Zalo Personal Account

OpenClaw Zalo Personal Account plugin via native zca-js integration.

The Zalo Personal Account plugin connects OpenClaw to your personal Zalo account using the zca-js library, letting your AI agent chat through the same Zalo identity you use daily. Unlike the @openclaw/zalo plugin (which requires a Zalo Official Account), this plugin operates through your personal account — no business registration or OA verification needed. Under the hood, zca-js reverse-engineers Zalo's personal messaging protocol to enable programmatic access. This means the plugin can send and receive messages, handle images, and interact with your existing Zalo contacts directly. The tradeoff is that this operates in an unofficial capacity — Zalo doesn't provide a sanctioned personal account API, so there's inherent risk of account restrictions if Zalo detects automated behavior. With 1,072 weekly downloads, this plugin serves the Vietnamese OpenClaw community who prefer using their personal Zalo account as an AI assistant interface rather than setting up a separate Official Account. It's the personal counterpart to @openclaw/zalo, covering the other half of the Zalo integration story. Best for Vietnamese users who want a personal AI assistant inside their everyday Zalo conversations. Not recommended for business-facing bots (use @openclaw/zalo OA for that) or if you're risk-averse about unofficial API usage.

Tags: channel, messaging, regional

Use Cases

  • Personal AI assistant accessible through your existing Zalo conversations — no separate app needed
  • Vietnamese developer's daily AI helper integrated into Zalo where friends and colleagues already message
  • Quick-setup AI chatbot for personal use without the overhead of Official Account registration
  • Automated smart replies and information lookup through personal Zalo messages

Tips

  • Use a secondary Zalo account dedicated to your AI assistant to protect your primary account
  • Extract cookies using browser DevTools (Application > Cookies) from the Zalo web client
  • Set selfListen to false to avoid the bot responding to its own messages
  • Monitor for auth failures in gateway logs — a cookie refresh is needed when you see login errors
  • Keep message frequency reasonable to avoid triggering Zalo's anti-automation detection
  • Pair with the OA plugin if you need both personal and business Zalo access from the same OpenClaw instance

Known Issues & Gotchas

  • Cookie-based auth means you need to extract authentication cookies from a logged-in Zalo web session — they expire and need refreshing
  • Don't use this on your primary Zalo account if you can't afford to lose it — use a secondary account for safety
  • If you log into Zalo on another device, the cookie session may be invalidated and the plugin stops working
  • The zca-js library is community-maintained and may break when Zalo updates their protocol
  • Don't confuse this with @openclaw/zalo — that one uses Official Account API and is the business-grade option
  • Aggressive messaging patterns (high volume, rapid responses) increase the risk of Zalo flagging your account

Alternatives

  • @openclaw/zalo
  • WhatsApp (built-in)
  • Telegram (built-in)

Community Feedback

Between @openclaw/zalo (OA) and @openclaw/zalouser (personal), you've got both sides covered. OA for business, personal for your own assistant.

— OpenClaw Community

The personal Zalo plugin is way easier to set up than OA — no business verification, just grab your cookie and go. But watch out for Zalo banning automated accounts.

— OpenClaw Community

Frequently Asked Questions

How do I get the Zalo cookie for authentication?

Log into Zalo Web (chat.zalo.me) in your browser, open DevTools (F12), go to Application > Cookies, and copy the relevant cookie values. These authenticate the plugin as your personal Zalo session.

Will Zalo ban my account for using this plugin?

There's a risk. The plugin uses unofficial API access via zca-js. Zalo may detect automated behavior and restrict your account. Use a secondary account and keep message patterns natural to minimize risk.

What's the difference between @openclaw/zalouser and @openclaw/zalo?

@openclaw/zalouser connects through your personal Zalo account via zca-js (unofficial). @openclaw/zalo uses the Official Account API (official, business-grade). Personal is easier to set up but riskier; OA is stable but requires business verification.

How often do I need to refresh the cookie?

Cookies typically last days to weeks depending on Zalo's session management. When the plugin starts failing with auth errors, extract a fresh cookie from the Zalo web client. Monitor gateway logs for early warning signs.

Can I use both the personal and OA Zalo plugins simultaneously?

Yes, you can run both plugins on the same OpenClaw instance. The personal plugin handles your own conversations while the OA plugin handles business/customer interactions through a separate Zalo Official Account.

Configuration Examples

Basic Personal Zalo Setup

channels:
  zalouser:
    enabled: true
    cookie: ${ZALO_COOKIE}
    selfListen: false

Zalo Personal with Contact Allowlist

channels:
  zalouser:
    enabled: true
    cookie: ${ZALO_COOKIE}
    selfListen: false
    dm:
      policy: allowlist
    allowFrom:
      - '84901234567'

Installation

openclaw plugins install @openclaw/zalouser