Message Template Type Authentication
If your mobile app offers users the option to receive one-time passwords or verification codes via the WhatsApp Business app, you must use an authentication template with a one-time password button (OTP) to deliver the password or code. The button can be a copy code or a one-tap autofill button.
- A Copy Code button copies the one-time password or code to the user's clipboard. The user can then manually switch to your app and paste the password or code into your app's interface.
- A one-tap autofill automatically loads and passes your app the one-time password or code.
- A zero-tap allow your users to receive one-time passwords or codes via WhatsApp without having to leave your app.
One-tap autofill buttons and zero-tap are the preferred ones as they offer the best user experience. To create an authentication template using the autofill button, you must include your app package name and app signing key hash in the component array by following the steps below:
A. Get the Package Name of Your Application
- Visit the download page of your mobile app and copy the URL id. For example: https://play.google.com/store/apps/details?id= wabis.botika.online
- Alternatively, Open your app project using Android Studio and locate the manifest file in your project, it is usually named AndroidManifest.xml.
- Within the manifest file, add the “package” line and paste the URL id you copied earlier
B. Get Signature Hash Code
- Open your terminal application. You can use the Command Prompt (Windows), Terminal (macOS), or the Linux terminal.
- Make sure you have Git Bash installed on your system. If you haven't installed Git Bash, you can download and install it from the official website: https://git-scm.com/downloads
- Determine the path to your Android app keystore file. For example, the path could be
- You need to use the sms_retriever_hash_v9.sh shell script from here to compute the hash. Place the script in a directory accessible from your terminal.
- Navigate to your script directory, then type the following command:
./hash.sh --package "YOUR_APP_PACKAGE_ID" --keystore PATH_TO_KEYSTORE, replace "YOUR_APP_PACKAGE_ID"with the package name of your app and "PATH_TO_KEYSTORE"with the path to your keystore file.
- Enter your keystore password when it’s prompted.
- The terminal will display the output, you can look for the signature hash code. It is typically indicated in the line
SMS Retriever hash code: YOUR_CODE_HASH
C. Create Authentication Template Using Autofill Button
After you get the package name of your app and the signature hash key, you can use them to create an authentication template using a one-tap autofill button.
In the body section, you can add variables to send the code and include a security disclaimer.
In the footer section, you can set the expiration time of the code and inform the user.
To use the autofill button, you can enter your package name in the Package Name field and the signature code in the Signature Hash ID field. If you using zero-tap you must accept zero-tap terms from facebook.note: if the hash id and package name are invalid then the button type automatically becomes copy code
You also need to add sample content to help Facebook understand the content during the review process.