connect their tg on web for the bot to correctly function (then the user will have a credential account and a telegram provider account). If that is too much to ask from the user, after credential sign in, create an account with accountId={tg id} & provider=`telegram-bot` (differrent from web login). so the user will have both credential account and a tg bot connection account (different from this plugin).
GiteaMirror commented 2026-03-13 08:47:08 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Jul 27, 2025):

Okay man can't wait to use it then
For now just using ott, then when verified i save the session token in redis

@iatomic1 commented on GitHub (Jul 27, 2025): Okay man can't wait to use it then For now just using ott, then when verified i save the session token in redis
GiteaMirror commented 2026-03-13 08:47:09 -05:00
Author
Owner
Copy Link

@vitalygashkov commented on GitHub (Aug 7, 2025):

If anyone is interested, I've already implemented a similar plugin: vitalygashkov/telegram-better-auth

@vitalygashkov commented on GitHub (Aug 7, 2025): If anyone is interested, I've already implemented a similar plugin: [vitalygashkov/telegram-better-auth](https://github.com/vitalygashkov/telegram-better-auth)
GiteaMirror commented 2026-03-13 08:47:10 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Aug 30, 2025):

Plugin is almost ready, doing flow tests and writing docs.

  • Added support for account linking as @iatomic1 requested
  • Added callbackURLs for identical oauth flows and flexibility
  • Supports Telegram Login Widget's both callback/redirect flows

The plugin API is exactly like the oauth providers:

export type TelegramOptions = {
  /**
   * Bot token created from BotFather
   */
  botToken: string;
  /**
   * Custom function to map the user profile to a User object.
   */
  mapProfileToUser?: (profile: TelegramProfile) =>
    | {
        id?: string;
        name?: string;
        email?: string | null;
        image?: string;
        emailVerified?: boolean;
        [key: string]: any;
      }
    | Promise<{
        id?: string;
        name?: string;
        email?: string | null;
        image?: string;
        emailVerified?: boolean;
        [key: string]: any;
      }>;
};
@Re4GD commented on GitHub (Aug 30, 2025): Plugin is almost ready, doing flow tests and writing docs. - Added support for account linking as @iatomic1 requested - Added callbackURLs for identical oauth flows and flexibility - Supports Telegram Login Widget's both callback/redirect flows The plugin API is exactly like the oauth providers: ```ts export type TelegramOptions = { /** * Bot token created from BotFather */ botToken: string; /** * Custom function to map the user profile to a User object. */ mapProfileToUser?: (profile: TelegramProfile) => | { id?: string; name?: string; email?: string | null; image?: string; emailVerified?: boolean; [key: string]: any; } | Promise<{ id?: string; name?: string; email?: string | null; image?: string; emailVerified?: boolean; [key: string]: any; }>; }; ```
GiteaMirror commented 2026-03-13 08:47:11 -05:00
Author
Owner
Copy Link

@vcode-sh commented on GitHub (Oct 1, 2025):

Hey! I built better-auth-telegram which implements everything requested here:

Telegram Login Widget with callback/redirect flows
Account linking & unlinking
Telegram Mini Apps support (bonus!)
100% test coverage
Full TypeScript support
Published on npm

npm install better-auth-telegram

GitHub: https://github.com/vcode-sh/better-auth-telegram
Docs: https://github.com/vcode-sh/better-auth-telegram#readme

Feedback welcome!

@vcode-sh commented on GitHub (Oct 1, 2025): Hey! I built `better-auth-telegram` which implements everything requested here: ✅ Telegram Login Widget with callback/redirect flows ✅ Account linking & unlinking ✅ Telegram Mini Apps support (bonus!) ✅ 100% test coverage ✅ Full TypeScript support ✅ Published on npm npm install better-auth-telegram GitHub: https://github.com/vcode-sh/better-auth-telegram Docs: https://github.com/vcode-sh/better-auth-telegram#readme Feedback welcome!
GiteaMirror commented 2026-03-13 08:47:12 -05:00
Author
Owner
Copy Link

@mi3lix9 commented on GitHub (Oct 18, 2025):

Hi, I have a strange use case, my bot server is separated from web server, and I want to authorize my users using better auth.

Any one tried to achieve this or has better idea?

@mi3lix9 commented on GitHub (Oct 18, 2025): Hi, I have a strange use case, my bot server is separated from web server, and I want to authorize my users using better auth. Any one tried to achieve this or has better idea?
GiteaMirror commented 2026-03-13 08:47:13 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Oct 18, 2025):

Like the docs, very engaging😅, Question(tho I prlly know the answer to this) so I'm not using mini apps, just using the telegram bot as is, and there are some commands that needs User being authenticated, but I cannot for the love of God get better auth to run on it, prlly because better auth relies on Web cookies or smthn, does this plugin fixes that? Great plugin btw

Hey! I built better-auth-telegram which implements everything requested here:

Telegram Login Widget with callback/redirect flows
Account linking & unlinking
Telegram Mini Apps support (bonus!)
100% test coverage
Full TypeScript support
Published on npm

npm install better-auth-telegram

GitHub: https://github.com/vcode-sh/better-auth-telegram
Docs: https://github.com/vcode-sh/better-auth-telegram#readme

Feedback welcome!

@iatomic1 commented on GitHub (Oct 18, 2025): Like the docs, very engaging😅, Question(tho I prlly know the answer to this) so I'm not using mini apps, just using the telegram bot as is, and there are some commands that needs User being authenticated, but I cannot for the love of God get better auth to run on it, prlly because better auth relies on Web cookies or smthn, does this plugin fixes that? Great plugin btw > Hey! I built `better-auth-telegram` which implements everything requested here: > > ✅ Telegram Login Widget with callback/redirect flows > ✅ Account linking & unlinking > ✅ Telegram Mini Apps support (bonus!) > ✅ 100% test coverage > ✅ Full TypeScript support > ✅ Published on npm > > npm install better-auth-telegram > > GitHub: https://github.com/vcode-sh/better-auth-telegram > Docs: https://github.com/vcode-sh/better-auth-telegram#readme > > Feedback welcome!
GiteaMirror commented 2026-03-13 08:47:13 -05:00
Author
Owner
Copy Link

@iatomic1 commented on GitHub (Oct 19, 2025):

Hey @vcode-sh i left an issue on the repo

Hey! I built better-auth-telegram which implements everything requested here:

Telegram Login Widget with callback/redirect flows Account linking & unlinking Telegram Mini Apps support (bonus!) 100% test coverage Full TypeScript support Published on npm

npm install better-auth-telegram

GitHub: https://github.com/vcode-sh/better-auth-telegram Docs: https://github.com/vcode-sh/better-auth-telegram#readme

Feedback welcome!

@iatomic1 commented on GitHub (Oct 19, 2025): Hey @vcode-sh i left an issue on the repo > Hey! I built `better-auth-telegram` which implements everything requested here: > > ✅ Telegram Login Widget with callback/redirect flows ✅ Account linking & unlinking ✅ Telegram Mini Apps support (bonus!) ✅ 100% test coverage ✅ Full TypeScript support ✅ Published on npm > > npm install better-auth-telegram > > GitHub: https://github.com/vcode-sh/better-auth-telegram Docs: https://github.com/vcode-sh/better-auth-telegram#readme > > Feedback welcome!
GiteaMirror commented 2026-03-13 08:47:14 -05:00
Author
Owner
Copy Link

@philippfo9 commented on GitHub (Nov 11, 2025):

Hey! I built better-auth-telegram which implements everything requested here:

Telegram Login Widget with callback/redirect flows Account linking & unlinking Telegram Mini Apps support (bonus!) 100% test coverage Full TypeScript support Published on npm

npm install better-auth-telegram

GitHub: https://github.com/vcode-sh/better-auth-telegram Docs: https://github.com/vcode-sh/better-auth-telegram#readme

Feedback welcome!

Do you support the login url for web login to directly login users?

@philippfo9 commented on GitHub (Nov 11, 2025): > Hey! I built `better-auth-telegram` which implements everything requested here: > > ✅ Telegram Login Widget with callback/redirect flows ✅ Account linking & unlinking ✅ Telegram Mini Apps support (bonus!) ✅ 100% test coverage ✅ Full TypeScript support ✅ Published on npm > > npm install better-auth-telegram > > GitHub: https://github.com/vcode-sh/better-auth-telegram Docs: https://github.com/vcode-sh/better-auth-telegram#readme > > Feedback welcome! Do you support the login url for web login to directly login users?
GiteaMirror commented 2026-03-13 08:47:14 -05:00
Author
Owner
Copy Link

@dosubot[bot] commented on GitHub (Feb 10, 2026):

Hi, @Re4GD. I'm Dosu, and I'm helping the better-auth team manage their backlog and am marking this issue as stale.

Issue Summary

  • You proposed adding support for Telegram's Login Widget with its unique OAuth flow and developed a nearly complete plugin.
  • Your plugin supports account linking, callback URLs, and both callback and redirect flows.
  • Other contributors shared similar plugins, including vcode-sh's "better-auth-telegram" with advanced features like Mini Apps support and full TypeScript coverage.
  • The discussion also explored use cases involving Telegram bots connecting with web apps and related authentication challenges.

Next Steps

  • Please let me know if this issue is still relevant to the latest version of better-auth by commenting here to keep the discussion open.
  • If I don’t hear back within 7 days, I will automatically close this issue.

Thanks for your understanding and contribution!

@dosubot[bot] commented on GitHub (Feb 10, 2026): Hi, @Re4GD. I'm [Dosu](https://dosu.dev), and I'm helping the better-auth team manage their backlog and am marking this issue as stale. **Issue Summary** - You proposed adding support for Telegram's Login Widget with its unique OAuth flow and developed a nearly complete plugin. - Your plugin supports account linking, callback URLs, and both callback and redirect flows. - Other contributors shared similar plugins, including vcode-sh's "better-auth-telegram" with advanced features like Mini Apps support and full TypeScript coverage. - The discussion also explored use cases involving Telegram bots connecting with web apps and related authentication challenges. **Next Steps** - Please let me know if this issue is still relevant to the latest version of better-auth by commenting here to keep the discussion open. - If I don’t hear back within 7 days, I will automatically close this issue. Thanks for your understanding and contribution!
GiteaMirror commented 2026-03-13 08:47:15 -05:00
Author
Owner
Copy Link

@Re4GD commented on GitHub (Feb 16, 2026):

not stale

@Re4GD commented on GitHub (Feb 16, 2026): not stale
GiteaMirror commented 2026-03-13 08:47:17 -05:00
Author
Owner
Copy Link

@khashvin commented on GitHub (Mar 4, 2026):

Telegram now supports the standard oauth implementation https://core.telegram.org/bots/telegram-login
I opened a PR implementing it as a social provider #8359

@khashvin commented on GitHub (Mar 4, 2026): Telegram now supports the standard oauth implementation https://core.telegram.org/bots/telegram-login I opened a PR implementing it as a social provider #8359
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
adapter
astro
awaiting external contributor
blocked
breaking
breaking change
bug
c-devops
core
credentials
database
dependencies
devops
devtools
docs
documentation
duplicate
elysia
enhancement
enterprise
expo
express
fastify
good first issue
help wanted
hono
identity
infra
integration
invalid
javascript
locked
maintenance
need-more-information
needs: info
needs: repro
nextjs
nuxt
oauth
organization
P0
payments
perf
platform
plugin
pull-request
Mirrored from GitHub Pull Request
 question
ready
regression
remix
security
social-provider
solid
stale
svelte
tanstack-start
tracking
version-bump
vue
wontfix
No Label plugin
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/better-auth#1546
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?