Tempest Push sends cross-device notifications — get a push on your phone when a scheduled snippet fails. End-to-end encrypted, opt-in per device.
Tempest Push delivers push notifications between your Tempest devices: your laptop runs a scheduled snippet, the run fails, your phone gets a notification. The opposite works too — start a long-running command from your phone via a saved snippet, get notified on your Mac when it finishes.
The whole flow is opt-in per device and end-to-end encrypted.
Scheduled snippet failures — a cron-style run exits non-zero
Long-running snippet completions — for jobs you fired and forgot
Connection errors on critical hosts (configurable per-host)
Sign in to Tempest on each device that should send or receive notifications.
Settings → Notifications → Tempest Push → toggle on per device.
On mobile (iOS / Android), grant push permission when prompted.
On desktop, register the device with the OS notification center.
Each device gets its own opt-in toggle — you can have a phone that only receives, or a server that only sends.
Your laptop / server / phone each register a push token with the Tempest backend.
When one device emits a notification, the payload is encrypted to the receiving devices' public keys before it leaves the sending device.
The Tempest backend hands the ciphertext to APNs (iOS) / FCM (Android) / OS notification API (desktop) — but never sees the plaintext message.
See End-to-End Encryption for the cryptographic detail.
Desktop Tempest doesn't go through OAuth2 — it uses a device push token (LSDevicePushToken) issued by Tempest's web services for sending notifications. The token is per-device, can be revoked individually, and is what allows headless / standalone Tempest backends to send pushes without holding any user OAuth credentials.
Per device:
Settings → Notifications → Tempest Push → toggle off.
Globally:
gotempest.app → Account → Devices → revoke the device's push token. This stops all notification traffic from that device immediately.
Push delivery best-effort — APNs / FCM may delay or drop messages under load.
Critical alerts should still flow through dedicated tools (PagerDuty, Opsgenie, etc.). Tempest Push is for individual / small-team workflows.
Snippets & Scheduled Runs — the most common notification source
End-to-End Encryption — how plaintext stays on your devices
Last updated
