Verify

The WhatsApp OTP API lets you send one-time passwords and 2FA authentication codes through WhatsApp messages. With higher read rates than SMS and a familiar, trusted interface, sending OTP via WhatsApp API is ideal for users who are already active on the platform.

Use Cases

• User signup and phone number confirmation
• Login two-factor authentication (2FA)
• Password reset identity confirmation
• Transaction and payment authorization
• Profile change re-authentication

How It Works

1. Your app calls POST /v1/verifications with channel: whatsapp
2. Dexatel sends a message to the user's WhatsApp containing the OTP code
3. The user enters the code in your app
4. Your app calls GET /v1/verifications with the code and phone to look up the verification record
5. If a matching, unexpired record is returned, the code is valid

Send a WhatsApp OTP

Endpoint

POST https://api.dexatel.com/v1/verifications

Example Request

curl -X POST "https://api.dexatel.com/v1/verifications" \
  -H "X-Dexatel-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "channel": "whatsapp",
      "sender": "MyBusiness",
      "phone": "14155552671",
      "template": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
      "code_length": 6
    }
  }'

Example Response (201 Created)

{
  "account_id": "7c9e6679-7425-40de-944b-e07fc1f90ae7",
  "message_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "phone": "14155552671",
  "create_date": "2024-01-15 10:30:00",
  "expire_date": "2024-01-15 10:40:00"
}

Code Expiry

OTP codes expire after a fixed window. The expire_date field in the response tells you exactly when the code becomes invalid. Prompt your users to enter the code within this window.

Validate the OTP Code

Endpoint

GET https://api.dexatel.com/v1/verifications?code={code}&phone={phone}

Query Parameters

Example Validation Request

curl -X GET "https://api.dexatel.com/v1/verifications?code=847291&phone=14155552671" \
  -H "X-Dexatel-Key: YOUR_API_KEY"

WhatsApp Verification with Fallback

Fallback verification automatically retries delivery through a different channel if the primary channel fails. This is especially useful when you don't know whether the user has WhatsApp installed.

Fallback Request Example

curl -X POST "https://api.dexatel.com/v1/verifications" \
  -H "X-Dexatel-Key: YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "data": {
      "channel": "WHATSAPP",
      "sender": "MyBusiness",
      "phone": "14155552671",
      "template": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
      "code_length": 6,
      "fallback": {
        "priorities": [
          {
            "channel": "SMS",
            "sender": "MyBusiness",
            "template": "b2c3d4e5-f6a7-8901-bcde-f12345678901"
          },
          {
            "channel": "VIBER",
            "sender": "MyBusiness",
            "template": "c3d4e5f6-a7b8-9012-cdef-123456789012",
            "ttl_in_seconds": 60
          }
        ],
        "cancellation_threshold_sec": 120
      }
    }
  }'

Fallback TTL Rules

TTL (ttl_in_seconds) is supported only for Viber, Telegram, and Email OTP fallback channels. It is not supported for WhatsApp or SMS.

Maximum of 5 priorities in a single fallback chain. Each priority must define a channel, sender, and template. ttl_in_seconds is required when the fallback channel is Viber, Telegram, or Email OTP.

Verification Error Codes