WhatsApp Business API – Access Token – EnableX Developer Centre

EnableX has implemented Bearer Token and HTTP Basic Authentication mechanism with WhatsApp Business API. This API is used to create one Token using which WhatsApp Business API can be used for a limited time period.

If you are looking to use WhatsApp Business API using Bearer Token, this API can be used to create a Token. The Token created can be used as Bearer Token in the Authorization Header for API requests.

Note that this is transactional Token, and gives access to APIs for next 60 minutes only. Any API call beyond the expiry time using the same Token will be denied. Therefore, you need to create another Token to continue using APIs..

This API call needs your WhatsApp Projects Access Credentials i.e. App-ID and App-Key.

API Route: https://api.enablex.io/whatsapp/v1/token
Method: POST
JSON Payload: Passed as Raw Body content

{
  "app_id": "String",
  "app_key": "String"
}

Request Payload Explanation

Key	Data Type	Constraints	Description
`app_id`	String	Required	App ID of EnableX Project
`app_key`	String	Required	App Key of EnableX Project

Request Example

POST https://api.enablex.io/whatsapp/v1/token
Content-Type: application/json

{
  "app_id": "String",
  "app_key": "String" 
}

Success Response Example: This is when a Token is received with expiry time

{
  "token": "String",
  "expiry": Number
}

Response Explanation

Key	Data Type	Description
`token`	String	This is the token to be used in subsequent request until it expires.
`expiry`	Number	Unix Timestamp in UTC. This is the time when the Token expires.

Failure Response Example: This is when a Token request fails for invalid API Credentials

{
  "message": "Authentication failed",
  "status": "Unauthorized",
  "reason": "invalid credentials or the account has been deactivated"
}

Know when Token has expired

You may manage it in 2 ways. You should implement both of the following while coding:

Keep a note of the expiry key in the response of Token.
All WhatsApp API call with an expired token will the error.

Expired Token Response: When API is called with expired Token

{
  "message": "Authentication failed",
  "status": "Unauthorized",
  "reason": "invalid credentials or the account has been deactivated"
}

In either of the cases, its warranted that yu re-generate a Token calling this API.