openclaw
diff --git a/‎docs/channels/whatsapp.md‎
Lines changed: 32 additions & 0 deletions b/‎docs/channels/whatsapp.md‎
Lines changed: 32 additions & 0 deletions
diff --git a/‎docs/tools/exec-approvals-advanced.md‎
Lines changed: 70 additions & 0 deletions b/‎docs/tools/exec-approvals-advanced.md‎
Lines changed: 70 additions & 0 deletions
diff --git a/‎extensions/whatsapp/src/approval-auth.test.ts‎
Lines changed: 40 additions & 3 deletions b/‎extensions/whatsapp/src/approval-auth.test.ts‎
Lines changed: 40 additions & 3 deletions
diff --git a/‎extensions/whatsapp/src/approval-auth.ts‎
Lines changed: 46 additions & 10 deletions b/‎extensions/whatsapp/src/approval-auth.ts‎
Lines changed: 46 additions & 10 deletions
@@ -175,6 +175,38 @@ handoff path over manual terminal capture.
 - WhatsApp Web transport honors standard proxy environment variables on the gateway host (`HTTPS_PROXY`, `HTTP_PROXY`, `NO_PROXY` / lowercase variants). Prefer host-level proxy config over channel-specific WhatsApp proxy settings.
 - When `messages.removeAckAfterReply` is enabled, OpenClaw clears the WhatsApp ack reaction after a visible reply is delivered.
 
+## Approval prompts
+
+WhatsApp can render exec and plugin approval prompts with `👍` / `👎` reactions. Delivery is
+controlled by the top-level approval forwarding config:
+
+```json5
+{
+  approvals: {
+    exec: {
+      enabled: true,
+      mode: "session",
+    },
+    plugin: {
+      enabled: true,
+      mode: "targets",
+      targets: [{ channel: "whatsapp", to: "+15551234567" }],
+    },
+  },
+}
+```
+
+`approvals.exec` and `approvals.plugin` are independent. Enabling WhatsApp as a channel only links
+the transport; it does not send approval prompts unless the matching approval family is enabled
+and routes to WhatsApp. Session mode delivers native emoji approvals only for approvals that
+originate from WhatsApp. Target mode uses the shared forwarding pipeline for explicit WhatsApp
+targets and does not create separate approver-DM fanout.
+
+WhatsApp approval reactions require explicit WhatsApp approvers from `allowFrom` or `"*"`.
+`defaultTo` controls ordinary default message targets; it is not an approval approver. Manual
+`/approve` commands still pass through the normal WhatsApp sender authorization path before
+approval resolution.
+
 ## Plugin hooks and privacy
 
 WhatsApp inbound messages can contain personal message content, phone numbers,
 
@@ -279,6 +279,8 @@ Generic model:
 - Slack plugin approvals can use Slack's native approval client when the request comes from Slack
   and Slack plugin approvers resolve; `approvals.plugin` can also route plugin approvals to Slack
   sessions or targets even when Slack exec approvals are disabled
+- WhatsApp emoji approval delivery is gated by `approvals.exec` and `approvals.plugin`, while
+  approval reactions require explicit WhatsApp approvers from `channels.whatsapp.allowFrom` or `"*"`
 
 Native approval clients auto-enable DM-first delivery when all of these are true:
 
@@ -296,6 +298,7 @@ FAQ: [Why are there two exec approval configs for chat approvals?](/help/faq-fir
 - Discord: `channels.discord.execApprovals.*`
 - Slack: `channels.slack.execApprovals.*`
 - Telegram: `channels.telegram.execApprovals.*`
+- WhatsApp: use `approvals.exec` and `approvals.plugin` to route approval prompts to WhatsApp
 
 These native approval clients add DM routing and optional channel fanout on top of the shared
 same-chat `/approve` flow and shared approval buttons.
@@ -313,6 +316,9 @@ Shared behavior:
   routing, not Slack exec approvers
 - Slack native buttons preserve approval id kind, so `plugin:` ids can resolve plugin approvals
   without a second Slack-local fallback layer
+- WhatsApp emoji approvals handle both exec and plugin prompts only when the matching top-level
+  forwarding family is enabled and routes to WhatsApp; target-only WhatsApp forwarding stays on
+  the shared forwarding path unless it matches the same native origin target
 - Matrix native DM/channel routing and reaction shortcuts handle both exec and plugin approvals;
   plugin authorization still comes from `channels.matrix.dm.allowFrom`
 - Matrix native prompts include `com.openclaw.approval` custom event content on the first prompt
@@ -358,6 +364,70 @@ Security notes:
 - Same-UID peer check.
 - Challenge/response (nonce + HMAC token + request hash) + short TTL.
 
+## FAQ
+
+### When would `accountId` and `threadId` be used on an approval target?
+
+Use `accountId` when the channel has multiple configured identities and the approval prompt must
+leave through one specific account. Use `threadId` when the destination supports topics or
+threads and the prompt should stay inside that thread instead of the top-level chat.
+
+A concrete Telegram case is an operations supergroup with forum topics and two Telegram bot
+accounts. The `to` value names the supergroup, `accountId` selects the bot account, and `threadId`
+selects the forum topic:
+
+```json5
+{
+  approvals: {
+    exec: {
+      enabled: true,
+      mode: "targets",
+      targets: [
+        {
+          channel: "telegram",
+          to: "-1001234567890",
+          accountId: "ops-bot",
+          threadId: "77",
+        },
+      ],
+    },
+  },
+  channels: {
+    telegram: {
+      accounts: {
+        default: {
+          name: "Primary bot",
+          botToken: "env:TELEGRAM_PRIMARY_BOT_TOKEN",
+        },
+        "ops-bot": {
+          name: "Operations bot",
+          botToken: "env:TELEGRAM_OPS_BOT_TOKEN",
+        },
+      },
+    },
+  },
+}
+```
+
+With that setup, forwarded exec approvals are posted by the `ops-bot` Telegram account into topic
+`77` of chat `-1001234567890`. A target without `accountId` uses the channel's default account, and
+a target without `threadId` posts to the top-level destination.
+
+### When approvals are sent to a session, can anyone in that session approve them?
+
+No. Session delivery only controls where the prompt appears. It does not by itself authorize every
+participant in that chat to approve.
+
+For generic same-chat `/approve`, the sender must already be authorized for commands in that
+channel session. If the channel exposes explicit approval approvers, those approvers can authorize
+the `/approve` action even when they are not otherwise command-authorized in that session.
+
+Some channels are stricter. Discord, Telegram, Matrix, Slack native approval DMs, and similar
+native approval clients use their resolved approver lists for approval authorization. For example,
+a Telegram forum-topic approval prompt can be visible to everyone in the topic, but only numeric
+Telegram user IDs resolved from `channels.telegram.execApprovals.approvers` or
+`commands.ownerAllowFrom` can approve or deny it.
+
 ## Related
 
 - [Exec approvals](/tools/exec-approvals) — core policy and approval flow
 
@@ -1,8 +1,8 @@
 import { describe, expect, it } from "vitest";
-import { whatsappApprovalAuth } from "./approval-auth.js";
+import { getWhatsAppApprovalApprovers, whatsappApprovalAuth } from "./approval-auth.js";
 
 describe("whatsappApprovalAuth", () => {
-  it("authorizes direct WhatsApp recipients and ignores groups", () => {
+  it("authorizes direct WhatsApp recipients and ignores group entries", () => {
     expect(
       whatsappApprovalAuth.authorizeActorAction({
         cfg: { channels: { whatsapp: { allowFrom: ["+1 (555) 123-0000"] } } },
@@ -13,12 +13,49 @@ describe("whatsappApprovalAuth", () => {
     ).toEqual({ authorized: true });
 
     expect(
-      whatsappApprovalAuth.authorizeActorAction({
+      getWhatsAppApprovalApprovers({
         cfg: { channels: { whatsapp: { allowFrom: ["12345-67890@g.us"] } } },
+      }),
+    ).toEqual([]);
+
+    expect(
+      whatsappApprovalAuth.authorizeActorAction({
+        cfg: { channels: { whatsapp: { allowFrom: ["+15551230000"] } } },
         senderId: "+15551239999",
         action: "approve",
         approvalKind: "exec",
       }),
+    ).toEqual({
+      authorized: false,
+      reason: "❌ You are not authorized to approve exec requests on WhatsApp.",
+    });
+  });
+
+  it("does not treat defaultTo as an explicit approval approver", () => {
+    expect(
+      getWhatsAppApprovalApprovers({
+        cfg: { channels: { whatsapp: { allowFrom: [], defaultTo: "+15551230000" } } },
+      }),
+    ).toEqual([]);
+
+    expect(
+      whatsappApprovalAuth.authorizeActorAction({
+        cfg: { channels: { whatsapp: { allowFrom: [], defaultTo: "+15551230000" } } },
+        senderId: "+15551230000",
+        action: "approve",
+        approvalKind: "exec",
+      }),
+    ).toEqual({ authorized: true });
+  });
+
+  it("supports explicit wildcard approval approvers", () => {
+    expect(
+      whatsappApprovalAuth.authorizeActorAction({
+        cfg: { channels: { whatsapp: { allowFrom: ["*"] } } },
+        senderId: "+15551230000",
+        action: "approve",
+        approvalKind: "plugin",
+      }),
     ).toEqual({ authorized: true });
   });
 });
@@ -5,23 +5,59 @@ import {
 import { resolveWhatsAppAccount } from "./accounts.js";
 import { normalizeWhatsAppTarget } from "./normalize.js";
 
-function normalizeWhatsAppApproverId(value: string | number): string | undefined {
+type ApprovalKind = "exec" | "plugin";
+
+export function normalizeWhatsAppApproverId(value: string | number): string | undefined {
   const normalized = normalizeWhatsAppTarget(String(value));
   if (!normalized || normalized.endsWith("@g.us")) {
     return undefined;
   }
   return normalized;
 }
 
-export const whatsappApprovalAuth = createResolvedApproverActionAuthAdapter({
+function normalizeWhatsAppApproverEntry(value: string | number): string | undefined {
+  return String(value).trim() === "*" ? "*" : normalizeWhatsAppApproverId(value);
+}
+
+export function getWhatsAppApprovalApprovers(params: {
+  cfg: Parameters<typeof resolveWhatsAppAccount>[0]["cfg"];
+  accountId?: string | null;
+}): string[] {
+  const account = resolveWhatsAppAccount({ cfg: params.cfg, accountId: params.accountId });
+  return resolveApprovalApprovers({
+    allowFrom: account.allowFrom,
+    normalizeApprover: normalizeWhatsAppApproverEntry,
+  });
+}
+
+const whatsappResolvedApproverAuth = createResolvedApproverActionAuthAdapter({
   channelLabel: "WhatsApp",
-  resolveApprovers: ({ cfg, accountId }) => {
-    const account = resolveWhatsAppAccount({ cfg, accountId });
-    return resolveApprovalApprovers({
-      allowFrom: account.allowFrom,
-      defaultTo: account.defaultTo,
-      normalizeApprover: normalizeWhatsAppApproverId,
-    });
-  },
+  resolveApprovers: ({ cfg, accountId }) => getWhatsAppApprovalApprovers({ cfg, accountId }),
   normalizeSenderId: (value) => normalizeWhatsAppApproverId(value),
 });
+
+export const whatsappApprovalAuth = {
+  authorizeActorAction({
+    cfg,
+    accountId,
+    senderId,
+    approvalKind,
+  }: {
+    cfg: Parameters<typeof resolveWhatsAppAccount>[0]["cfg"];
+    accountId?: string | null;
+    senderId?: string | null;
+    action: "approve";
+    approvalKind: ApprovalKind;
+  }) {
+    if (getWhatsAppApprovalApprovers({ cfg, accountId }).includes("*")) {
+      return { authorized: true } as const;
+    }
+    return whatsappResolvedApproverAuth.authorizeActorAction({
+      cfg,
+      accountId,
+      senderId,
+      action: "approve",
+      approvalKind,
+    });
+  },
+};