docs: add Meta setup pages to live wiki branch

Home.md

@@ -0,0 +1,8 @@
+# WhatsHooked Wiki
+
+## Pages
+
+- [Test](Test)
+- [Meta Business Account Setup](Meta-Business-Account-Setup)
+- [Meta Approval Demo Transcript](Meta-Approval-Demo-Transcript)
+

Meta-Approval-Demo-Transcript.md

@@ -0,0 +1,123 @@
+# Meta Approval Demo Transcript
+
+This page provides a sample demo script/transcript you can use to explain and demonstrate WhatsHooked during Meta review or internal approval conversations.
+
+Use it as a practical walkthrough of what the product does, how messages flow, and what the WhatsApp integration is used for.
+
+## Demo goal
+
+Show that WhatsHooked:
+- connects approved WhatsApp accounts
+- receives inbound messages through the WhatsApp platform
+- forwards events to registered webhooks
+- supports controlled outbound replies
+- acts as an integration layer rather than a spam or impersonation tool
+
+## Short product description
+
+WhatsHooked is a library and service that connects WhatsApp accounts to downstream systems using webhooks and API endpoints. It supports message intake, event forwarding, and controlled two-way communication for legitimate business and automation use cases.
+
+## Suggested review demo format
+
+### 1. Introduction
+
+> Hello. This demo shows WhatsHooked, a service that connects WhatsApp accounts to backend systems through webhooks and an HTTP API.
+>
+> The purpose of the application is to let a business or developer receive WhatsApp events, process them in their own systems, and optionally send responses back through an authorized WhatsApp account.
+
+### 2. Show account configuration
+
+> Here we have a configured Meta/WhatsApp Business account inside WhatsHooked.
+>
+> The account stores the required identifiers and credentials needed to communicate with the WhatsApp Business platform.
+>
+> This setup is intended for legitimate messaging workflows, customer communication, and application integrations.
+
+If the UI exists for this area, show:
+- the account entry
+- the account type (Meta / WhatsApp Business)
+- masked credentials or IDs
+- any webhook or status configuration
+
+### 3. Show inbound message flow
+
+> Next, I will demonstrate how an incoming WhatsApp message is handled.
+>
+> When a message is received through the WhatsApp platform, Meta delivers the event to the configured webhook endpoint.
+>
+> WhatsHooked receives that webhook event, validates it, and then forwards the normalized event to registered application webhooks.
+
+Show, if available:
+- the inbound webhook endpoint configuration
+- logs or event viewer
+- a sample received message event
+- the forwarding of that event to a registered webhook consumer
+
+### 4. Show registered webhook behavior
+
+> Here is an example of a registered webhook subscriber.
+>
+> This downstream system receives the message event and can use it for automation, CRM workflows, support tooling, notifications, or other business processes.
+
+Emphasize:
+- the app is acting as middleware/integration infrastructure
+- the receiving system belongs to the operator or their customers
+- the webhook consumer is expected to follow platform policy
+
+### 5. Show outbound reply flow
+
+> Now I will demonstrate a controlled outbound message.
+>
+> A downstream application can send a response through WhatsHooked, and WhatsHooked sends that message using the configured WhatsApp account and approved platform flow.
+
+If possible, show:
+- an API request or UI action that triggers an outbound message
+- the resulting outbound send status
+- a received reply in the target chat
+
+### 6. Explain compliance posture
+
+> WhatsHooked is not intended to bypass WhatsApp rules or impersonate end users.
+>
+> It is designed as an integration layer so approved accounts can connect to external business systems in a controlled way.
+>
+> Account owners are responsible for using approved templates, user consent, and compliant messaging practices where required.
+
+### 7. Close the demo
+
+> In summary, WhatsHooked provides:
+> - account connectivity
+> - inbound webhook handling
+> - outbound messaging through authorized accounts
+> - integration with downstream applications via webhooks and APIs
+>
+> Its role is to help businesses and developers build compliant communication workflows on top of WhatsApp infrastructure.
+
+## Extra talking points for reviewers
+
+If Meta asks what the application is for, keep the answer direct:
+
+- It connects WhatsApp messaging to business systems.
+- It forwards inbound events to subscribed webhooks.
+- It allows controlled replies from authorized systems.
+- It supports operational integrations such as customer support, automation, and notification workflows.
+
+## What to avoid saying
+
+Avoid language that suggests:
+- mass unsolicited messaging
+- account farming
+- policy circumvention
+- scraping or unauthorized automation
+- impersonation or deceptive identity use
+
+## Optional live demo checklist
+
+- Show the Meta app and WhatsApp product are configured
+- Show the number is registered
+- Show webhook verification is complete
+- Send a test inbound message
+- Show the inbound event arriving in WhatsHooked
+- Show forwarding to a registered webhook
+- Send a controlled outbound reply
+- Show logs/status for the send result

Meta-Business-Account-Setup.md

@@ -0,0 +1,154 @@
+# Meta Business Account Setup
+
+This guide covers the end-to-end setup for using the WhatsApp Business Platform with WhatsHooked:
+
+1. Create or prepare a Meta Business account
+2. Create a Meta app
+3. Add the WhatsApp product
+4. Configure business verification basics
+5. Register a phone number
+6. Collect the credentials WhatsHooked needs
+
+## Prerequisites
+
+Before starting, make sure you have:
+
+- A Meta/Facebook account you can use for admin access
+- A Meta Business account (or permission to create one)
+- A phone number that is **not currently active in the standard WhatsApp or WhatsApp Business mobile app** if you plan to register it for the Cloud API
+- Basic access to the Meta developer dashboard
+
+## Step 1: Create or access a Meta Business account
+
+1. Go to Meta Business Manager / Meta Business Suite.
+2. Create a new business account if you do not already have one.
+3. Fill in the business details:
+   - business name
+   - your name
+   - business email
+4. Complete email confirmation if Meta asks for it.
+
+### Recommended follow-up
+
+In business settings, make sure you:
+- add the correct admins
+- complete business information
+- enable two-factor authentication for admins if possible
+
+## Step 2: Create a Meta developer app
+
+1. Go to the Meta for Developers dashboard.
+2. Click **Create App**.
+3. Choose an app type that supports WhatsApp integration (the exact wording may vary over time).
+4. Enter the app name and contact email.
+5. Link the app to the correct business account when prompted.
+6. Finish app creation.
+
+## Step 3: Add the WhatsApp product
+
+1. Open the new app in the developer dashboard.
+2. Add the **WhatsApp** product.
+3. Meta will provision a starter WhatsApp configuration for testing.
+
+At this point Meta usually gives you:
+- a temporary access token
+- a test phone number
+- a WhatsApp business account id
+- sending/receiving test controls
+
+These are useful for initial smoke tests, but production setup normally needs your own number and a system user token strategy.
+
+## Step 4: Prepare business verification and ownership
+
+For production use, make sure the business side is in order:
+
+- complete business details in Business Manager
+- start business verification if Meta requires it
+- verify your business domain if needed
+- ensure the correct business owns the app and WhatsApp assets
+
+Meta approval and capability levels can be limited until business verification is complete.
+
+## Step 5: Register a phone number
+
+To use your own WhatsApp Business number:
+
+1. In the app's WhatsApp section, choose to add or register a phone number.
+2. Enter the display name you want Meta to review.
+3. Choose the business category if prompted.
+4. Enter the phone number in international format.
+5. Choose SMS or voice call verification.
+6. Enter the verification code sent by Meta.
+
+### Important notes
+
+- The number must not be actively tied to a consumer WhatsApp app session you still need.
+- If the number is already in use elsewhere, migration/release steps may be required first.
+- Display name approval can be immediate or delayed depending on the business status and naming choice.
+
+## Step 6: Capture the values needed by WhatsHooked
+
+After setup, collect and store these values:
+
+- **Phone Number ID**
+- **WhatsApp Business Account ID**
+- **Access Token**
+- **App ID**
+- **App Secret** (if your flow requires it)
+- **Webhook Verify Token** (your own chosen secret for webhook validation)
+- **API Version** if you want to pin requests to a specific Graph API version
+
+## Step 7: Configure webhook basics in Meta
+
+If WhatsHooked is receiving inbound events from Meta:
+
+1. Open the WhatsApp webhook configuration in the Meta app.
+2. Enter your callback URL.
+3. Enter your verify token.
+4. Complete the webhook verification handshake.
+5. Subscribe to the WhatsApp event fields you need.
+
+Typical events include message and status updates.
+
+## Step 8: Move from temporary to long-lived operational access
+
+For real deployments, do not rely on temporary dashboard test tokens forever.
+
+Recommended direction:
+- create the proper business/system-user setup in Business Manager
+- generate a token suitable for server-side integration
+- store the token securely
+- document rotation procedures
+
+## Suggested WhatsHooked documentation/config fields
+
+A Meta account configuration in WhatsHooked will usually need some combination of:
+
+- account name
+- phone number id
+- business account id
+- access token
+- verify token
+- app secret (optional depending on implementation)
+- API version
+
+## Common pitfalls
+
+- Wrong business account linked to the app
+- Using an expired temporary access token
+- Number already attached to another WhatsApp setup
+- Webhook verify token mismatch
+- Missing business verification for production scenarios
+- Missing API version pinning when Meta changes defaults
+
+## Approval checklist before production
+
+- Business account created
+- App created
+- WhatsApp product enabled
+- Business details completed
+- Number registered and verified
+- Display name approved
+- Webhook verified
+- Long-lived credentials stored securely
+- Test send and receive flow confirmed