Skip to main content
Meta requires any company that resells WhatsApp Business APIs to register as a Tech Provider and comply with the Tech Provider Terms. This guide walks you through the architecture, prerequisites, Meta configuration, Embedded Signup implementation, and API reference for integrating with Plivo as the underlying BSP.

Overview and architecture

Three-layer model

WhatsApp’s Multi-Partner Solution uses a three-layer model. Meta sits at the top as the platform owner, Plivo operates as the BSP (Business Solution Provider) in the middle, and you operate as the Tech Provider that serves your customers.

Multi-Partner Solution — who controls what

Prerequisites

What you need (Tech Provider requirements)

Before you begin the integration, make sure you have the following in place.

What Plivo sets up

Once you share your Meta App details, Plivo configures the following on the backend.
Do not begin the Embedded Signup implementation until both your Meta Business Verification and Multi-Partner Solution approval are complete. Starting before both are confirmed can cause onboarding failures that are difficult to reverse.

Setup steps — Meta configuration

3.1 Create a Meta App and add WhatsApp

Follow these steps to create your Meta App and add the WhatsApp product.
  1. Go to developers.facebook.com and log in with your Meta Developer Account.
  2. Click Create App and select the app type Business.
  3. Enter your app name and contact email, then select the Meta Business Portfolio you verified earlier.
  4. On the app dashboard, find WhatsApp in the product list and click Set Up.
  5. Confirm that the WhatsApp product appears in the left sidebar of your app dashboard.
You do not need to configure a WhatsApp phone number or WABA in your own app. Your app serves as the container for the Embedded Signup flow that your customers complete.

3.2 Create a Multi-Partner Solution

  1. In your Meta App dashboard, navigate to WhatsApp > Multi-Partner Solutions.
  2. Click Create Solution and give it a descriptive name (for example, “Plivo WhatsApp Integration”).
  3. Select Plivo as the BSP partner from the list.
  4. Submit the solution request. Plivo receives a notification and accepts the request on the backend.
  5. Wait for confirmation from Plivo that the Multi-Partner Solution is active before proceeding.

3.3 Configure Facebook Login for Business

  1. In your Meta App dashboard, go to Facebook Login for Business in the left sidebar. If you do not see it, click Add Product and add it.
  2. Click Settings under Facebook Login for Business.
  3. Under Login Type, select WhatsApp Embedded Signup.
  4. Configure the Redirect URI to point to your backend endpoint that handles the OAuth callback.
  5. Save your settings and note the Config ID generated on this page. You need this value for the frontend JavaScript SDK integration.
  6. Under Permissions, ensure that whatsapp_business_messaging and whatsapp_business_management are listed.
The Config ID is specific to your Facebook Login for Business configuration. You pass this value to the FB.login() call in your frontend code. Do not confuse it with your Meta App ID.

3.4 App Review submission

Submit your Meta App for App Review to gain production access. You must request two permissions and provide a screen-recorded demo video for each. Video guidelines:
  • Each video must demonstrate the full end-to-end flow, from your application’s UI to the API call and the result.
  • Use a real test WABA (not a mock) for the demo.
  • Keep each video under 5 minutes.
  • Upload the videos as part of the App Review submission at App Review > Requests in your Meta App dashboard.
Meta typically reviews App Review submissions within 5 business days. You cannot use the Embedded Signup flow in production until Meta approves your app.

Embedded Signup implementation

4.1 Full Embedded Signup flow

The Embedded Signup flow involves coordinated actions between your frontend, your backend, Meta, and Plivo. Here is the complete sequence.

4.2 JavaScript SDK integration

Add the following code to your onboarding page to load the Meta SDK and trigger the Embedded Signup flow.
Replace YOUR_META_APP_ID with your actual Meta App ID and YOUR_CONFIG_ID with the Config ID from your Facebook Login for Business settings (step 3.3).

4.3 Backend — exchange code and share WABA

Your backend performs two steps after receiving the authorization code and session info from the frontend. Step A: Validate the authorization code with Meta Call the Meta Graph API debug_token endpoint to validate the code and retrieve the associated WABA details.
The response confirms the code is valid and returns metadata including the scopes granted. If you already received the WABA ID, phone number ID, and business ID from the sessionInfoVersion: 2 response in step 4.1, you can use those values directly. Step B: Call the Plivo Embedded Signup API Send a POST request to the Plivo Embedded Signup endpoint with the WABA ID, phone number ID, and business ID. This tells Plivo to onboard the WABA, attach it to the credit line, register webhooks, and activate the phone number for messaging.
Replace {auth_id} and {auth_token} with the API credentials Plivo provided for your Tech Provider sub-account.

Embedded Signup API reference

Endpoint

Authentication

Use HTTP Basic Authentication with your Plivo Auth ID as the username and Auth Token as the password. These credentials are scoped to your Tech Provider sub-account.

Request parameters

waba_id
string
required
The WhatsApp Business Account ID returned by the Embedded Signup flow. This is the WABA that your customer created or selected during the signup dialog.
business_id
string
required
The Meta Business ID associated with your customer’s Meta Business Portfolio. Returned by the Embedded Signup flow.
phone_number_id
string
required
The phone number ID registered during the Embedded Signup flow. This is the WhatsApp-enabled phone number your customer verified with an OTP.
client_ref
string
An optional reference string you can use to map this WABA to your internal customer identifier. Maximum 64 characters.

Sample request

Success response

HTTP 200 OK

Error responses

HTTP 401 Unauthorized Returned when the Auth ID or Auth Token is invalid or missing.
HTTP 403 Forbidden Returned when your account does not have Tech Provider permissions or WhatsApp is not enabled.
HTTP 400 Bad Request Returned when request parameters are missing or invalid. The following table lists common scenarios.
HTTP 500 Internal Server Error Returned when an unexpected error occurs on the server side. Retry the request after a short delay. If the error persists, contact Plivo support.

HTTP status summary