search
No-code docs

Authentication Templates

Authentication templates are purpose-built for sending one-time passwords (OTPs) and verification codes. They include a predefined message structure with security disclaimers, code expiration, and a copy-code button. Meta provides optimized delivery for authentication templates with higher throughput.

circle-info

Authentication templates must use the AUTHENTICATION category in the deployments. Meta enforces strict content rules for this category -- the template cannot include marketing or promotional content.

hashtag
Block Structure

An authentication template uses two required blocks:

Block
Required
Description

Authentication body

Yes

Auto-generated message with OTP code, security disclaimer, and expiration

Authentication action

Yes

Copy-code button, with optional one-tap or zero-tap auto-fill

Authentication templates do not support custom headers, footers, or additional buttons.

hashtag
Authentication Body

The authentication body block auto-generates the message content. You control the security disclaimer and expiration behavior -- Meta handles the actual message wording.

{
  "type": "authentication-body",
  "authenticationBody": {
    "addSecurityDisclaimer": true,
    "expirationTime": 30
  }
}
Property
Required
Type
Description

addSecurityDisclaimer

Yes

boolean

Whether to include a "Do not share this code" security warning

expirationTime

Yes (nullable)

integer (1--90) or null

Number of minutes before the code expires. If set to a number, the message includes an expiration notice. Set to null to omit the expiration.

messageSendTtlSeconds

No

integer (1--86400)

Seconds after which the message itself expires and will not be delivered. Useful for time-sensitive codes.

hashtag
Security disclaimer

When addSecurityDisclaimer is true, Meta appends a message like: "For your security, do not share this code."

hashtag
Code expiration

When expirationTime is set (e.g., 30), Meta appends a message like: "This code expires in 30 minutes."

hashtag
Message TTL

The messageSendTtlSeconds field controls how long WhatsApp will attempt to deliver the message. If the message cannot be delivered within this window, it is discarded. This prevents stale OTPs from arriving after the code has already expired.

hashtag
Authentication Action

The authentication action creates the copy-code button and optionally configures one-tap or zero-tap auto-fill for mobile devices.

hashtag
Standard copy code

The simplest authentication action -- a "Copy code" button:

hashtag
One-tap auto-fill (Android)

One-tap authentication allows Android users to auto-fill the code with a single tap, without manually copying. Falls back to standard copy on iOS.

Property
Required
Description

oneTap.androidPackageName

Yes

Your Android app's package name

oneTap.androidSignatureHash

Yes

Your Android app's signature hash

hashtag
Zero-tap auto-fill (Android)

Zero-tap authentication automatically fills in the code without any user interaction. Requires terms acceptance and supports multiple apps.

Property
Required
Description

zeroTap.supportedApps

Yes

Array of apps that support zero-tap. Each needs packageName and signatureHash.

zeroTap.zeroTapTermsAccepted

Yes

Whether the business has accepted Meta's zero-tap terms

circle-exclamation

One-tap and zero-tap are mutually exclusive. Use one or the other, not both. Both features only work on Android -- iOS falls back to the standard copy-code experience.

hashtag
Complete Example -- Standard Authentication

hashtag
Complete Example -- One-Tap Authentication

hashtag
Complete Example -- Zero-Tap Authentication

hashtag
Authentication vs. Copy Code in Other Templates

Feature
Authentication template
Copy code in text/coupon template

Category

AUTHENTICATION only

UTILITY or MARKETING

Message content

Auto-generated by Meta

Custom body text

Security disclaimer

Built-in option

Not available

Expiration notice

Built-in option

Not available

One-tap / zero-tap

Supported

Not available

Additional buttons

Not allowed

Allowed

Delivery priority

Optimized by Meta

Standard

hashtag
Related

Last updated

Was this helpful?