Approval tokens too long for chat-surface buttons (Telegram, Discord) #46
Description
Problem
Lobster approval gates generate base64-encoded JWT-style resume tokens (~150+ chars). These tokens are too long for inline button payloads on most messaging platforms:
| Platform | Button payload limit | Token fits? |
|---|---|---|
| Telegram | 64 bytes | ❌ No |
| Discord | 100 chars | ❌ No |
| 256 chars | ✅ Barely | |
| Slack | 255 chars | ✅ Barely |
| Signal | No buttons | ❌ N/A |
| iMessage | No buttons | ❌ N/A |
This means approval gates — the core human-in-the-loop mechanism — cannot be presented as one-tap buttons on the two most popular chat surfaces. Users have to copy-paste long tokens from text messages instead.
Related: #44 (self-approval prevention) is about caller identity. This issue is about the transport mechanism.
Proposed Solutions
-
Short approval codes — Lobster generates a 6-8 char alphanumeric code, maps it internally to the full resume token. User taps a button with the short code, or types
lobster approve abc123. -
Webhook callback URL — Lobster exposes an HTTP endpoint per pending approval. Button hits the URL directly. No token in the payload at all.
-
Named approval slots —
lobster approve <workflow-name>orlobster approve --latest. Since most users only have one pending approval at a time, this covers 90% of cases.
Option 1 is probably the simplest and most universal — works on every surface, even ones without buttons (user can just type the code).
Context
We are currently working around this with a two-step hack: Lobster runs pre-flight checks, then we send a Telegram button with a hardcoded /restart callback, which triggers the actual lobster resume on the backend. This works but is brittle and workflow-specific.