This guide will get your from zero to production ready with a few step
Overview
WhatsAuth provides a simple and reliable way to validate mobile phones numbers and authorize several kinds of transactions such as OTP, 2-Factor Authentication, Delivery proof, etc.
We create a unique disposable code for each transaction that you require to validate by a mobile phone number using WhatsApp Application.
The code is validated or disposed once its purpose is fulfilled or expired while keeping you or your platform informed of any changes in its status allowing you to react as your convenience.
Get Started
In order to implement WhatsAuth services in your platform you require:
Be able to request verification codes from our services on demand according to your business needs.
Be able to display the verification code to your users using the proper format (e.g. link, button, QR label, QR screen).
Be able to receive verification code status updates on a webhook in your platform with user verified information.
Usage Flow
Standard usage flow
The following steps represent an typical usage of the service to login with whatsApp
Your app requests a verification code with a GET request and parses the response to obtain the code.
Your application displays a “whatsapp button” with the unique link obtained in step 1.
The user taps on the button opening whatsApp with a preset message to be sent.
The code mesage is processed.
The user receives a response message with the result of its verification.
Your platform receives a webhook with the details of the verification including phone number and profile name.
Your app continues the regular login process with the obtained profile information.
Login flow in action
Code Generation
To get a verification code from WhatAuth API you need to make an HTTPS request providing the API key for authorization and some parameters for customization.
cURL Sample
The following cURL command you can try from your terminal
curl --location --request GET 'http://whatsauth.me/api/v1/verification_code?callback_url=https://app.mycompany.com/whatsauth \
&expires_at=10&link_message=https://app.mycompany.com/welcome \
&expiration_message=Sorry, this code expires within 10 min. Please start the process again. \
&failure_message=Oops! something went wrong please try again in a few minutes. \
&response_message=Your now validated. Welcome to MyApp! Please click the link to continue \
&authorized_numbers=%2B123456789,%2B987654321' \
--header 'Authorization: Bearer DEMOPDruierhwkfuwgkedjgh'
Parameters
Parameter (*)
Type
Description
callback_url
string
The webhook url that will receive verification status. Must implement with HTTPS POST method.
expires_at
integer
The number of minutes the verification code expires in. Minimum value is 1 minute.
authorized_numbers
array (comma separated strings)
The list of phone numbers that are allowed to validate generated code. By default any phone number is authorized.
link_message
string
Message appears on the client's screen as a part of the code message above generated code.
expiration_message
string
Message is sent to the client on intent to validate the expired code.
failure_message
string
Message is sent to the client when there is a failure in sending verification status via provided webhook.
response_message
string
Message is sent to the client as a notification of a successful validation.
qr
0 or 1
Set this parameter to 1 in case you want to receive QR code url in a response.
You can also specify default values for each parameter at the application level and skip those in the request. If you set a parameter in your request it will override the one set as default.
Verification success message
Expiration message
Failure message
Response
If the request is properly formed and authenticated you'll receive a response with a JSON like this:
Link that takes you to whatsapp web or mobile application with predefined message.
qr
String
URL of the generated QR code image for whatsapp link. When requested.
Webhook
In order to receive updated status of the verification process you will need to implement the webhook that is a URL under HTTPS protocol and POST method. There you will receive the following information in JSON format: