In detail
Authentication templates are a dedicated WhatsApp template category for sending one-time passwords (OTPs) and verification codes — the codes customers use to log in, confirm a transaction or verify a phone number. They exist because OTP delivery has strict format and security expectations that differ from ordinary notifications.
Meta standardises their structure. An authentication template contains the verification code, an optional short security disclaimer (for example, that the code expires or should not be shared), and a button that either copies the code to the clipboard or, on supported setups, autofills it directly into your app. Free-form promotional or explanatory text is deliberately restricted so these messages stay tightly scoped to authentication.
Because the format is constrained and the purpose is clear, authentication templates typically pass review quickly, provided you do not try to smuggle in marketing or extra content. They are billed as their own category — separate from Marketing and Utility — and, like all business-initiated messages, they are charged per delivered message under Meta's per-message pricing, with rates that vary by country.
Using them well means passing the code as a template variable at send time, keeping expiry short, and never adding upsells or links unrelated to the verification. Many businesses use WhatsApp OTP alongside or instead of SMS because delivery is reliable and the copy-code and autofill buttons reduce friction. If your account also sends other message types, keep authentication in its own templates rather than bundling codes into utility or marketing messages.
Key points
- A dedicated category for OTPs and verification codes.
- Fixed Meta format: the code, a short expiry note, and a copy/autofill button.
- Free-form text is restricted — no marketing content allowed.
- Billed as its own category, separate from Marketing and Utility.
- Approve quickly when compliant; pass the code as a template variable.
Updated
