OpenClaw treats group chats consistently across surfaces: Discord, iMessage, Matrix, Microsoft Teams, Signal, Slack, Telegram, WhatsApp, Zalo.Documentation Index
Fetch the complete documentation index at: https://docs.openclaw.ai/llms.txt
Use this file to discover all available pages before exploring further.
Beginner intro (2 minutes)
OpenClaw “lives” on your own messaging accounts. There is no separate WhatsApp bot user. If you are in a group, OpenClaw can see that group and respond there. Default behavior:- Groups are restricted (
groupPolicy: "allowlist"). - Replies require a mention unless you explicitly disable mention gating.
- Normal final replies in groups/channels are private by default. Visible room output uses the
messagetool.
TL;DR
- DM access is controlled by
*.allowFrom. - Group access is controlled by
*.groupPolicy+ allowlists (*.groups,*.groupAllowFrom). - Reply triggering is controlled by mention gating (
requireMention,/activation).
Visible replies
For group/channel rooms, OpenClaw defaults tomessages.groupChat.visibleReplies: "message_tool".
That means the agent still processes the turn and can update memory/session state, but its normal final answer is not automatically posted back into the room. To speak visibly, the agent uses message(action=send).
This replaces the old pattern of forcing the model to answer NO_REPLY for most lurk-mode turns. In tool-only mode, doing nothing visible simply means not calling the message tool.
Typing indicators are still sent while the agent works in tool-only mode. The default group typing mode is upgraded from “message” to “instant” for these turns because there may never be normal assistant message text before the agent decides whether to call the message tool. Explicit typing-mode config still wins.
To restore legacy automatic final replies for group/channel rooms:
visibleReplies: "message_tool" and always reply visibly so the channel-native command UI gets the response it expects. This applies to validated native command turns only; text-typed /... commands and ordinary chat turns still follow the configured group default.
Context visibility and allowlists
Two different controls are involved in group safety:- Trigger authorization: who can trigger the agent (
groupPolicy,groups,groupAllowFrom, channel-specific allowlists). - Context visibility: what supplemental context is injected into the model (reply text, quotes, thread history, forwarded metadata).
Current behavior is channel-specific
Current behavior is channel-specific
- Some channels already apply sender-based filtering for supplemental context in specific paths (for example Slack thread seeding, Matrix reply/thread lookups).
- Other channels still pass quote/reply/forward context through as received.
Hardening direction (planned)
Hardening direction (planned)
contextVisibility: "all"(default) keeps current as-received behavior.contextVisibility: "allowlist"filters supplemental context to allowlisted senders.contextVisibility: "allowlist_quote"isallowlistplus one explicit quote/reply exception.
| Goal | What to set |
|---|---|
| Allow all groups but only reply on @mentions | groups: { "*": { requireMention: true } } |
| Disable all group replies | groupPolicy: "disabled" |
| Only specific groups | groups: { "<group-id>": { ... } } (no "*" key) |
| Only you can trigger in groups | groupPolicy: "allowlist", groupAllowFrom: ["+1555..."] |
Session keys
- Group sessions use
agent:<agentId>:<channel>:group:<id>session keys (rooms/channels useagent:<agentId>:<channel>:channel:<id>). - Telegram forum topics add
:topic:<threadId>to the group id so each topic has its own session. - Direct chats use the main session (or per-sender if configured).
- Heartbeats are skipped for group sessions.
Pattern: personal DMs + public groups (single agent)
Yes — this works well if your “personal” traffic is DMs and your “public” traffic is groups. Why: in single-agent mode, DMs typically land in the main session key (agent:main:main), while groups always use non-main session keys (agent:main:<channel>:group:<id>). If you enable sandboxing with mode: "non-main", those group sessions run in the configured sandbox backend while your main DM session stays on-host. Docker is the default backend if you do not choose one.
This gives you one agent “brain” (shared workspace + memory), but two execution postures:
- DMs: full tools (host)
- Groups: sandbox + restricted tools
If you need truly separate workspaces/personas (“personal” and “public” must never mix), use a second agent + bindings. See Multi-Agent Routing.
- DMs on host, groups sandboxed
- Groups see only an allowlisted folder
- Configuration keys and defaults: Gateway configuration
- Debugging why a tool is blocked: Sandbox vs Tool Policy vs Elevated
- Bind mounts details: Sandboxing
Display labels
- UI labels use
displayNamewhen available, formatted as<channel>:<token>. #roomis reserved for rooms/channels; group chats useg-<slug>(lowercase, spaces ->-, keep#@+._-).
Group policy
Control how group/room messages are handled per channel:| Policy | Behavior |
|---|---|
"open" | Groups bypass allowlists; mention-gating still applies. |
"disabled" | Block all group messages entirely. |
"allowlist" | Only allow groups/rooms that match the configured allowlist. |
Per-channel notes
Per-channel notes
groupPolicyis separate from mention-gating (which requires @mentions).- WhatsApp/Telegram/Signal/iMessage/Microsoft Teams/Zalo: use
groupAllowFrom(fallback: explicitallowFrom). - DM pairing approvals (
*-allowFromstore entries) apply to DM access only; group sender authorization stays explicit to group allowlists. - Discord: allowlist uses
channels.discord.guilds.<id>.channels. - Slack: allowlist uses
channels.slack.channels. - Matrix: allowlist uses
channels.matrix.groups. Prefer room IDs or aliases; joined-room name lookup is best-effort, and unresolved names are ignored at runtime. Usechannels.matrix.groupAllowFromto restrict senders; per-roomusersallowlists are also supported. - Group DMs are controlled separately (
channels.discord.dm.*,channels.slack.dm.*). - Telegram allowlist can match user IDs (
"123456789","telegram:123456789","tg:123456789") or usernames ("@alice"or"alice"); prefixes are case-insensitive. - Default is
groupPolicy: "allowlist"; if your group allowlist is empty, group messages are blocked. - Runtime safety: when a provider block is completely missing (
channels.<provider>absent), group policy falls back to a fail-closed mode (typicallyallowlist) instead of inheritingchannels.defaults.groupPolicy.
Mention gating (default)
Group messages require a mention unless overridden per group. Defaults live per subsystem under*.groups."*".
Replying to a bot message counts as an implicit mention when the channel supports reply metadata. Quoting a bot message can also count as an implicit mention on channels that expose quote metadata. Current built-in cases include Telegram, WhatsApp, Slack, Discord, Microsoft Teams, and ZaloUser.
Mention gating notes
Mention gating notes
mentionPatternsare case-insensitive safe regex patterns; invalid patterns and unsafe nested-repetition forms are ignored.- Surfaces that provide explicit mentions still pass; patterns are a fallback.
- Per-agent override:
agents.list[].groupChat.mentionPatterns(useful when multiple agents share a group). - Mention gating is only enforced when mention detection is possible (native mentions or
mentionPatternsare configured). - Group chat prompt context carries the resolved silent-reply instruction every turn; workspace files should not duplicate
NO_REPLYmechanics. - Groups where silent replies are allowed treat clean empty or reasoning-only model turns as silent, equivalent to
NO_REPLY. Direct chats still treat empty replies as a failed agent turn. - Discord defaults live in
channels.discord.guilds."*"(overridable per guild/channel). - Group history context is wrapped uniformly across channels and is pending-only (messages skipped due to mention gating); use
messages.groupChat.historyLimitfor the global default andchannels.<channel>.historyLimit(orchannels.<channel>.accounts.*.historyLimit) for overrides. Set0to disable.
Group/channel tool restrictions (optional)
Some channel configs support restricting which tools are available inside a specific group/room/channel.tools: allow/deny tools for the whole group.toolsBySender: per-sender overrides within the group. Use explicit key prefixes:id:<senderId>,e164:<phone>,username:<handle>,name:<displayName>, and"*"wildcard. Legacy unprefixed keys are still accepted and matched asid:only.
Example (Telegram):
Group/channel tool restrictions are applied in addition to global/agent tool policy (deny still wins). Some channels use different nesting for rooms/channels (e.g., Discord
guilds.*.channels.*, Slack channels.*, Microsoft Teams teams.*.channels.*).Group allowlists
Whenchannels.whatsapp.groups, channels.telegram.groups, or channels.imessage.groups is configured, the keys act as a group allowlist. Use "*" to allow all groups while still setting default mention behavior.
Common intents (copy/paste):
- Disable all group replies
- Allow only specific groups (WhatsApp)
- Allow all groups but require mention
- Owner-only triggers (WhatsApp)
Activation (owner-only)
Group owners can toggle per-group activation:/activation mention/activation always
channels.whatsapp.allowFrom (or the bot’s self E.164 when unset). Send the command as a standalone message. Other surfaces currently ignore /activation.
Context fields
Group inbound payloads set:ChatType=groupGroupSubject(if known)GroupMembers(if known)WasMentioned(mention gating result)- Telegram forum topics also include
MessageThreadIdandIsForum.
- BlueBubbles can optionally enrich unnamed macOS group participants from the local Contacts database before populating
GroupMembers. This is off by default and only runs after normal group gating passes.
\n sequences. Channel-sourced group names and participant labels are rendered as fenced untrusted metadata, not inline system instructions.
iMessage specifics
- Prefer
chat_id:<id>when routing or allowlisting. - List chats:
imsg chats --limit 20. - Group replies always go back to the same
chat_id.