# Authentication Template Guidelines
Authentication templates are the most restrictive of the three WhatsApp template categories. They are designed specifically for verifying a user's identity using a one-time passcode (OTP) or alphanumeric verification code.
It is important to understand that **only authentication templates can be used to send one-time passcodes for identity verification**. Marketing and utility templates cannot be used for this purpose under any circumstance.
#### **When Should You Use an Authentication Template?**
Authentication templates are used at steps in the customer journey where confirming a user's identity is necessary. Common use cases include:
* **New account creation** — Verifying a user's identity when they sign up for an account for the first time.
* **Account access or recovery** — Confirming identity when a user logs in or attempts to reset their password.
* **Transaction confirmation** — Verifying identity before processing a sensitive transaction or payment.
***
#### **Content Restrictions**
Because of the sensitive nature of these messages, Meta enforces strict content rules for authentication templates. The following are not allowed:
* URLs
* Media files (images, videos, or documents)
* Emojis
* Variable parameters longer than **15 characters**
Keeping your content clean and minimal is not just a best practice — it is a requirement for this category.
***
#### **Required and Optional Elements**
**Required:** Every authentication template must include a configured one-time password button. You can choose between:
* **Copy Code** — Displays the OTP with a button the user can tap to copy it directly.
* **One-Tap** — Allows the user to autofill the OTP in the app with a single tap.
**Optional Add-Ons:** Authentication templates support two optional elements that you can choose to include:
* **Security Disclaimer** — A note reminding the user not to share their OTP with anyone.
* **Expiry Warning** — A note informing the user of how long the OTP is valid.
These add-ons are recommended as they build trust and reduce the risk of fraud for your customers.
***
#### **What Does an Authentication Template Look Like?**
| Message Objective | Business Goal | Example Template |
| ------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------- |
| **Authentication** | Authenticate users with one-time passcodes at various steps of the login or transaction process — such as account verification, account recovery, or identity challenges. | {{123456}} is your verification code. Do not share this code with anyone. This code will expire in 10 minutes. |
In this example, {{123456}} is the dynamic OTP that will be unique for each user. The "Do not share this code with anyone" line is the optional security disclaimer, and the expiry note is the optional expiry warning.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://learn.doubletick.io/templates/understanding-whatsapp-message-template-categories/authentication-template-guidelines.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.