我們即將停用內部部署 API。請參閱我們的內部部署 API 停用文件以取得詳細資訊,並瞭解如何轉移到我們的新一代雲端 API。

WhatsApp Business Encryption

/v1/settings/business/whatsapp_business_encryption

The WhatsApp Flows user experience requires an encrypted GraphQL-powered data exchange channel between the WhatsApp mobile consumer client and the third party business endpoint. Businesses generate a 2048-bit RSA key pair to establish the data channel and share their Business Public Key with WhatsApp consumer clients.

Use the /v1/settings/business/whatsapp_business_encryption endpoint to publish and sign your Business Public Key.

Before You Start

The phone number must be successfully registered, and the business must have generated a 2048-bit RSA Key.

Generating a 2048-bit RSA Key Pair

Generate a public and private RSA key pair by typing in the following command:

openssl genrsa -des3 -out private.pem 2048

The generates 2048-bit RSA key pair encrypted with a password you provided and is written to a file.

Next, you need to export the RSA public key to a file:

openssl rsa -in private.pem -outform PEM -pubout -out public.pem

You can then use it, for example, on your web server to encrypt content so that it can only be read with the private key.

Reusing 2048-bit RSA Key Pairs Option

You could also re-use an existing private/public key pair by extracting a public key from existing certificate:

openssl x509 -pubkey -noout -in private.pem  > public.pem   

Sign Business Public Key

Make a POST API call to sign your business public key. If you have multiple phone numbers linked to a WABA, this API must be called to sign the business public key for each phone number.

In Postman, when inputting the business public key as a parameter in the Body, select x-www-form-urlencoded.

Example

POST /v1/settings/business/whatsapp_business_encryption
{   
  "public_key": "2048_bit_RSA_key"
}

A successful request returns Http status code 200 and the payload:

{
  "meta": 
  {
    "api_status": "stable",
    "version": "<latest-api-version>"
  }
}

If you encounter any errors, see Error and Status Messages.

Parameters

NameDescription

public_key

type: String

Required. The generated Business Public Key.

Get Business Public Key

Make a GET API call to retrieve your business public key.

Example

GET /v1/settings/business/whatsapp_business_encryption

A successful response will have the 2048-bit RSA key and a signature status.

{
  "business_public_key": "<2048_bit_RSA_key>"
  "business_public_key_signature_status": VALID | MISMATCH
}

If you encounter any errors, see Error and Status Messages.