One prompt. One iframe. Done.

The easiest way to add Telegram Login.

5 lines to integrate. One click to authenticate. Nothing else to ask for — no phone numbers, no passwords, no broken domain configs.

Works on any domain No phone number asked Bot & spam protection Installs in 60 seconds
yourapp.com/login

Sign in to Acme

Secure passwordless login

or
Secured by Teleclerk
5 lines
to install
1 tap
to sign in
0
phone numbers
domains supported
The honest comparison

Telegram's OAuth is painful.
Teleclerk just works.

We rebuilt Telegram auth from scratch so your users never see a phone prompt, a domain error, or a broken widget again.

Native Telegram Login
Confusing. Restricted. Leaky.
  • Demands the user's phone number
    Instant drop-off. Users bounce the moment they see a phone field.
  • Locked to one domain
    Add every subdomain in BotFather. Local dev? Preview URLs? Broken.
  • You still build the bot
    Bot logic, webhooks, session storage, hash verification — all on you.
  • Cryptic HMAC verification
    Devs copy-paste half-broken snippets from 2019 Stack Overflow answers.
Teleclerk
The Teleclerk way
Frictionless. Universal. Prompt-installable.
  • One-tap authorize inside Telegram
    No phone number. Ever. Users tap Authorize and they're in.
  • Works on every domain
    Localhost, preview URLs, staging, prod — all the same publishable key.
  • 5 lines of code — or one prompt
    Drop the iframe. Or paste our LLM prompt into Cursor/Lovable and ship.
  • Built-in bot & spam protection
    Force-join channels, ban lists, rate limits, session revocation — free.
Instant login

One-tap authorization from inside the Telegram app users already trust — no phone, no email, no password.

Bot & spam armor

Force-join real communities, block throwaway accounts, ban attackers in one click.

OTP as fallback

Users send /otp to the bot and paste a 6-digit code — no smartphone required.

Ship Telegram auth in three steps

No bot to deploy, no session cookies to babysit. Users authorize inside Telegram, you get a verified token.

Step 1
Create a site

Add your app in the dashboard and generate a publishable + secret key pair.

Step 2
Embed the widget

Drop a 5-line iframe on your login page. Listen for the auth postMessage.

Step 3
Verify & sign in

POST the token to /verify from your backend — get a Telegram user, sign in.

Install

Five lines of HTML.
Or one prompt to your AI.

Drop the widget on any page. When the user authorizes in Telegram, your parent window gets a postMessage with a signed session token.

  • Zero client-side secrets — publishable key only
  • Server-side /verify endpoint for stateless sessions
  • Paste our LLM prompt into Cursor / Lovable and ship in minutes
Get started
<iframe
  src="https://teleclerk.xunez.app/embed/login?site_key=pk_live_..."
  style="width:100%;height:540px;border:0;border-radius:16px"
  allow="clipboard-write">
</iframe>

<script>
  addEventListener('message', (e) => {
    if (e.data?.type === 'teleclerk:auth') {
      fetch('/api/complete', {
        method: 'POST',
        body: JSON.stringify({ token: e.data.token })
      })
    }
  })
</script>

Give your users the auth
they already have open.

Free while you're building. No credit card. No phone number for your users, ever.