wdevs/whatshooked
5
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 1 Wiki Activity

docs: add Meta setup pages to live wiki branch

SG Command
2026-04-10 09:06:01 +02:00
parent db560bdf77
commit 945662d2f5
3 changed files with 285 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Home.md Normal file

@@ -0,0 +1,8 @@
# WhatsHooked Wiki
## Pages
- [Test](Test)
- [Meta Business Account Setup](Meta-Business-Account-Setup)
- [Meta Approval Demo Transcript](Meta-Approval-Demo-Transcript)

123
Meta-Approval-Demo-Transcript.md Normal file

@@ -0,0 +1,123 @@
# Meta Approval Demo Transcript
This page provides a sample demo script/transcript you can use to explain and demonstrate WhatsHooked during Meta review or internal approval conversations.
Use it as a practical walkthrough of what the product does, how messages flow, and what the WhatsApp integration is used for.
## Demo goal
Show that WhatsHooked:
- connects approved WhatsApp accounts
- receives inbound messages through the WhatsApp platform
- forwards events to registered webhooks
- supports controlled outbound replies
- acts as an integration layer rather than a spam or impersonation tool
## Short product description
WhatsHooked is a library and service that connects WhatsApp accounts to downstream systems using webhooks and API endpoints. It supports message intake, event forwarding, and controlled two-way communication for legitimate business and automation use cases.
## Suggested review demo format
### 1. Introduction
> Hello. This demo shows WhatsHooked, a service that connects WhatsApp accounts to backend systems through webhooks and an HTTP API.
>
> The purpose of the application is to let a business or developer receive WhatsApp events, process them in their own systems, and optionally send responses back through an authorized WhatsApp account.
### 2. Show account configuration
> Here we have a configured Meta/WhatsApp Business account inside WhatsHooked.
>
> The account stores the required identifiers and credentials needed to communicate with the WhatsApp Business platform.
>
> This setup is intended for legitimate messaging workflows, customer communication, and application integrations.
If the UI exists for this area, show:
- the account entry
- the account type (Meta / WhatsApp Business)
- masked credentials or IDs
- any webhook or status configuration
### 3. Show inbound message flow
> Next, I will demonstrate how an incoming WhatsApp message is handled.
>
> When a message is received through the WhatsApp platform, Meta delivers the event to the configured webhook endpoint.
>
> WhatsHooked receives that webhook event, validates it, and then forwards the normalized event to registered application webhooks.
Show, if available:
- the inbound webhook endpoint configuration
- logs or event viewer
- a sample received message event
- the forwarding of that event to a registered webhook consumer
### 4. Show registered webhook behavior
> Here is an example of a registered webhook subscriber.
>
> This downstream system receives the message event and can use it for automation, CRM workflows, support tooling, notifications, or other business processes.
Emphasize:
- the app is acting as middleware/integration infrastructure
- the receiving system belongs to the operator or their customers
- the webhook consumer is expected to follow platform policy
### 5. Show outbound reply flow
> Now I will demonstrate a controlled outbound message.
>
> A downstream application can send a response through WhatsHooked, and WhatsHooked sends that message using the configured WhatsApp account and approved platform flow.
If possible, show:
- an API request or UI action that triggers an outbound message
- the resulting outbound send status
- a received reply in the target chat
### 6. Explain compliance posture
> WhatsHooked is not intended to bypass WhatsApp rules or impersonate end users.
>
> It is designed as an integration layer so approved accounts can connect to external business systems in a controlled way.
>
> Account owners are responsible for using approved templates, user consent, and compliant messaging practices where required.
### 7. Close the demo
> In summary, WhatsHooked provides:
> - account connectivity
> - inbound webhook handling
> - outbound messaging through authorized accounts
> - integration with downstream applications via webhooks and APIs
>
> Its role is to help businesses and developers build compliant communication workflows on top of WhatsApp infrastructure.
## Extra talking points for reviewers
If Meta asks what the application is for, keep the answer direct:
- It connects WhatsApp messaging to business systems.
- It forwards inbound events to subscribed webhooks.
- It allows controlled replies from authorized systems.
- It supports operational integrations such as customer support, automation, and notification workflows.
## What to avoid saying
Avoid language that suggests:
- mass unsolicited messaging
- account farming
- policy circumvention
- scraping or unauthorized automation
- impersonation or deceptive identity use
## Optional live demo checklist
- Show the Meta app and WhatsApp product are configured
- Show the number is registered
- Show webhook verification is complete
- Send a test inbound message
- Show the inbound event arriving in WhatsHooked
- Show forwarding to a registered webhook
- Send a controlled outbound reply
- Show logs/status for the send result

154
Meta-Business-Account-Setup.md Normal file

@@ -0,0 +1,154 @@
# Meta Business Account Setup
This guide covers the end-to-end setup for using the WhatsApp Business Platform with WhatsHooked:
1. Create or prepare a Meta Business account
2. Create a Meta app
3. Add the WhatsApp product
4. Configure business verification basics
5. Register a phone number
6. Collect the credentials WhatsHooked needs
## Prerequisites
Before starting, make sure you have:
- A Meta/Facebook account you can use for admin access
- A Meta Business account (or permission to create one)
- A phone number that is **not currently active in the standard WhatsApp or WhatsApp Business mobile app** if you plan to register it for the Cloud API
- Basic access to the Meta developer dashboard
## Step 1: Create or access a Meta Business account
1. Go to Meta Business Manager / Meta Business Suite.
2. Create a new business account if you do not already have one.
3. Fill in the business details:
- business name
- your name
- business email
4. Complete email confirmation if Meta asks for it.
### Recommended follow-up
In business settings, make sure you:
- add the correct admins
- complete business information
- enable two-factor authentication for admins if possible
## Step 2: Create a Meta developer app
1. Go to the Meta for Developers dashboard.
2. Click **Create App**.
3. Choose an app type that supports WhatsApp integration (the exact wording may vary over time).
4. Enter the app name and contact email.
5. Link the app to the correct business account when prompted.
6. Finish app creation.
## Step 3: Add the WhatsApp product
1. Open the new app in the developer dashboard.
2. Add the **WhatsApp** product.
3. Meta will provision a starter WhatsApp configuration for testing.
At this point Meta usually gives you:
- a temporary access token
- a test phone number
- a WhatsApp business account id
- sending/receiving test controls
These are useful for initial smoke tests, but production setup normally needs your own number and a system user token strategy.
## Step 4: Prepare business verification and ownership
For production use, make sure the business side is in order:
- complete business details in Business Manager
- start business verification if Meta requires it
- verify your business domain if needed
- ensure the correct business owns the app and WhatsApp assets
Meta approval and capability levels can be limited until business verification is complete.
## Step 5: Register a phone number
To use your own WhatsApp Business number:
1. In the app's WhatsApp section, choose to add or register a phone number.
2. Enter the display name you want Meta to review.
3. Choose the business category if prompted.
4. Enter the phone number in international format.
5. Choose SMS or voice call verification.
6. Enter the verification code sent by Meta.
### Important notes
- The number must not be actively tied to a consumer WhatsApp app session you still need.
- If the number is already in use elsewhere, migration/release steps may be required first.
- Display name approval can be immediate or delayed depending on the business status and naming choice.
## Step 6: Capture the values needed by WhatsHooked
After setup, collect and store these values:
- **Phone Number ID**
- **WhatsApp Business Account ID**
- **Access Token**
- **App ID**
- **App Secret** (if your flow requires it)
- **Webhook Verify Token** (your own chosen secret for webhook validation)
- **API Version** if you want to pin requests to a specific Graph API version
## Step 7: Configure webhook basics in Meta
If WhatsHooked is receiving inbound events from Meta:
1. Open the WhatsApp webhook configuration in the Meta app.
2. Enter your callback URL.
3. Enter your verify token.
4. Complete the webhook verification handshake.
5. Subscribe to the WhatsApp event fields you need.
Typical events include message and status updates.
## Step 8: Move from temporary to long-lived operational access
For real deployments, do not rely on temporary dashboard test tokens forever.
Recommended direction:
- create the proper business/system-user setup in Business Manager
- generate a token suitable for server-side integration
- store the token securely
- document rotation procedures
## Suggested WhatsHooked documentation/config fields
A Meta account configuration in WhatsHooked will usually need some combination of:
- account name
- phone number id
- business account id
- access token
- verify token
- app secret (optional depending on implementation)
- API version
## Common pitfalls
- Wrong business account linked to the app
- Using an expired temporary access token
- Number already attached to another WhatsApp setup
- Webhook verify token mismatch
- Missing business verification for production scenarios
- Missing API version pinning when Meta changes defaults
## Approval checklist before production
- Business account created
- App created
- WhatsApp product enabled
- Business details completed
- Number registered and verified
- Display name approved
- Webhook verified
- Long-lived credentials stored securely
- Test send and receive flow confirmed