--- title: Task 5.7 Telegram Admin Support Surface tags: [taskmaster, telegram, admin, support] created: 2026-05-24 status: planned --- # Task 5.7 Telegram Admin Support Surface Task 5.7 is not complete in this first Task 5 pass. This document defines the admin/support scope required for Telegram-originated cases. ## Required admin/support visibility - Telegram linked identity on user profile. - Bot notification status and blocked-bot state. - Mini App launch source and latest Telegram session metadata. - Payment provider and wallet/payment references for Telegram-originated intents. - Telegram webhook/callback event history for support investigation. ## Required admin/support actions - Resend link prompt. - Revoke Telegram link. - Block Telegram bot access for a user. - Inspect Telegram-originated event history. - Escalate payment/dispute issues to canonical admin workflows. ## Security requirements - Admin overrides remain gated by Task 4 step-up/two-person controls. - Support can inspect Telegram context but cannot mutate funds state. - Every support/admin action writes structured audit metadata. ## Required tests - Support can read Telegram link metadata but cannot release/refund funds. - Admin link revocation invalidates active Telegram link. - Blocked Telegram user cannot create a new Mini App session. - Admin override paths still require step-up when configured.