Documentation Index
Fetch the complete documentation index at: https://docs.kapso.ai/llms.txt
Use this file to discover all available pages before exploring further.
Requirements: To create authentication templates, your WhatsApp Business Account must meet both of these conditions:
- Business verification — Your Meta Business Portfolio must be verified.
- Messaging limit of 2,000 or higher — Your WABA’s messaging limit must be at Tier 1 (2K) or above.
*{{1}}* is your verification code.
You can’t customize the body text, but you can:
- Add a security recommendation: “For your security, do not share this code.”
- Add code expiration: “This code expires in X minutes.”
OTP types
| Type | Button | Use case |
|---|
COPY_CODE | ”Copy code” | Universal - works on all devices |
ONE_TAP | ”Autofill” | Android only - auto-fills code in your app |
ZERO_TAP | None | Silent auto-fill, no user interaction needed |
Create copy code template
The most common type. Shows a “Copy code” button.
await client.templates.create({
businessAccountId: '123456789',
name: 'auth_copy_code',
category: 'AUTHENTICATION',
language: 'en_US',
components: [
{
type: 'BODY',
add_security_recommendation: true
},
{
type: 'FOOTER',
code_expiration_minutes: 10
},
{
type: 'BUTTONS',
buttons: [
{ type: 'OTP', otp_type: 'COPY_CODE' }
]
}
]
});
Create one-tap template (Android)
Auto-fills the code in your Android app. Requires your app’s package name and signature hash.
await client.templates.create({
businessAccountId: '123456789',
name: 'auth_one_tap',
category: 'AUTHENTICATION',
language: 'en_US',
components: [
{
type: 'BODY',
add_security_recommendation: true
},
{
type: 'BUTTONS',
buttons: [
{
type: 'OTP',
otp_type: 'ONE_TAP',
supported_apps: [
{
package_name: 'com.example.myapp',
signature_hash: 'K8a/AINcD...'
}
]
}
]
}
]
});
Get your Android app’s signature hash:keytool -exportcert -alias YOUR_ALIAS -keystore YOUR_KEYSTORE | xxd -p | tr -d "[:space:]" | openssl sha256
Create zero-tap template
No visible button. The code is broadcast to your app via Android’s SMS Retriever API.
await client.templates.create({
businessAccountId: '123456789',
name: 'auth_zero_tap',
category: 'AUTHENTICATION',
language: 'en_US',
components: [
{
type: 'BODY',
add_security_recommendation: true
},
{
type: 'BUTTONS',
buttons: [
{
type: 'OTP',
otp_type: 'ZERO_TAP',
supported_apps: [
{
package_name: 'com.example.myapp',
signature_hash: 'K8a/AINcD...'
}
]
}
]
}
]
});
Send
When sending, pass the OTP code in both the body and button parameters.
await client.messages.sendTemplate({
phoneNumberId: '647015955153740',
to: '15551234567',
template: {
name: 'auth_copy_code',
language: { code: 'en_US' },
components: [
{
type: 'body',
parameters: [
{ type: 'text', text: '123456' }
]
},
{
type: 'button',
sub_type: 'otp',
index: '0',
parameters: [
{ type: 'text', text: '123456' }
]
}
]
}
});
Component reference
Body
| Field | Type | Description |
|---|
add_security_recommendation | boolean | Adds “For your security, do not share this code.” |
| Field | Type | Description |
|---|
code_expiration_minutes | number | 1-90. Adds “This code expires in X minutes.” |
| Field | Type | Description |
|---|
otp_type | string | COPY_CODE, ONE_TAP, or ZERO_TAP |
supported_apps | array | Required for ONE_TAP and ZERO_TAP. List of {package_name, signature_hash} |
Restrictions
- No headers - AUTHENTICATION templates cannot include HEADER components
- Fixed body text - Body text is generated by Meta, not customizable
- No custom parameters - Only the OTP code can be passed as a variable
