Telegram
Connect your agent to Telegram so users can chat with it via a bot. The agent polls or receives messages from Telegram, and the Pai sidecar injects the real bot token on every API call.
Create a bot
- Open Telegram and search for @BotFather
- Send
/newbot - Choose a display name and a username (must end in
bot) - BotFather replies with your token — a string like
7123456789:AAH1bGc...
Setup
# 1. Store the token
pai add secret telegram-token --from-literal token=7123456789:AAH1bGc...
# 2. Create the provider
pai apply -f - <<EOF
apiVersion: pai.io/v1
kind: Provider
metadata:
name: telegram-bot
spec:
type: telegram
host: api.telegram.org
auth:
type: bot-token
secretRef: telegram-token
secretKey: token
agentEnvVar: TELEGRAM_BOT_TOKEN
policy:
allow: ["*"]
audit:
logRequests: true
EOF
The agentEnvVar field causes Pai to inject a dummy TELEGRAM_BOT_TOKEN value into the agent container — enough for Telegram client libraries to initialise, but the sidecar replaces it with the real token on every outbound request.
Attach to an agent
spec:
providers:
- telegram-bot
Verify
Once the agent is running, send /start to your bot in Telegram. Check that traffic is flowing:
pai status my-agent
# Providers:
# - telegram-bot (telegram / api.telegram.org) — 5 requests today
Policy examples
Allow all Telegram methods (most common):
policy:
allow: ["*"]
Restrict to specific methods:
policy:
allow:
- sendMessage
- getUpdates
- sendPhoto
- answerCallbackQuery
deny:
- deleteMessage
- banChatMember