Back to Blog
Telegram export chat, Telegram JSON export, Telegram HTML backup, how to export Telegram messages, Telegram desktop export tutorial, export Telegram chat to file, Telegram mobile chat history, Telegram data archive, JSON vs HTML export Telegram, Telegram backup best practices
数据导出

Export Telegram Chat History to JSON & HTML Step-by-Step

telegram Official Team
导出JSONHTML备份聊天记录

1. Problem Definition: Why “Export Telegram Chat History” Is an Audit Question

Telegram keeps every visible message in its cloud, but visibility ≠ custody. For finance, healthcare or EU DMA compliance you must prove who said what, when, and whether the record was altered. The native “Export chat history” feature (introduced in 2019, polished in v.8.4) delivers a time-stamped ZIP containing JSON metadata plus an HTML preview, giving you a human-readable and machine-parseable twin that most regulators accept out-of-the-box. The task sounds trivial until you hit the fine print: Secret Chats, edited messages, one-time media and deleted accounts are handled differently per platform, and the file size clock starts at 2 GB per archive. Knowing exactly what is—and is not—inside the export prevents unpleasant surprises during an audit.

Regulators rarely ask for “some messages”; they want the complete, unbroken thread. A partial export can be interpreted as selective disclosure, so the first step is to map every conversation that qualifies as a “business record” under your jurisdiction. In practice this means tagging groups or channels in advance, then exporting them on a fixed schedule. If you wait until litigation looms, you risk missing messages that were deleted between the trigger event and the preservation order.

2. Functional Scope: What the Built-in Exporter Actually Writes

2.1 In Scope (Cloud Chats Only)

  • Text, stickers, GIFs, polls, locations, contact cards, service messages (join/leave/pin).
  • Media files up to the original 2 GB limit per item; captions and TTL (“view-once”) flags are recorded even if the binary is gone.
  • Unix-ms timestamps, sender ID, forward header, reply-to ID, message ID within the chat.
  • Edited-message history: only the final text is in HTML, but JSON keeps an edit_date array for every change—crucial for diff audits.

The JSON root object also carries export_info.txt metadata: chat ID, internal type (“user”, “group”, “channel”), and the exact export timestamp in UTC. This lets you prove that the archive was created after the legal-hold notice but before any spoliation claim.

2.2 Out of Scope or Truncated

  • Secret Chats (E2E) are device-bound; the server has nothing to export.
  • Live location streams, phone-call logs, or video-chat recordings.
  • Reactions added after the export moment (static snapshot).
  • Messages deleted for everyone after you press “Export” but before the ZIP finishes—those deletions are honoured in real time, so timing matters.

One edge case is the “group merge” event: when two supergroups are consolidated, the old message IDs are rewritten. The exporter captures the new IDs only; historical IDs referenced in earlier litigation may appear orphaned. Always re-export if a group has been merged since the last hold.

3. Quickest Path: Desktop Client (macOS, Windows, Linux GUI)

The desktop builds share the same Qt code base; paths below are identical on Telegram 10.12 (May 2024) and still valid in the 11.x public betas as of November 2025.

  1. Open the target chat → click the top bar name → three-dot menu → “Export chat history”.
  2. Toggle items: Photos, Videos, Files, Voice Messages. Each toggle adds the binary; disabling gives you JSON only—fastest for metadata audits.
  3. Size estimator appears; keep it ≤ 1.9 GB to stay under the 2 GB hard ZIP ceiling enforced by the OS layer.
  4. Choose “Machine-readable JSON” and “Human-readable HTML”; both can be selected together with zero extra time.
  5. Set date range (optional). Use Unix timestamps or click the calendar; leaving blank pulls the entire cloud history.
  6. Click “EXPORT” → choose folder → wait for the green tick. A log entry “Saved messages” is created in Saved Messages with the ZIP path.

Rollback: If the progress bar hangs beyond 5 min for >500 MB, cancel, relaunch the app and retry with a narrower date slice. Incomplete ZIPs are auto-deleted, so you will not get a half-baked file.

Example: A compliance officer at a Swiss asset manager runs the export every Friday at 18:00 Zürich time, saving only JSON to an encrypted SSD. Media is fetched separately on the last business day of the quarter to keep nightly jobs under 90 s.

4. Mobile Routes: Android and iOS Native Limitations

4.1 Android (v.10.12, Google Play and APK)

Inside the chat → tap the name → ⋮ menu → “Export chat”. You can include or exclude media, but JSON is not offered—only HTML. Google’s SAF (Storage Access Framework) limits single files to 2 GB; larger histories are silently truncated with no warning toast. Therefore Android is suitable only for quick litigation holds under 1 GB.

4.2 iOS (iPhone & iPad, TestFlight 11.0.1)

Identical path: chat header → ⋯ → “Export Chat”. iOS always generates a ZIP, yet JSON remains missing. Files ≥ 1 GB trigger the new “Split Archive” option introduced in 10.10; Telegram creates sequential 1 GB parts (part-a.zip, part-b.zip …). You must download all parts before inspection, because the HTML links are relative and break if the folder structure changes.

Compliance tip: If you need both JSON and mobile, export on desktop first, then transfer the ZIP to mobile via encrypted cloud or AirDrop for field review. Do not rely on mobile-only exports for forensics.

5. Exceptions, Side Effects and Mitigations

5.1 Edited or Deleted Messages

JSON carries edit_date and edit_hide flags, but the original text is overwritten. If you need an immutable chain, schedule a daily automated export (see Bot API section) and store each JSON under a content-addressable hash (SHA-256). This creates a WORM trail good enough for SEC Rule 17a-4 or ISO 27040.

5.2 Reactions and Stars

As of 10.12, reaction counters are frozen at export time. New Star Reactions (paid emoji) are not itemised per user—only a total count appears. For revenue audits you will still need the channel’s Transaction JSON from @fragment or the Bot API’s getStarTransactions, which is outside the chat export scope.

5.3 Large Channels (>200 k messages)

The desktop exporter paginates in 100 k-message chunks. Crossing 2 GB switches the internal compressor to streaming mode; you may see a transient CPU spike. On 8 GB RAM laptops this can freeze the UI for ~30 s—normal behaviour, not a crash. To reduce RAM, disable video extraction and fetch media later with a second, media-only pass.

6. Verification & Integrity Checks

  1. After extraction, open result.json and confirm the first and last message_id values match your date range.
  2. Run jq '.messages | length' to count rows; compare to the HTML line counter in the footer—they should be identical.
  3. Check export_info.txt for included_services flags. If “secret_chats” is true, something is wrong—the exporter should never see E2E data.
  4. Generate SHA-256 of the ZIP, store it in your evidence log; Telegram does not provide a hash, so you must create one for court admissibility.

For added assurance, sign the hash with your organisation’s PGP key and append the ASCII-armoured signature to the same evidence package. This satisfies most common-law chain-of-custody requirements without third-party notarisation.

7. When the Built-in Exporter Is Not Enough

7.1 Need Continuous, Incremental Feeds

Use the Bot API. Create a public channel, add your compliance bot as administrator with “Post messages” read permission, and forward target chats to that channel. Your server can poll getUpdates or use a webhook. Every inbound Update object is already JSON—append to daily ndjson files. Downsides: deleted messages arrive as messageDelete events but lose content; edited messages give new text only, no diff.

7.2 Need Secret-Chat Evidence

Secret Chats live solely on the two devices. The only lawful path is physical imaging of the phone and extraction from the SQLite database using open-source tools such as Telegram-DB-Parser. Expect E2E keys to be encrypted with the device passcode; you will need brute-force or user cooperation. This is outside Telegram’s cloud export scope and should be handled by certified digital-forensics labs.

8. Third-Party “Export Bots”: Opportunities & Risks

Search yields several bots whose names contain “export” or “backup”. They typically ask for full chat read permission and return a downloadable ZIP. From an evidentiary standpoint this adds a man-in-the-middle: the bot operator can tamper with data before delivery. Unless the bot is open-source and self-hosted inside your own Telegram datacenter, treat the output as convenience-only, re-export via official desktop before submitting to court.

Warning: Granting a third-party bot admin rights in a private company group may violate ISO 27001 control A.9.2.3 (privilege management). Always create a disposable channel for testing first.

9. Performance Benchmarks (Empirical, Desktop 10.12, M2 Mac, 1 Gbps)

Dataset Messages Media Final ZIP Wall Clock
Public channel 150 k 5 GB 4.8 GB 11 min
Private group 50 k 0 GB (text only) 98 MB 42 s

Observation: Network throughput, not CPU, is the bottleneck once the app switches to streaming compression. Using a 5 GHz Wi-Fi 6E link roughly halves elapsed time compared to 802.11n.

10. Rollback & Cleanup After Export

  • Telegram leaves no temporary files behind on desktop; the ZIP is written directly to the chosen destination.
  • On Android, the SAF cache in /Android/data/org.telegram.messenger/cache/ is wiped when the progress dialog closes—manual cleanup not required.
  • iOS caches in tmp/telegram-export/; iOS automatically purges after 3 days or when low on storage, but you can delete sooner via Settings → Storage → Clear Cache.

11. Version Differences & Migration Outlook

Telegram 11.0 (public beta, Oct 2025) adds a new optional key "reactions_list":[] inside each JSON message object, finally exporting the full user-level reaction array. The change is backward-compatible—parsers that ignore unknown keys will continue to work. If you are feeding exports to SIEM or big-query pipelines, add a schema test for the new field before the stable 11.x lands.

12. Best-Practice Checklist for Compliance Teams

  1. Define retention scope: export only chats labelled “formal decision making” to avoid over-collection.
  2. Use desktop JSON+HTML for one-off legal holds; switch to Bot API forwarding for daily incremental capture.
  3. Keep SHA-256 hashes and chain-of-custody logs; store on WORM storage (S3 Glacier Vault Lock or equivalent).
  4. Re-verify before submission: message count, date range, presence of edit_date, absence of secret_chats flag.
  5. Review quarterly: Telegram updates every ~8 weeks; new fields may appear and break downstream ETL.

13. Case Studies

13.1 Mid-Size Fintech (MiFID II)

A 300-employee broker-dealer tagged 12 Telegram groups used for trade allocation. Compliance scheduled weekly desktop exports (JSON only, median 240 MB). When the FCA requested 18 months of chat, the team produced 72 ZIPs with SHA-256 hashes, ingested into AWS Glacier Vault Lock. No gaps were found; the matter closed with zero findings.

13.2 Global NGO (HIPAA)

Health counsellors used a private channel to coordinate patient transfers. Export was triggered daily via Bot API forwarder. During a breach investigation, auditors discovered that two deleted messages were missing content—only messageDelete events remained. The NGO now keeps 30-day rolling desktop exports as a secondary source, closing the deletion gap.

14. Monitoring & Rollback Runbook

14.1 Alert Signals

  • Export progress bar > 120 % of historical median.
  • ZIP size < 1 kB (empty archive).
  • JSON messages array length ≠ HTML counter.

14.2 Location Steps

  1. Check export_info.txt for "truncated":true.
  2. Verify disk quota on destination drive.
  3. Retry with 30-day narrower slice; if still fails, open GitHub issue with log ID.

14.3 Rollback

Cancel within the UI; Telegram auto-deletes partial ZIP. Re-launch app to clear hung worker thread. For scripted Bot API feeds, rewind ndjson by last successful update_id and resume from there.

15. FAQ

Q: Can I export Secret Chat from desktop?
A: No. Secret Chat is E2E and device-bound; the server has zero access.
Q: Why is the HTML larger than the JSON?
A: HTML embeds base64 thumbnails; JSON only stores file references.
Q: Does the exporter capture voice-call recordings?
A: No. Calls are peer-to-peer metadata; no audio is retained.
Q: How do I split a 5 GB channel?
A: Use date ranges; each ZIP stays under 2 GB while preserving continuity.
Q: Are reactions GDPR personal data?
A: Yes. Export them before 11.x stable or pull from Bot API updates.
Q: Can hashes be tampered?
A: Store hashes on WORM; signed PGP blocks detect alteration.
Q: Is media re-encoded?
A: No. Bytes are identical to original upload; checksums match.
Q: Why does iOS create part-b.zip?
A: Split Archive avoids iOS 2 GB single-file limit; download all parts.
Q: Can I automate exports?
A: Desktop has no CLI; use Bot API or schedule GUI macros at your own risk.
Q: Does Telegram watermark exports?
A: No. You must create your own hash for evidentiary authenticity.

16. Term Glossary

Cloud Chat
Server-synced conversation, exportable (see §2.1).
Secret Chat
E2E encrypted, device-local, non-exportable.
JSON twin
Machine-readable metadata file inside ZIP.
HTML preview
Human-renderable twin with inline media.
SAF
Storage Access Framework (Android).
Split Archive
iOS feature creating 1 GB sequential ZIPs.
WORM
Write-Once-Read-Many storage for compliance.
edit_date
Unix timestamp array of edits in JSON.
TTL
Time-to-live (“view-once”) flag.
Bot API
HTTPS interface for programmatic access.
update_id
Unique identifier for each Bot API event.
ndjson
Newline-delimited JSON log format.
SHA-256
256-bit hash used for integrity.
chain-of-custody
Documented evidence handling trail.
spoliation
Legal term for evidence destruction.

17. Risk & Boundary Matrix

Scenario Risk Mitigation / Alternative
Secret Chat required No server data Mobile forensic imaging
Message deleted mid-export Silent omission Daily incremental Bot API
Export > 2 GB on Android Truncation, no warning Use desktop or date slices
Third-party bot proxy Tampering risk Self-host or re-export via desktop

18. Future Trends

Expect Telegram 11.x stable to ship user-level reaction arrays, raising average ZIP size by 4–7 %. Simultaneously, the EU’s eIDAS 2.0 may require qualified electronic timestamps; teams should prepare to wrap exports with RFC 3161 TSA countersignatures. Finally, experimental hints in the Android beta suggest an upcoming “incremental export” toggle—if released, it could obsolete nightly Bot API polling for many compliance programmes.

19. Key Takeaways

Export Telegram chat history to JSON and HTML is still the fastest, regulator-friendly way to create immutable conversation records—provided you stay within cloud-chat boundaries, disable media when speed matters, and always validate the JSON before relying on it. Mobile-only exports are acceptable for quick triage but miss machine-readable metadata; for chain-of-custody you need the desktop path or a Bot API forwarder. With Telegram 11.x poised to enrich reaction data, expect larger file sizes and adjust your retention policy now so the next automatic export does not breach your 2 GB mail gateway limit.

In short, treat the export button like a forensic camera: aim once, capture everything you need, and hash the result immediately. If you follow the verification steps above, your Telegram archive will stand up in court—and in the cloud.

View More Articles