Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/wppconnect-team/wa-js/llms.txt

Use this file to discover all available pages before exploring further.

The WPP.privacy module lets you read and update all WhatsApp privacy settings for the connected account programmatically. Settings control visibility of last seen timestamps, online presence, profile picture, about text, status stories, and read receipts, as well as who is permitted to add you to group chats. For settings that support a contact exception list (contact_blacklist), a separate disallowed-list API lets you manage individual contact exclusions.

Privacy values reference

Most functions accept a value string from a fixed set of options. The table below explains what each value means.
ValueDescription
allVisible to everyone — both contacts and non-contacts.
contactsVisible only to phone contacts saved in your address book.
contact_blacklistVisible to your contacts, except contacts on the disallowed list.
noneHidden from everyone.
match_last_seenMirrors the audience of your “last seen” setting. Only valid for setOnline.
contact_blacklist requires you to manage the disallowed list via getDisallowedList(). When you pass contact_blacklist and the list parameter, entries use { id, action } objects where action is either "add" or "remove".

Functions

get()

Returns all current privacy settings as a single object. Useful for auditing the current configuration before making changes. Signature 
get(): Promise<{
  about: string;
  callAdd: string;
  groupAdd: string;
  lastSeen: string;
  online: string;
  profilePicture: string;
  readReceipts: string;
  status: string;
}>
ReturnsPromise<object> — an object containing the current value for each privacy category. Example 
const settings = await WPP.privacy.get();
console.log(settings);
// {
//   about: 'contacts',
//   callAdd: 'all',
//   groupAdd: 'contacts',
//   lastSeen: 'contacts',
//   online: 'match_last_seen',
//   profilePicture: 'contacts',
//   readReceipts: 'all',
//   status: 'contact'
// }

setLastSeen(value, disallowedList?)

Controls who can see the “last seen” timestamp on your profile. Signature 
setLastSeen(
  value: 'all' | 'contacts' | 'contact_blacklist' | 'none',
  disallowedList?: { id: string; action: 'add' | 'remove' }[]
): Promise<'all' | 'contacts' | 'contact_blacklist' | 'none'>
value
string
required
The new last seen visibility. Must be one of all, contacts, contact_blacklist, or none.
disallowedList
object[]
Required when value is contact_blacklist. Each entry specifies a contact to add to or remove from the exception list.
ReturnsPromise<string> — the new active value as confirmed by WhatsApp. Examples 
// Hide last seen from everyone
await WPP.privacy.setLastSeen('none');

// Show last seen to all contacts, except specific ones
await WPP.privacy.setLastSeen('contact_blacklist', [
  { id: '15550001234@c.us', action: 'add' },
  { id: '15550005678@c.us', action: 'add' },
]);

setOnline(value)

Controls who can see when you are currently online (the “online” indicator). Signature 
setOnline(
  value: 'all' | 'match_last_seen'
): Promise<'all' | 'match_last_seen'>
value
string
required
Must be all (everyone sees your online status) or match_last_seen (online visibility mirrors your last seen audience).
ReturnsPromise<string> — the new active value.
Setting online to match_last_seen is the WhatsApp-recommended way to keep both settings consistent: if someone cannot see your last seen, they will also not see when you are online.
Examples 
// Allow everyone to see online status
await WPP.privacy.setOnline('all');

// Mirror the last seen audience
await WPP.privacy.setOnline('match_last_seen');

setProfilePic(value, disallowedList?)

Controls who can see your profile picture. Signature 
setProfilePic(
  value: 'all' | 'contacts' | 'contact_blacklist' | 'none',
  disallowedList?: { id: string; action: 'add' | 'remove' }[]
): Promise<'all' | 'contacts' | 'contact_blacklist' | 'none'>
value
string
required
The new profile picture visibility. Must be one of all, contacts, contact_blacklist, or none.
disallowedList
object[]
Required when value is contact_blacklist. Uses the same { id, action } format as setLastSeen.
ReturnsPromise<string> — the new active value. Examples 
// Hide profile picture from non-contacts
await WPP.privacy.setProfilePic('contacts');

// Hide from everyone
await WPP.privacy.setProfilePic('none');

// Contacts only, but exclude specific contacts
await WPP.privacy.setProfilePic('contact_blacklist', [
  { id: '15550001234@c.us', action: 'add' },
]);

setReadReceipts(value)

Enables or disables read receipts (the blue double-tick that tells senders you have read their message). Signature 
setReadReceipts(
  value: 'all' | 'none'
): Promise<'all' | 'none'>
value
string
required
all enables read receipts; none disables them.
ReturnsPromise<string> — the new active value.
When read receipts are disabled (none), you also lose the ability to see read receipts from other accounts that have the setting enabled. This is a WhatsApp-level mutual restriction.
Examples 
// Disable blue ticks
await WPP.privacy.setReadReceipts('none');

// Re-enable blue ticks
await WPP.privacy.setReadReceipts('all');

setStatus(value, list?)

Controls who can see your WhatsApp Status stories. This function uses a different set of values from the other setter functions, reflecting how WhatsApp models status story privacy internally. Signature 
setStatus(
  value: 'contact' | 'allow-list' | 'deny-list',
  list?: string[] | Wid[]
): Promise<'contact' | 'allow-list' | 'deny-list'>
value
string
required
The new status story visibility mode.
ValueDescription
contactVisible to all your contacts.
allow-listVisible only to the contacts in list.
deny-listVisible to all contacts except those in list.
list
string[]
Required when value is allow-list or deny-list. Array of WhatsApp IDs in [number]@c.us format.
ReturnsPromise<string> — the new active value. Examples 
// Share status with all contacts
await WPP.privacy.setStatus('contact');

// Share status only with a specific allow list
await WPP.privacy.setStatus('allow-list', [
  '15550001234@c.us',
  '15550005678@c.us',
]);

// Share with everyone except a deny list
await WPP.privacy.setStatus('deny-list', [
  '15550009999@c.us',
]);

setAbout(value, disallowedList?)

Controls who can see your “about” text (the short bio on your profile). Signature 
setAbout(
  value: 'all' | 'contacts' | 'contact_blacklist' | 'none',
  disallowedList?: { id: string; action: 'add' | 'remove' }[]
): Promise<'all' | 'contacts' | 'contact_blacklist' | 'none'>
value
string
required
The new about text visibility. Must be one of all, contacts, contact_blacklist, or none.
disallowedList
object[]
Required when value is contact_blacklist. Uses the same { id, action } format as setLastSeen.
ReturnsPromise<string> — the new active value. Examples 
// Hide about text from everyone
await WPP.privacy.setAbout('none');

// Show about to contacts, except specific ones
await WPP.privacy.setAbout('contact_blacklist', [
  { id: '15550001234@c.us', action: 'add' },
]);

setAddGroup(value, disallowedList?)

Controls who is permitted to add you to WhatsApp group chats. Signature 
setAddGroup(
  value: 'all' | 'contacts' | 'contact_blacklist',
  disallowedList?: { id: string; action: 'add' | 'remove' }[]
): Promise<'all' | 'contacts' | 'contact_blacklist'>
value
string
required
The new group-add permission. Must be one of all, contacts, or contact_blacklist. Note: none is not a valid value for this setting — use contacts for the most restrictive option without a blacklist.
disallowedList
object[]
Required when value is contact_blacklist. Uses the same { id, action } format as setLastSeen.
ReturnsPromise<string> — the new active value. Examples 
// Allow only contacts to add you to groups
await WPP.privacy.setAddGroup('contacts');

// Allow contacts, but exclude specific contacts
await WPP.privacy.setAddGroup('contact_blacklist', [
  { id: '15550001234@c.us', action: 'add' },
]);

// Remove a contact from the blacklist (re-allow them)
await WPP.privacy.setAddGroup('contact_blacklist', [
  { id: '15550001234@c.us', action: 'remove' },
]);

getDisallowedList(type)

Returns the list of contacts currently on the disallowed (blacklist) for a given privacy category. This list is used when the corresponding setting is contact_blacklist. Signature 
getDisallowedList(
  type: 'last' | 'profile' | 'status' | 'groupadd'
): Promise<string[] | null>
type
string
required
The privacy category to query. Must be one of the following string values:
ValuePrivacy setting
lastLast seen
profileProfile picture
statusAbout text
groupaddGroup add
ReturnsPromise<string[] | null> — an array of WhatsApp IDs ([number]@c.us format) on the disallowed list, or null if no list exists for that category.
If the corresponding privacy setting is not currently set to contact_blacklist, the disallowed list may be null or empty. The list is only active when the setting value is contact_blacklist.
Examples 
// Get contacts excluded from seeing your last seen
const lastSeenBlacklist = await WPP.privacy.getDisallowedList('last');
console.log(lastSeenBlacklist);
// ['15550001234@c.us', '15550005678@c.us']

// Get contacts excluded from seeing your profile picture
const picBlacklist = await WPP.privacy.getDisallowedList('profile');

// Get contacts excluded from seeing your about text
const aboutBlacklist = await WPP.privacy.getDisallowedList('status');

// Get contacts blocked from adding you to groups
const groupBlacklist = await WPP.privacy.getDisallowedList('groupadd');

Full privacy audit and lockdown example

The following example reads the current settings, then applies a privacy-first configuration that hides as much as possible: 
// Step 1: Audit current settings
const current = await WPP.privacy.get();
console.log('Current settings:', current);

// Step 2: Apply privacy-first configuration
await WPP.privacy.setLastSeen('none');
await WPP.privacy.setOnline('match_last_seen');
await WPP.privacy.setProfilePic('contacts');
await WPP.privacy.setAbout('contacts');
await WPP.privacy.setReadReceipts('none');
await WPP.privacy.setAddGroup('contacts');
await WPP.privacy.setStatus('contact');

// Step 3: Confirm the new settings
const updated = await WPP.privacy.get();
console.log('Updated settings:', updated);

Managing the contact blacklist

Use contact_blacklist together with getDisallowedList to maintain a fine-grained exception list on any supported setting: 
// Add two contacts to the last seen blacklist
await WPP.privacy.setLastSeen('contact_blacklist', [
  { id: '15550001111@c.us', action: 'add' },
  { id: '15550002222@c.us', action: 'add' },
]);

// Inspect the current blacklist
const list = await WPP.privacy.getDisallowedList('last');
console.log('Blocked from last seen:', list);

// Later, remove one contact from the blacklist
await WPP.privacy.setLastSeen('contact_blacklist', [
  { id: '15550001111@c.us', action: 'remove' },
]);
When calling a setter with contact_blacklist and passing an empty or omitted disallowedList, the library reuses the existing list stored on the server. Only pass disallowedList entries when you want to make changes to the list.

Build docs developers (and LLMs) love

Get started for freeTalk to us