Get one contact
Returns everything stored for one contact, addressed by its `lid` (WhatsApp's stable per-account identifier for a person): their name, whether you have a direct chat with them, and every group you have seen them in — including their nickname and role in each group. Served entirely from **stored** data, so no live WhatsApp connection is needed. **Auth:** requires the `read` capability. **Errors:** `404` (`not_found`) if the session does not exist, is not owned by the caller's organization, or no contact with the given `lid` is stored for that session.
Send Authorization: Bearer <token>. The router accepts two kinds of token and tries each in turn: a frontend-minted login JWT (verified against the frontend JWKS; the person's org + role are read from it), or an api-key for a script/service (carrying a fixed set of gateway permissions). The bearerFormat: JWT label describes the person-login case.
In: header
Path Parameters
The WhatsApp session id that owns the stored contact.
The contact's LID — WhatsApp's stable per-account identifier for a person. Served from stored data, so the value must already be known to this session (e.g. from a prior list response).
Response Body
application/json
application/json
curl -X GET "https://example.com/api/v1/sessions/sess_01HZX/contacts/123456789@lid"{ "dm": true, "groups": [ { "jid": "string", "lastSeen": 0, "name": "string", "role": "string", "tag": "string" } ], "identity": { "businessName": "Acme Corp", "firstSeenAt": 1719662400000, "id": 1024, "lid": "205227043110953@lid", "name": "Alice", "phoneJid": "6281234567890@s.whatsapp.net", "phoneNumber": "6281234567890", "updatedAt": 1719662400000 }}{ "error": { "code": "not_found", "details": { "property1": null, "property2": null }, "message": "session not found" }}Unblock a contact POST
Tells WhatsApp to unblock this contact so they can message the session again. This is a **live action** against WhatsApp — the session must be **connected**. If the session is not connected the gateway responds `501` (`not_implemented`). The operation is **idempotent**: unblocking a contact who is not blocked succeeds with the same `204` and no additional effect. On success the response body is empty. **Auth:** requires the `send` capability. **Errors:** `404` (`not_found`) if the session does not exist or is not owned by the caller's organization; `501` (`not_implemented`) if the session is not connected.
List a session's groups GET
Returns the groups this session belongs to. **Capability:** requires `read`. **Served from stored data:** the list comes from the gateway's stored WhatsApp data, so it works even when the session is **not connected** (no live WhatsApp round-trip). **Response:** a `List` envelope (`{ "data": [...], "nextCursor": "" }`) of group objects. The current implementation returns the full set in a single page with an empty `nextCursor`. **Errors:** - **404 `not_found`** — no session with this id is owned by your organization.