Skip to content

What teammates can and can't see

This is the most important thing to understand about Entergram workspaces.

The boundary

Section titled “The boundary”
  • Each user only sees the chats from the Telegram accounts they themselves connected. If five teammates share a workspace, each one connects their own Telegram accounts and sees only their own conversations.
  • Telegram message content is never shared between teammates unless two people connect the same Telegram account into their own Entergram accounts.
  • What is shared workspace-wide is the CRM layer on top: custom columns, tags, internal comments, tickets, reminders, templates, and audit logs. So a teammate can see that “you have 14 chats tagged VIP with stage Demo” — they cannot read the messages inside those chats.
  • Workspace analytics aggregates metadata (counts, response times, heatmaps) across members’ accounts when “Members can see all analytics” is on; raw message bodies stay private to the account owner.

If a teammate needs to read a specific account’s chats

Section titled “If a teammate needs to read a specific account’s chats”

Both of you connect that Telegram account into your own Entergram accounts. The same Telegram session can be live in multiple Entergram users’ accounts at once — you each become a participant and you both see the conversation.

This is also how a team typically operates a shared support inbox or sales account: every relevant teammate connects the same Telegram account, and all of them can read and reply.

Cross-workspace isolation

Section titled “Cross-workspace isolation”

Every server-side query that reads chats, tags, custom columns, templates, broadcasts, tickets, or analytics is scoped to your workspace and verifies your membership. Your data and another workspace’s data never mix on a shared endpoint. API keys are workspace-scoped too — a key issued in workspace A can’t read workspace B.

Security defaults you should know about

Section titled “Security defaults you should know about”
  • Telegram credentials are relayed through Entergram’s auth proxy; your browser never sends them directly to Telegram.
  • Sessions live encrypted on Entergram’s servers, not in your browser.
  • Files (composer attachments, chat files, comments, template attachments) live in private storage — Entergram issues short-lived signed URLs when you click a file. No raw URL is guessable.
  • Auth endpoints are rate-limited to 20 requests/minute/IP to stop brute-force and code-phishing.
  • Payment webhooks are signed and verified before anything is processed; replay protection ensures each event is processed exactly once.

”Session expired” banner

Section titled “”Session expired” banner”

You’ll see this when Telegram invalidates Entergram’s session — usually because the same account was logged in elsewhere, or because Telegram moved your account to a different region. Click “Reconnect” and redo the QR or phone flow to restore the session.

Logging out

Section titled “Logging out”
  • “Disconnect” on a connected Telegram account in Settings → Accounts removes Entergram’s access and revokes the server-side session.
  • Signing out of Entergram itself ends your browser session for the Entergram app.
  • For a hard reset, disconnect every Telegram account and sign out of Entergram.