OTP Authentication WhatsApp Template for Hospitals & Clinics
When a patient logs into your appointment portal, resets a password, or confirms a teleconsultation booking, the one-time passcode has to arrive in seconds — on a channel they actually open. This is a ready-to-use, Meta-approved WhatsApp OTP authentication template built specifically for Indian hospitals, diagnostic labs, and clinics. It uses the correct authentication category, a secure copy-code button, and wording that clears review the first time. Copy the body below, plug in your variables, and go live with InfiQ, an official Meta Business Partner for the WhatsApp Business API in India.
Variables
{{1}}= 482913{{2}}= CityCare Clinic
Verified business
10:24
Preview · as customers see it
When to use this OTP template in a healthcare workflow
Authentication templates exist for one job: verifying that the person on the other end is who they claim to be. In a hospital or clinic setting that moment happens more often than most teams realise — a patient signing into your health-record portal, a caregiver resetting a forgotten password, someone confirming a teleconsultation link, a lab-report download being unlocked, or staff approving a high-value transaction. Because these codes are tied to a real, user-initiated action, WhatsApp treats them as authentication traffic and prices them at the authentication rate rather than the marketing rate. Delivering the code over WhatsApp instead of SMS matters here: patients see a familiar green tick, read rates are consistently higher than SMS, and the copy-code button removes the fat-finger errors that plague six-digit manual entry — which is exactly what you want when an anxious patient is trying to reach their reports at 11pm.
- Patient portal or app login and step-up verification
- Password / PIN reset for health-record accounts
- Confirming a teleconsultation or appointment booking link
- Unlocking a lab report or e-prescription download
- Two-factor approval for payments or account changes
Personalising it without breaking authentication rules
The authentication category is deliberately strict, and that constraint is a feature — it is why these messages clear review quickly and bill at the lowest rate. You get exactly two moving parts: the code itself and, optionally, your brand or product name so the patient recognises who the code is from. What you cannot do is add marketing language, promotional offers, greetings, emojis, media headers, or extra call-to-action buttons beyond the copy-code (and an optional autofill) button. Keep the brand variable to your clinic or hospital's registered name so it reads as trustworthy at a glance. Resist the urge to append 'Book your next check-up' or a clinic tagline — that single line will push the template into marketing review, change its billing, and usually get it rejected. If you need a promotional nudge, send it as a separate marketing template after the login is complete.
- Allowed: the OTP value and your brand/service name
- Allowed: a copy-code button and an optional one-tap autofill button
- Not allowed: offers, taglines, emojis, media, or marketing links
- Keep the security warning line ('Do not share this code') intact
Getting it approved on the first submission
Submit the template under the Authentication category — not Utility — and use Meta's standard OTP structure with a copy-code button. Meta now provides pre-built authentication template formats, and staying inside them is the fastest path to approval; custom free-text authentication bodies are more likely to be flagged. Keep the validity line honest (state the real expiry, commonly 5 or 10 minutes) and always include the 'Do not share this code with anyone' security notice, which reviewers expect to see. Because the body is templated and the OTP arrives as a variable, one approved template covers every language and channel you send it through. In practice, authentication templates like this clear review quickly, often within a day, after which you can send instantly through InfiQ's dashboard or API. If you localise into Hindi, Tamil, Marathi or another language, submit each as a separate language version of the same template so the code placement and button stay identical.
- Choose Authentication category and Meta's standard OTP format
- Include a real expiry time and the do-not-share warning
- Use the copy-code button; add autofill only if your app supports it
- Submit each language as a version of the same template
What it costs to send — the honest version
Since Meta moved off per-conversation billing on 1 July 2025, WhatsApp charges per delivered message, priced by category. This template sends in the authentication category, which is Meta's lowest-cost tier and well suited to high-volume login and verification traffic. The 24-hour window you may have heard about is a free customer-service window — it is not a billing unit, and OTPs do not depend on it because the patient triggered the action. Your true per-message cost is Meta's live authentication rate plus InfiQ's platform pricing, shown as transparent ₹ pricing (ex-GST) with no hidden line items. For a clinic sending thousands of logins and report unlocks a month, the authentication rate keeps unit economics tight, and the copy-code button reduces failed verifications — so you rarely pay to re-send a code the patient mistyped.
- Billed per delivered message at Meta's authentication rate
- Authentication is the lowest-cost WhatsApp category
- InfiQ adds transparent ₹ pricing (ex-GST)
- The 24-hour service window is free and separate from this send
Like this template? Send it live in 24 hours.
Frequently asked questions
Which WhatsApp category does this OTP template use?+
Do OTP messages need patient opt-in?+
Can I edit the wording of the template?+
How is this OTP message billed?+
Why send OTPs on WhatsApp instead of SMS?+
Can I send this OTP in Hindi or a regional language?+
How quickly can I start sending after submitting?+
What is the copy-code button and should I use it?+
Send secure OTPs your patients actually read
Get this authentication template approved and live on the WhatsApp Business API with InfiQ — transparent ₹ pricing, full BSUID ownership, and support from an official Meta Business Partner in India.