WABA Integration (On-Premise)

On-Premise is a fallback type of integration. Prioritize integrating with the Cloud API.

Getting started

As an official Business Solution Provider (BSP), we can host the WhatsApp Business Client and associated stack on our infrastructure on your behalf. You can then access and use the API by calling the endpoints provided. The WhatsApp Business API uses a REST API Architecture with JSON data formats. The API follows the standard HTTP request-response exchange.
For any outgoing actions (like messages sending), you need to use requests to an appropriate endpoints.
  • All these actions are available via different request types that use a combination of 360dialog base URL and an endpoint suffix. E.g. it’s needed to use a POST request to the resource to send a message.
  • The body of the request to the API will determine what exactly you want to send (text, image, etc.).
  • You need to use an API key received from the client in authorization purposes.
  • A business cannot send a freely composed message first. If business starts a conversation with a user, it should use a template message. Please do not forget about Opt-In requirements.
  • Tip: we can recommend to use Postman as first step instrument to test WABA opportunities.
To receive any information that is not a response to your request to the API (e.g. incoming messages from users) you need to set a webhook address.
  • It should be unique for every WABA number
  • It should return an HTTPS 200 OK response immediately (before any other processing begins)

Base URL

The default base URL for the 360dialog WhatsApp API is followed by the path-specific endpoint.

Prerequisites & Basic Setup

1. Retrieve API Key

In order to send requests with the 360dialog On-Premise API, you need an API KEY.
Every API Key is connected with one phone number. We authenticate and choose the right WhatsApp Business Account and Number based on your D360-API-KEY.
Each registered WhatsApp phone number has its own API KEY
Adding D360-API-KEY in the header with your unique API Key as a value is enough to gain permission to send messages in the WhatsApp Business API.
  • Please store and manage your D360-API-KEY securely and use it only for server-2-server authentication.
  • Please ensure that you always use the corresponding D360-API-KEY when you deal with multiple configurations. A mismatch could lead to inconsistent data.

2. Set Webhook URL

To receive notifications for inbound messages and status updates, you must set a webhook URL, that we use as a destination for all notifications belonging to you WhatsApp phone number.

3. Send a message

Send a message using the WhatsApp API.
If this end-user did not message you first, you must start a Business-initiated conversation using a Template message.

4. Receive status updates

In case you have set a webhook URL as described in step 2. Set Webhook URL, you will have received a Outbound Message Status Notification for your test message by now.
You must configure a callback (webhook URL) to receive messages.
Webhooks can be used for:
  • Inbound Message Notifications: Use it to get a notification you when you have received a message.
  • Message Status Notifications: Monitor the status of sent messages.
If a webhook event isn't delivered for any reason (e.g., the client is offline) or if the webhook request returns a HTTP status code other than 200, we retry the webhook delivery. We continue retrying delivery with increasing delays up to a certain timeout (typically 24 hours, though this may vary), or until the delivery succeeds.

Webhook Requirements

To deploy a live webhook that can receive webhook events from the WhatsApp Business API, your code must have the following:
  • HTTPS support
  • A valid SSL certificate

Set your callback URL

Send a POST request to the /v1/configs/webhook endpoint to set the resource.
POST /v1/configs/webhook
"url": "{{your-callback-url}}"

Callback URL Header Authentication (Optional)

If the callback URL needs to be authorized by user, USER and PASS should be provided in the header Authorization that contains Basic base64(USER:PASS).
Request body example for USER=testuser and PASS=testpass
"url": "{{your-callback-url}}",
"headers": {
"Authorization": "Basic {{token}}"

Blacklisted Endpoints

For security reasons you will not be able to access any of the below endpoints. If you need to access any of the below resources, please create a support ticket and, depending on the nature of the request, we will provide some options for you.
Make a GET call to this endpoint to verify the number that is associated with an API Key.
Check Phone Number
Use the health node to check the status of your WhatsApp Business API client.
/health is not available for Cloud API.
The health status is cached and refreshed only every 5 minutes, so do not call the endpoint more than that). If your phone number is disconnected | uninitialized or unregistered - create a ticket with our Support Team and we will assist you to get the number reconnected.
In High Availability mode, only one Coreapp maintains a connection to the WhatsApp server. All other nodes (including the Primary Master) have a gateway_status of disconnected
In Multiconnect mode with X shards, X Coreapps maintain a connection to the WhatsApp server. The Primary Master also connects to the WhatsApp server.
Best practices
When creating a ticket for our support team relating to a number, always include the health check response.