Skip to content
Learn more about Mattermost for Microsoft Teams »

I suggest you ...

← General

Private metadata on mobile notifications

My organization is using Mattermost heavily, and we'd like to receive mobile notifications to make it more useful. However, currently Mattermost shares a lot of metadata with Apple's and Google's servers:

https://docs.mattermost.com/mobile/mobile-faq.html#what-post-metadata-is-sent-in-mobile-push-notifications

This is preventing us from enabling notifications.

I'd like to suggest that you treat the Apple and Google push notification services just as a "wake up" signal, without including user ID, team ID, etc. The mobile app would then connect (via TLS) to its server, download any new messages, and generate local notifications based on those.

I recently spoke with someone on the Mattermost team who suggested that push notifications on iOS cannot wake the app, but this information is out of date. Current best practice on iOS is PushKit (https://developer.apple.com/documentation/pushkit), which can wake apps.

Thanks,
Jacob

10 votes
Vote

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
jsha shared this idea  ·   ·  Report…  ·  Admin →
How important is this to you?

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close

We're glad you're here

Please sign in to leave feedback
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment
  • Adrian commented  ·   ·  Report

    Numeric IDs are not sensitive data, you cannot do anything useful with them. However, human-readable team/channel/user names or even message contents are a problem. Disabling them in the settings is not great, because e.g. on smartwatches this makes notifications basically useless.

    Unfortunately Mattermost is not "privacy-first" in this regard, as their new "ID-loaded notifications" feature (which is exactly what you are asking for) is restricted to Enterprise Edition E20, even though this would be good for privacy even on a small Team Edition instance!

  • Anonymous commented  ·   ·  Report

    Other messaging apps like Threema are also doing this in the same way (wake up only, retrieval of message with the triggered app). This way, no private information is available on the push servers while still the contents of the message can be displayed in notifications (and also on devices like a smart watch). This would really be a great feature. Right now, we also turned off message contents in push message as otherwise all company internal messages would again be available at some third party location.

General: Mattermost App - iPhone, iPad, iOS

Categories

Feedback and Knowledge Base

(thinking…)