- Proxy / always fresh: read endpoints have no caching — data comes straight from the source (Meta Graph API / ClickHouse), so you don’t deal with Meta’s token/credential complexity.
- Org-scoped & secure: every request is isolated to the organization resolved from your secret key; you cannot reach another organization’s data.
- Simple contract: all endpoints share the same response envelope, error model, pagination, and
Preferbehavior.
Authentication
Secret key authentication for the Public API.
Templates
Create, list, inspect, and update message templates.
Business Profile
Read and update the WhatsApp business profile.
Analytics
Message volume: summary cards + time series.
Base URL
All Public API paths in this reference are relative to a single base URL:/wa/{app_id}/templates means {base_url}/wa/{app_id}/templates.
Authentication
The seven core endpoints require a secret key:- Use it server-to-server; never embed the secret key in a browser/client.
organization_idis resolved automatically from the key — you don’t pass it.- The
app_idyou operate on must belong to your organization, otherwise you get404.
Shared conventions
These apply to every endpoint:- Response envelope — success:
{ "data": ..., "isSuccess": true }; error:{ "errors": { "code", "group", "description" }, "isSuccess": false }. Preferheader (on updates) —return=representation(default, returns the current record) orreturn=minimal(no body). The response reports it viaPreference-Applied.- Cursor pagination (on lists) —
pagingMetadata.nextCursor/previousCursor+hasNext/hasPrevious/pageSize. - Dates — ISO-8601 (
2026-06-08T00:00:00). - Null fields are dropped from responses (e.g. an unset profile field, or
componentswithoutexpand).
Endpoint quick reference
Path parameters are shown in{braces}; query parameters are listed separately so the route stays readable.
Quickstart
An end-to-end walkthrough. Every request below uses the headerAuthorization: Bearer sk_... and a path relative to the Base URL.
Step 1 — See the current state (analytics)
summary (total / sent / received / template messages) plus a daily series. Omit appId for the whole organization, or repeat it (?appId=a&appId=b) for specific apps. See Get Messages.
Step 2 — Create a template
PENDING (under review). See Create Template.
Step 3 — List templates / track status
status / category / language, search with search, and page with the returned cursors. See Get Templates.
Step 4 — Inspect a template (with components)
expand=components adds the header/body/footer/buttons detail. See Get Template Detail.
Step 5 — Update an APPROVED template (send the full set!)
body), or the missing ones are removed. After a successful edit the status returns to PENDING. See Update Template.
Step 6 — Update the business profile
Common errors & tips
Next steps
Templates
The full template lifecycle.
Business Profile
Read and update the business profile.
Analytics
Message volume analytics.