Session Management

Logout Session

Logs the instance out of WhatsApp. This removes the paired device link but keeps the instance alive in a 'SCAN_QR_CODE' state.

POST
https://api.wawp.net/v2/session/logout?access_token=YOUR_ACCESS_TOKEN&instance_id=Your_Instance_ID

Authentication Required

Login to swap the placeholders with your real Instance ID and Access Token.

Log In
Test /v2/session/logout endpoint
POSTGET

No query parameters required

This endpoint doesn't expect data in the URL.

Best practices

  • Use this endpoint to allow users to switch accounts easily.

  • Always confirm with the user before logging out, as they will need physical access to the phone to reconnect.

Starting Fresh: The Deep Dive into /v2/session/logout

The /v2/session/logout endpoint is a critical component of session lifecycle management. It is not merely a "disconnect" button; it is a specialized command that communicates directly with WhatsApp's official servers to signal a clean Unpairing (Unlinking) of the device. Mastering this endpoint is the key to building secure, multi-account, and user-friendly automation platforms.

🏗️ The Technical Orchestration of a Logout

When you trigger a logout, Wawp executes a series of coordinated steps across our infrastructure:

  1. Unlink Signal: The engine sends a specific "Unpair" message to the WhatsApp WebSocket. This ensures that the device is instantly removed from the "Linked Devices" list on the user's mobile phone.
  2. State Purge: The isolated container wipes the current encryption keys and session tokens from its active memory, ensuring no unauthorized access can persist.
  3. Transition to Scan: The instance is not deleted. Instead, it transitions immediately from WORKING to SCAN_QR_CODE, effectively returning the session to "Square One" and making it ready for a fresh link.
  4. Configuration Retention: Importantly, all your instance-level settings (like Webhook URLs or Proxy configurations) remain intact. Only the WhatsApp identity is removed.

🛡️ Strategic Best Practices

1. The "Account Switching" Pattern

Logout is the correct way to handle situations where a user wants to change the WhatsApp number associated with an instance.

  • The Workflow: Do not delete the instance and create a new one. Simply call logout. This preserves the instance_id and the API endpoint structure in your own backend while allowing the user to scan a different phone.

2. Security and Data Privacy

In any SaaS platform, security is paramount.

  • The Best Practice: Encourage your users to use the "Log Out" button whenever they are performing a security audit or decommissioning a specific employee's dashboard access. This provides them with peace of mind that the link has been truly severed at the protocol level.

3. Graceful Handling of Sudden Disconnects

Users can manually log out of your session directly from their mobile app's "Linked Devices" settings.

  • The Strategy: Your application should listen for the DISCONNECTED or LOGOUT event via our status webhooks. When this occurs, you should update your UI to show a "Disconnected" state and prompt the user to re-scan the QR code.

💡 Industry-Standard Use Cases

A. Team Rotation Dashboards

If you manage a business where different agents use the same WhatsApp number at different times of the day, you can use logout to ensure that a previous agent's session is completely terminated before the next agent takes over.

B. Self-Service Troubleshooting

Add a "Reset Connection" button in your user settings. Often, if a user experiences message delivery delays or sync issues, a clean logout and re-link will reset the internal WhatsApp state and solve the problem without requiring manual support intervention.

⚠️ Common Pitfalls and Troubleshooting

Sync Latency

Occasionally, the WhatsApp mobile app might continue to show the "Linked Device" as active for a few seconds after the API call. This is due to internal WhatsApp sync latency. Rest assured, the API has severed the link, and the phone's UI will eventually catch up.

Calling Logout on a Stopped Session

You cannot execute a clean protocol logout if the engine is STOPPED.

  • Fix: The engine must be in a STARTING or WORKING state to communicate the logout signal to WhatsApp. If the session is stopped, you must call /v2/session/start first, or simply perform a /v2/session/delete if you wish to wipe everything.

Summary of Capabilities:

  • Sever the secure link with the WhatsApp mobile app.
  • Transition the instance to a state ready for a fresh QR scan.
  • Ensure data privacy by purging encryption keys from memory.
  • Provide a clean "Start Over" mechanism without losing instance configurations.

Request Parameters

Configure the parameters required to interact with this endpoint. All query and body arguments are listed below with their details.

Request Body

Sent as a JSON object
string

The ID of the instance to logout

Example:
string

Your API Access Token

Example:

Request Samples

Use these ready-to-go code snippets to integrate our API into your project quickly and efficiently. Choose your preferred language and library.

1const baseUrl = "https://api.wawp.net";
2const endpoint = "/v2/session/logout";
3const params = new URLSearchParams({
4  "instance_id": "Your_Instance_ID",
5  "access_token": "YOUR_ACCESS_TOKEN"
6}).toString();
7
8
9fetch(`${baseUrl}${endpoint}${params ? '?' + params : ''}`, {
10  method: "POST",
11  headers: { "Content-Type": "application/json" },
12  
13})
14  .then(async (response) => {
15    if (response.ok) {
16      const data = await response.json();
17      console.log("Success:", data);
18      return data;
19    }
20    
21    // Error Handling
22    if (response.status === 400) {
23      console.error("Error 400: Bad Request - Missing Required Parameter(s)");
24    }
25    if (response.status === 400) {
26      console.error("Error 400: Bad Request (XML Format)");
27    }
28    if (response.status === 400) {
29      console.error("Error 400: Bad Request (Plain Text)");
30    }
31    if (response.status === 401) {
32      console.error("Error 401: Unauthorized - Invalid or Missing Access Token");
33    }
34    if (response.status === 401) {
35      console.error("Error 401: Unauthorized (XML Format)");
36    }
37    if (response.status === 404) {
38      console.error("Error 404: Not Found - Session Does Not Exist");
39    }
40    if (response.status === 404) {
41      console.error("Error 404: Not Found (XML Format)");
42    }
43    if (response.status === 500) {
44      console.error("Error 500: Internal Server Error - Unexpected Failure");
45    }
46    if (response.status === 500) {
47      console.error("Error 500: Internal Server Error (HTML)");
48    }
49    if (response.status === 502) {
50      console.error("Error 502: Bad Gateway - Connection Failed to Upstream");
51    }
52    if (response.status === 502) {
53      console.error("Error 502: Bad Gateway (XML Format)");
54    }
55
56    const errorText = await response.text();
57    console.error(`Error ${response.status}: ${errorText}`);
58  })
59  .catch((error) => console.error("Network Error:", error));
Interactive Samples
Ln 59, Col 1javascript

Expected Responses

Explore all possible responses and outcomes from the server. We have documented each status code with data examples to make success and error handling easier.

Success - Logged Out
Type:
application/json
string *
string *
string *

Example

{
"name": "wawp-84729105",
"status": "SCAN_QR_CODE",
"instance_id": "3EB0BCB2E3D4"
}
Bad Request - Missing Required Parameter(s)
Unauthorized - Invalid or Missing Access Token
Not Found - Session Does Not Exist
Internal Server Error - Unexpected Failure
Bad Gateway - Connection Failed to Upstream
Previous TopicRestart Session
Next TopicDelete Session

Command Palette

Search for a command to run...