Rights and Roles Separation¶

Rights and roles separation for operators in Hotline backend group can be set in several ways:

Native Telegram rights — basic privileges of group members
EXTENSIONS_ALLOWED parameter — access to administrative module functions
HIDE_INFO parameter — control of sensitive customer information visibility

Key Roles at Group Level¶

Group Owner¶

Main characteristics:

Often also the Hotline connections administrator
Has full set of rights in the group
Can add and remove administrators
Only one who can delete the group or transfer ownership

Group Administrators¶

Group admins differ from regular operators with an extended set of Telegram privileges. For effective work with Hotline, they should be granted the following rights:

Delete messages — deleting messages in topics
Ban users — access to /ban and /unban commands
Invite users via link — inviting new operators via link
Manage topics — managing topics (opening closed, editing, deleting)
Add new admins — appointing new administrators (optional)

Be Careful with Delete messages Right!

When deleting messages in the group, Telegram offers dangerous options like "Delete all messages from this bot" or "Delete all messages from this user". You can accidentally delete the entire incoming message history!

Make sure your administrators understand the risks and act carefully when deleting messages.

Don't Use Remain Anonymous Right

This right makes many Hotline functions unavailable, as it doesn't allow the mandatory binding of actions to a specific operator. Analytics and commands require sender identification.

Operators (regular members)¶

For basic work with dialogs, operators need a minimal set of privileges:

Manage topics — opening closed topics to continue communication with the customer
Pin messages — pinning important comments with tasks or customer information

Basic capabilities:

Sending messages in unclosed topics
Reading all group topics
Using basic commands (/info, /help, /wait, /hold)
Working with internal comments
Access to interface capabilities (search, notifications, navigation)

Important Features of Topic Groups¶

All backend group members are operators who can send messages in unclosed topics
All group members have read access to any group topic
Everyone has the same set of interface capabilities (search, notifications, navigation)
Regular operators and admins have different rights to create, edit and delete messages and topics

Bots as group members

Besides regular users, Telegram bots can be group members (for example, Hotline setup bot, which is added automatically on connection, or custom bots for integrations).

Public and private groups

Topic groups can be public and private. Hotline usually uses private groups for customer data confidentiality, but there are no technical restrictions on group type.

Access to Module Administrative Functions¶

By default, administrative functions of extended modules are only available to Hotline connections administrator through setup bot @hotlinetg_bot.

To grant access to other operators, use the EXTENSIONS_ALLOWED parameter.

EXTENSIONS_ALLOWED

List of USER_ID users allowed to use important Hotline module functions (broadcast configuration and launch, tag configuration, client base export, etc.).

Default value: available only to connection administrator.

Learn more about parameter

Mass Mailings Module `/send`¶

Launching mass mailings
Creating and editing mailing templates
Deleting mailings
Viewing sending statistics

Labels and Segmentation Module `/mark`¶

Creating new labels
Configuring label parameters (AFTER, SENDS, TICKER)
Deleting labels
Mass label assignment

Database Export Module `/export`¶

Launching topic list export
Getting CSV file with customer database

Quick Responses Module `/say`¶

This module is available to all operators without restrictions, as it's used for daily work with dialogs.

Role Recommendation

Grant access to administrative functions only to trusted operators or team supervisors. Mass mailings and database export are sensitive operations requiring control.

Customer Information Access Control¶

By default, all operators in the group have access to:

/info command with full information about user and chat profiles
User names in topic titles (as specified in Telegram)
Profile links of message authors when broadcasting from chats
Username and phones (if available)

If you need to hide sensitive information from regular operators, use the HIDE_INFO parameter:

Besides HIDE_INFO, there are parameters for controlling information passing between operators and customers:

Restricting outgoing messages by keywords:

Restricting incoming messages by keywords:

Advanced filtering via webhooks:

Rights Setup Examples¶

Small team (1-3 operators)

Configuration:

All operators are group administrators
EXTENSIONS_ALLOWED not used (everyone has access)
HIDE_INFO disabled

Suitable for: startups, small projects, high-trust teams.

Medium team (4-15 operators)

Configuration:

1-2 group administrators (owner + supervisor)
Others are regular operators with Manage topics and Pin messages rights
EXTENSIONS_ALLOWED for supervisors (access to /send, /mark, /export)
HIDE_INFO as needed

Suitable for: growing companies, support services and sales departments with clear hierarchy.

Security Recommendations

Minimum rights — grant only necessary rights to perform tasks
Regular audit — periodically review the list of administrators and their rights
Team training — explain to administrators the risks of dangerous actions (mass message deletion)
Access control — immediately remove operators from the group when they leave

Team Scaling

As the team grows, review the rights structure. What worked for 3 operators may be unsafe for 10.