search
Ctrlk

Authentication Template Guidelines

Authentication templates are the most restrictive of the three WhatsApp template categories. They are designed specifically for verifying a user's identity using a one-time passcode (OTP) or alphanumeric verification code.

It is important to understand that only authentication templates can be used to send one-time passcodes for identity verification. Marketing and utility templates cannot be used for this purpose under any circumstance.

hashtag
When Should You Use an Authentication Template?

Authentication templates are used at steps in the customer journey where confirming a user's identity is necessary. Common use cases include:

  • New account creation — Verifying a user's identity when they sign up for an account for the first time.

  • Account access or recovery — Confirming identity when a user logs in or attempts to reset their password.

  • Transaction confirmation — Verifying identity before processing a sensitive transaction or payment.

hashtag
Content Restrictions

Because of the sensitive nature of these messages, Meta enforces strict content rules for authentication templates. The following are not allowed:

  • URLs

  • Media files (images, videos, or documents)

  • Emojis

  • Variable parameters longer than 15 characters

Keeping your content clean and minimal is not just a best practice — it is a requirement for this category.

hashtag
Required and Optional Elements

Required: Every authentication template must include a configured one-time password button. You can choose between:

  • Copy Code — Displays the OTP with a button the user can tap to copy it directly.

  • One-Tap — Allows the user to autofill the OTP in the app with a single tap.

Optional Add-Ons: Authentication templates support two optional elements that you can choose to include:

  • Security Disclaimer — A note reminding the user not to share their OTP with anyone.

  • Expiry Warning — A note informing the user of how long the OTP is valid.

These add-ons are recommended as they build trust and reduce the risk of fraud for your customers.

hashtag
What Does an Authentication Template Look Like?

Message Objective
Business Goal
Example Template

Authentication

Authenticate users with one-time passcodes at various steps of the login or transaction process — such as account verification, account recovery, or identity challenges.

{{123456}} is your verification code. Do not share this code with anyone. This code will expire in 10 minutes.

In this example, {{123456}} is the dynamic OTP that will be unique for each user. The "Do not share this code with anyone" line is the optional security disclaimer, and the expiry note is the optional expiry warning.

PreviousUtility Template GuidelinesNextHow to Create a Message Template

Last updated