Give every agent a named identity
Create separate access for Claude, Cursor, Grok, Codex, or your own framework. Each one gets clear permissions and can be revoked without touching the rest.
WAMCP pairs a real WhatsApp session once, exposes a production REST API and Streamable HTTP MCP endpoint, and lets the owner decide exactly what each agent can read, send, provision, and audit.

MCP tools for messaging, sync, notifications, and lifecycle
MCP resources for session, sync, unread notifications, and messages
typical QR or phone-code pairing flow
tenant, REST API, and MCP credentials stay scoped
For humans
The owner does not need to think in protocols. They pair WhatsApp, name the agents, choose permissions, and watch health and audit activity in one focused portal.
Create separate access for Claude, Cursor, Grok, Codex, or your own framework. Each one gets clear permissions and can be revoked without touching the rest.
Keep casual assistants read-only, allow trusted workflows to send replies, and reserve provisioning for owner-approved automation.
Use notification watching, chat retrieval, recipient resolution, quoted replies, reactions, media download, and audit checks as real production sequences.
For AI agents
Agents can discover what WAMCP is, how to connect, which credentials to use, and which actions are available without guessing from marketing copy.
POST https://wamcp.app/mcp Authorization: Bearer mcp_... MCP-Protocol-Version: 2025-11-25 Accept: application/json, text/event-stream
Platform
WAMCP connects the Whatsmeow bridge, Supabase Postgres, Realtime events, Cloudflare R2 media, REST endpoints, and MCP tools into one product surface.
Start with QR or an 8-digit phone-code flow, then poll connect status until the session is online and ready.
Use REST for tenant onboarding and direct API work, then let agents call the standard MCP endpoint at /mcp.
Agents can wait for sync, inspect health, reconnect sessions, and avoid acting while WhatsApp history is still protected.
Tenant keys, session API keys, and MCP tokens isolate partners, users, sessions, audit data, and permissions.
The account owner gets a minimal PWA for agent access, portal sign-in, passkeys, alerts, and session control.
Built on a Go Whatsmeow backend with Supabase Postgres, Realtime events, and Cloudflare R2 media storage.
How it works
Tenant keys start pairing, REST API keys manage one session, and MCP bearer tokens bind agent calls to a specific WhatsApp account.
Sensitive handoff and owner flows can require confirmation from the account owner's own WhatsApp self-chat.
Agent actions, MCP activity, invalid auth, tenant boundaries, and operational status are inspectable instead of hidden in a black box.
Start with the live connect flow, then use the portal and production skills to keep the system understandable for people and reliable for AI.