WhatsApp Business API Setup

Complete step-by-step guide to set up WhatsApp Business API and integrate it with your Team Inbox.

TL;DR - Quick Setup

1

Create Meta Business Account

business.facebook.com → Create account → Verify email
2

Create WhatsApp App

Add App → Business type → Add WhatsApp product → Add phone number
3

Get Credentials

Copy: Access Token (System Users), Phone Number ID, Business Account ID
4

Setup Webhook

Configuration → Webhook → Add your API URL + verify token → Subscribe to messages
Total time: ~30 minutes | Cost: Free (test mode) / Pay per conversation (production) Credentials needed: Access Token, Phone Number ID, Business Account ID, Webhook Verify Token

Overview

To use WhatsApp Team Inbox, you need:

Meta Business Account

Free to create at business.facebook.com

WhatsApp Business App

Created within Meta Business Suite

Phone Number

Dedicated number for your business

API Access

Cloud API access (free tier available)

Prerequisites

Before starting, ensure you have:
A Meta (Facebook) account
A phone number not currently registered with WhatsApp (can be landline)
Business verification documents (for production use)
Admin access to create a Meta Business Account

Step 1: Create Meta Business Account

1

Go to Meta Business Suite

Visit business.facebook.com and log in with your Facebook account.
2

Create Business Portfolio

Click Create Account and follow the prompts:
  • Enter your business name
  • Provide business details
  • Add a business email
3

Verify Your Business Email

Check your email and click the verification link sent by Meta.

Step 2: Create WhatsApp Business App

1

Access App Creation

  1. In Meta Business Suite, go to Business Settings
  2. Click AccountsApps
  3. Click AddCreate a New App
2

Select App Type

Choose Business as your app type and click Next.
3

Configure App Details

  • App Name: WhatsApp Team Inbox (or your preferred name)
  • App Contact Email: Your support email
  • Business Portfolio: Select your business account
Click Create App.
4

Add WhatsApp Product

  1. In your app dashboard, find WhatsApp product
  2. Click Set Up to add WhatsApp to your app

Step 3: Configure WhatsApp Business Profile

1

Access WhatsApp Settings

Navigate to WhatsAppGetting Started in your app dashboard.
2

Add Phone Number

  1. Click Add Phone Number
  2. Enter your business phone number
  3. Choose SMS or voice call for verification
  4. Enter the verification code you receive
This phone number cannot be used with regular WhatsApp or WhatsApp Business app.
3

Set Up Business Profile

Configure your business profile:
  • Business Name: Your company name
  • Category: Select appropriate business category
  • Description: Brief about your business
  • Profile Photo: Upload your logo (640x640px recommended)
  • Address: Business address (optional)
  • Website: Your website URL

Step 4: Get API Credentials

Phone Number ID

1

Navigate to API Setup

Go to WhatsAppAPI Setup in the left sidebar.
2

Copy Phone Number ID

Find the Phone Number ID field and copy it.
# Example format:
123456789012345
Save this as WHATSAPP_PHONE_NUMBER_ID in your .env file.

Access Token

1

Create System User

  1. Go to Business SettingsUsersSystem Users
  2. Click Add and create a new system user:
    • Name: WhatsApp Team Inbox API
    • Role: Admin
2

Assign Assets

  1. Click on your system user
  2. Click Add Assets
  3. Select your WhatsApp app
  4. Enable Full Control
  5. Click Save Changes
3

Generate Access Token

  1. Click Generate New Token
  2. Select your WhatsApp app
  3. Set token expiration to Never
  4. Select permissions:
    • whatsapp_business_messaging
    • whatsapp_business_management
  5. Click Generate Token
  6. Copy and save the token immediately (it won’t be shown again)
Save this as WHATSAPP_ACCESS_TOKEN in your .env file.
Store this token securely. Never commit it to version control or expose it publicly.

Business Account ID

1

Find Business Account ID

  1. Go to Business SettingsWhatsApp Accounts
  2. Copy the WhatsApp Business Account ID
Save this as WHATSAPP_BUSINESS_ACCOUNT_ID in your .env file.

Step 5: Configure Webhook

Webhooks allow WhatsApp to send incoming messages to your Team Inbox.

Generate Verify Token

First, create a random verification token: 
openssl rand -hex 16
Save this as WHATSAPP_WEBHOOK_VERIFY_TOKEN in your .env file.

Set Up Webhook in Meta

1

Access Webhook Configuration

Go to WhatsAppConfigurationWebhook.
2

Enter Webhook Details

Callback URL: Your API endpoint for receiving webhooks
https://api.your-domain.com/api/webhook
Verify Token: The token you generated aboveClick Verify and Save.
For local development, use a tunneling service like ngrok:
ngrok http 4000
# Use the HTTPS URL: https://abc123.ngrok.io/api/webhook
3

Subscribe to Webhook Fields

Enable these webhook fields:
  • messages - Receive incoming messages
  • message_status - Receive message delivery status (sent, delivered, read)
Click Save.
4

Test Webhook Connection

Send a test message to your WhatsApp number to verify the webhook is working.Check your backend logs:
docker-compose logs -f backend
You should see incoming webhook events.

Step 6: Test Configuration

Send Test Message

Use the API Test tool in Meta Business Suite:
1

Access API Test Tool

Go to WhatsAppAPI SetupSend and receive messages.
2

Send Test Message

  1. Select a recipient phone number (can be your own number)
  2. Choose a message type (text message recommended for testing)
  3. Enter message content
  4. Click Send Message
3

Verify Receipt

Check that:
  • Message appears in WhatsApp on recipient’s phone
  • Your Team Inbox receives the message via webhook
  • Backend logs show successful webhook processing

Verify Environment Variables

Ensure all required variables are set in your .env file: 
# WhatsApp Business API
WHATSAPP_API_URL=https://graph.facebook.com/v21.0
WHATSAPP_ACCESS_TOKEN=EAAxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
WHATSAPP_PHONE_NUMBER_ID=123456789012345
WHATSAPP_BUSINESS_ACCOUNT_ID=123456789012345
WHATSAPP_WEBHOOK_VERIFY_TOKEN=your_random_token_here

API Limits & Pricing

Free Tier (Cloud API)

Test Mode

  • 5 conversations per day
  • Message template testing
  • Webhook configuration
  • Perfect for development

Business Verification Required

  • For production use
  • Higher conversation limits
  • Access to all features

Conversation-Based Pricing

WhatsApp charges per conversation (24-hour window):
TypeDescriptionPrice
Business-initiatedYou message user first~$0.005-0.10 per conversation*
User-initiatedUser messages you firstFree for 24 hours after first message
Service conversationsUtility/authenticationLower rates
*Pricing varies by country. Check WhatsApp Pricing for details.
Conversation Window: Once a conversation starts, you have 24 hours to send messages freely without additional charges.

Message Templates

For business-initiated conversations, you must use approved templates.

Create Message Template

1

Access Templates

Go to WhatsAppMessage Templates.
2

Create New Template

Click Create Template and configure:
  • Template Name: greeting_new_user (lowercase, underscores only)
  • Category: Marketing, Utility, or Authentication
  • Languages: Select languages you’ll use
  • Template Content: Your message with optional variables
Example:
Hello {{1}}, welcome to our service!
How can we help you today?
3

Submit for Approval

Submit your template for Meta review. Approval typically takes 1-24 hours.
4

Use Approved Templates

Once approved, use templates in your application:
const response = await sendWhatsAppTemplate({
  to: phoneNumber,
  template: 'greeting_new_user',
  variables: ['John']
});

Production Checklist

Before going live with WhatsApp API:
WhatsApp Business Account verified by Meta
Business display name approved
Permanent access token generated
Webhook configured and tested
Message templates created and approved
Phone number verified and tested
Webhook URL is HTTPS and publicly accessible
Environment variables configured correctly
Rate limits and pricing understood

Business Verification

For production use and higher limits:
1

Start Verification

  1. Go to Business SettingsSecurity Center
  2. Click Start Verification
2

Provide Business Information

Required documents:
  • Business registration certificate
  • Business address proof
  • Tax documents (varies by country)
  • Website or social media presence
3

Wait for Review

Meta typically reviews within 1-3 business days.You’ll receive email updates on verification status.

Common Issues & Solutions

Causes:
  • Verify token mismatch
  • Webhook URL not accessible
  • SSL certificate issues
Solutions:
  1. Ensure WHATSAPP_WEBHOOK_VERIFY_TOKEN matches in both places
  2. Test webhook URL accessibility: curl https://your-domain.com/api/webhook
  3. Verify SSL certificate is valid
Causes:
  • Webhook not subscribed to correct fields
  • Firewall blocking Meta’s IP ranges
  • Backend not processing webhook events
Solutions:
  1. Check webhook subscriptions include messages field
  2. Whitelist Meta’s webhook IPs
  3. Check backend logs: docker-compose logs backend
Causes:
  • Token was set to expire
  • Token was revoked
Solutions:
  1. Generate new token with Never expiration
  2. Update WHATSAPP_ACCESS_TOKEN in environment
  3. Restart backend: docker-compose restart backend
Causes:
  • Template not approved
  • Template name incorrect
  • Variables not matching template
Solutions:
  1. Verify template status in Meta Business Suite
  2. Check template name matches exactly (case-sensitive)
  3. Ensure variable count matches template placeholders

Security Best Practices

Critical Security Measures:
  1. Never expose access tokens
    • Don’t commit to version control
    • Use environment variables only
    • Rotate tokens periodically
  2. Verify webhook signatures
    • Validate X-Hub-Signature-256 header
    • Reject unsigned requests
  3. Use HTTPS only
    • Never use HTTP in production
    • Ensure valid SSL certificates
  4. Monitor API usage
    • Set up alerts for unusual activity
    • Review access logs regularly
  5. Limit access token permissions
    • Use minimum required scopes
    • Create separate tokens for different services

API Rate Limits

Be aware of WhatsApp API rate limits:
TierMessages/SecondCriteria
Tier 180Default for new businesses
Tier 2400After 7 days of good messaging
Tier 31,600After 14 days of good messaging
Tier 46,400After 21 days of good messaging
Quality rating and user feedback affect tier progression. Maintain high message quality to increase limits.

Monitoring & Analytics

Track your WhatsApp API usage:
1

Access Analytics

Go to WhatsAppAnalytics in Meta Business Suite.
2

Monitor Key Metrics

  • Message volume (sent/received)
  • Conversation costs
  • Template performance
  • Delivery rates
  • Quality rating
3

Set Up Alerts

Configure alerts for:
  • High message volumes
  • Quality rating drops
  • Failed deliveries
  • Cost thresholds

Next Steps

Environment Variables

Configure all required environment variables

Quick Start

Deploy your Team Inbox

Message Templates

Create and manage message templates

Going Live

Production deployment checklist

Additional Resources