MCTL for Telegram MCP Server

MCTL for Telegram lets users access and manage their own Telegram account from ChatGPT after explicit user authorization. It supports reading recent chats, summarizing messages, drafting replies, preview-only sending by default, confirmed pin actions, audit review, and account disconnect/delete controls. It is not an official Telegram app or Telegram API partner, and Telegram message content is treated as untrusted user-generated data.

View on mctl.ai

Documentation

ChatGPT App · MCP Server · tg.mctl.ai

Your authorized Telegram account,

inside your AI assistant

Install from the ChatGPT App Directory or connect via Settings → Apps. Summarise chats, search messages, and draft replies from ChatGPT, Claude, or any MCP client — after OAuth sign-in to the Telegram account you own and control.

Install in ChatGPT Add to Claude Copy MCP URL See the docs

Privacy policy · Security model ·[email protected]

What you can do

Summarise unread chats

Ask your assistant what you missed while you were away. Get a digest of any chat, group, or channel without opening Telegram.

Draft and review messages

Let your assistant write or check a reply before you send. Review tone, catch errors, or translate — then send when ready.

Search across conversations

Find anything you said or received, instantly. Search by topic, person, or date across your full history.

Triage your inbox

List every chat and surface what still needs a reply, so you can clear a backlog of unread conversations in one pass.

Translate on the fly

Read foreign-language chats in your own language, or draft a reply in theirs — without leaving the conversation.

Pin what matters

Ask your assistant to pin a key message in a chat (requires admin rights in groups) so the important thing stays at the top where everyone sees it.

How it works

Your AI client Claude, ChatGPT…

mctl-telegram MCP server

Telegram MTProto API

  1. You authorise with Telegram sign-in. mctl-telegram stores an encrypted MTProto session on your behalf.
  2. When you prompt your assistant, it calls the MCP tools on this server over an OAuth-authenticated connection.
  3. mctl-telegram makes MTProto calls to Telegram, formats the result, and returns it to your assistant.

Install in ChatGPT

  1. Open ChatGPT → Settings → Apps and select your draft app (or install from the App Directory once published).
  2. Set the MCP server URL to https://tg.mctl.ai/mcp.
  3. Authentication: OAuth. ChatGPT discovers this server via https://tg.mctl.ai/.well-known/oauth-protected-resource and https://tg.mctl.ai/.well-known/oauth-authorization-server.
  4. Complete the Telegram sign-in flow in your browser when prompted.
  5. Test with a read-only tool (list_dialogs or get_unread_messages) before enabling real sends. On tg.mctl.ai, real sends stay blocked until all opt-in gates are enabled (see send-gate).
  6. Review our privacy policy and security model before connecting your account.

Other MCP clients

  1. Any client: copy the MCP URL https://tg.mctl.ai/mcp and add it as a custom connector. Authentication is OAuth — you sign in with Telegram once during setup.
  2. Claude: open Connectors settings, choose Add custom connector, and paste the MCP URL.
  3. Cursor, Windsurf, and others: paste the MCP URL into your client's remote MCP connector settings. See /docs for OAuth discovery URLs and a smoke-test command.

Data at a glance

  • Stored on this server: an AES-256-GCM encrypted Telegram session blob per account, plus audit metadata (tool name, redacted peer reference — never message text).
  • Not stored: message bodies, phone numbers, 2FA passwords, or OAuth tokens in logs.
  • Through ChatGPT: your prompts, tool arguments, and tool results pass through the ChatGPT client to reach this server; ChatGPT's own data practices apply to that traffic.
  • Your controls: disconnect or delete your account at any time via MCP tools or the HTTP API. Full inventory in our privacy policy.

Our trust model

mctl-telegram holds a server-side Telegram session on your behalf. Here is exactly what that means:

  • Sessions are AES-256-GCM encrypted at rest with per-user keys derived via HKDF-SHA256.
  • No message text, phone numbers, or 2FA passwords are ever logged or persisted — enforced by the slog redaction handler.
  • You can disconnect (soft revoke) or delete (hard delete) your session at any time using the MCP tools or the API.

MCP endpoint: https://tg.mctl.ai/mcp
OAuth protected resource document: https://tg.mctl.ai/.well-known/oauth-protected-resource

Full security model Data retention Developer reference

Optional: Local Bridge mode (beta, self-hosted) keeps the session on your own machine instead of this server. It is not required for the ChatGPT App. See GitHub.

Common questions

Which AI assistants does this work with?

Any client that supports remote MCP connectors — Claude, ChatGPT, Cursor, Windsurf, and others. It is a standard OAuth-authenticated MCP server, so it is not tied to a single vendor.

Is this an official Telegram app?

No. mctl-telegram is an independent project, not affiliated with or endorsed by Telegram or OpenAI. It operates only on the Telegram account you explicitly connect, and you remain responsible for following Telegram's terms.

Can it send messages on my behalf?

Only if you explicitly opt in. On tg.mctl.ai the effective default is dry-run: ALLOW_SEND=false blocks real sends, so send_message returns a preview (sent=false) instead. Real sends additionally require your account send_enabled flag and the telegram:messages:send scope — there is no mode argument to bypass the gate.

What data does ChatGPT see?

Your conversation prompts, the tool arguments ChatGPT sends (e.g. peer, message text for drafts), and the tool results this server returns. That traffic is handled by ChatGPT under OpenAI's policies. This server stores only an encrypted session blob and audit metadata — see /privacy.

What data does mctl-telegram store?

Only an encrypted session blob per account. No message text is ever stored or logged. The audit log records tool names and redacted peer references only.

How do I revoke access?

Call the disconnect_telegram_account MCP tool (soft revoke, keeps row) or delete_telegram_account (hard delete, removes all your data). You can also revoke from Telegram's side: Settings → Devices.

Is this open source?

Yes. The full source is at github.com/mctlhq/mctl-telegram. You can audit the code, run your own deployment, or contribute.

What is the Local Bridge?

An optional self-hosted mode (beta) where the Telegram session stays on your own machine and tg.mctl.ai acts only as a relay. It is not part of the standard ChatGPT App install path. See GitHub.

Support and publisher

  • Publisher: mctl
  • Support: [email protected]
  • Privacy policy: https://tg.mctl.ai/privacy
  • Security reports: [email protected] (see /security)
  • Source code: github.com/mctlhq/mctl-telegram (open source — audit, self-host, or contribute)