The issue

I am trying to setup a flow with WhatsApp Business API but am unable to complete the decryption of the key as part of the endpoint healthcheck.

I get this error: Encryption/decryption failed

in decrypt_request     aes_key = private_key.decrypt(encrypted_aes_key, OAEP(mgf=MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) ValueError: Encryption/decryption failed. 

How to reproduce the issue

Below are the steps I followed, as per the docs here and here:

1. Set up the flows endpoint.

2. Generate 2048-bit RSA Key Pair.

openssl genrsa -des3 -out private.pem 2048 

The key looks like this:

-----BEGIN ENCRYPTED PRIVATE KEY----- AAA........ BBB.... .... -----END ENCRYPTED PRIVATE KEY----- 

1. Export the RSA Public Key to a file:

openssl rsa -in private.pem -outform PEM -pubout -out public.pem 

1. Set business public key.

curl -X POST \   'https://graph.facebook.com/v21.0/PHONE_NUMBER_ID/whatsapp_business_encryption' \   -H 'Authorization: Bearer ACCESS_TOKEN' \   -H 'Content-Type: application/x-www-form-urlencoded' \   --data-urlencode 'business_public_key=-----BEGIN PUBLIC KEY----- AAA BBB CCC -----END PUBLIC KEY-----' 

1. Create encryption/decryption code:

import json import os from base64 import b64decode, b64encode from cryptography.hazmat.primitives.asymmetric.padding import OAEP, MGF1, hashes from cryptography.hazmat.primitives.ciphers import algorithms, Cipher, modes from cryptography.hazmat.primitives.serialization import load_pem_private_key from fastapi import HTTPException, Request import logging # Load the private key string # PRIVATE_KEY = os.environ.get('PRIVATE_KEY') PRIVATE_KEY_PATH = "./private.pem" with open(PRIVATE_KEY_PATH, "rb") as pem_file:          PRIVATE_KEY = pem_file.read().decode("utf-8") async def data(request: Request):     try:         # Parse the request body         body = json.loads(await request.body())         logging.info(f"body = {body}")         # Read the request fields         encrypted_flow_data_b64 = body['encrypted_flow_data']         encrypted_aes_key_b64 = body['encrypted_aes_key']         initial_vector_b64 = body['initial_vector']         decrypted_data, aes_key, iv = await decrypt_request(             encrypted_flow_data_b64, encrypted_aes_key_b64, initial_vector_b64)         print(decrypted_data)         # Return the next screen & data to the client         response = {             "screen": "SCREEN_NAME",             "data": {                 "some_key": "some_value"             }         }         # Return the response as plaintext         return await encrypt_response(response, aes_key, iv)     except Exception as e:         print(e)         raise HTTPException(status_code=500, detail="Internal Server Error") async def decrypt_request(encrypted_flow_data_b64, encrypted_aes_key_b64, initial_vector_b64):     flow_data = b64decode(encrypted_flow_data_b64)     iv = b64decode(initial_vector_b64)     # Decrypt the AES encryption key     encrypted_aes_key = b64decode(encrypted_aes_key_b64)     private_key = load_pem_private_key(         PRIVATE_KEY.encode("utf-8"), password=os.getenv("PASSPHRASE").encode('utf-8'))     aes_key = private_key.decrypt(encrypted_aes_key, OAEP(         mgf=MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None))     # Decrypt the Flow data     encrypted_flow_data_body = flow_data[:-16]     encrypted_flow_data_tag = flow_data[-16:]     decryptor = Cipher(algorithms.AES(aes_key),                        modes.GCM(iv, encrypted_flow_data_tag)).decryptor()     decrypted_data_bytes = decryptor.update(         encrypted_flow_data_body) + decryptor.finalize()     decrypted_data = json.loads(decrypted_data_bytes.decode("utf-8"))     return decrypted_data, aes_key, iv async def encrypt_response(response, aes_key, iv):     # Flip the initialization vector     flipped_iv = bytearray()     for byte in iv:         flipped_iv.append(byte ^ 0xFF)     # Encrypt the response data     encryptor = Cipher(algorithms.AES(aes_key),                        modes.GCM(flipped_iv)).encryptor()     return b64encode(         encryptor.update(json.dumps(response).encode("utf-8")) +         encryptor.finalize() +         encryptor.tag     ).decode("utf-8") 

1. Trigger the health check from https://business.facebook.com/latest/whatsapp_manager/flows

Can someone tell me what I'm doing wrong?

Hello, I have created a facebook account with email ID: [...] and have add the phone number: [...] in the whatsapp business platform. Since the facebook account didn't meet the community standard, it is disabled permanently now after appeal. Now I am not able to remove the phone number: [...] from the whatsapp business platform since the facebook account is disabled. Please help to remove the phone number from the whatsapp business platform which associated with the disabled facebook account.

We're experiencing a critical issue with the WhatsApp Business Platform Cloud API where customers using the latest iOS version of WhatsApp are unable to select shipping addresses during checkout. This issue is specifically affecting our order completion process.
Key Points: - The shipping address selection interface is completely unresponsive on iOS devices - The same functionality works correctly on Android devices and older WhatsApp versions - This is blocking our customers from completing their orders - Order ID Reference: skygoal-402953 - Business Phone Number: +91 91***1 910
Technical Environment: - Integration: WhatsApp Cloud API - Platform: iOS WhatsApp (Latest Version) - Implementation: Standard shipping address selection flow - Issue Occurrence: 100% reproduction rate on latest iOS devices
Business Impact: This issue is preventing iOS users from completing their purchases, directly affecting our business operations and customer experience.
We request urgent investigation and resolution of this issue as it's affecting our business operations.

I created a webhook and added the business number. My webhook is correctly verified and is receiving test messages sent from the dashboard, however when I send whatsapp messages to the business number, the webhook does not receive them.

I tried to follow this suggestion https://stackoverflow.com/questions/79175537/whatsapp-business-api-messages-webhook-not-triggering-even-with-manual-testin, however if I try to do the curl

 curl -X POST \ 'https://graph.facebook.com/v21.0/WHATSAPP_BUSINESS_ACCOUNT_ID/subscribed_apps' \ -H 'Authorization: Bearer ACCESS_TOKEN' 

using as ACCESS_TOKEN the temporary access token generated in the whatsapp facebook page, I get the error:

"Unsupported get request. Object with ID 'my-id' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation".

I don't know what to do next, if anyone has anything to suggest any help is appreciated!

We suddenly started facing this outage. For the past week our whole Whatsapp communication is down. We have an outbound throughput of ~3k messages/day which all are failing. We tried to create new template, whatsapp account and even added a new number. Nothing worked. It is very difficult to reach out to Meta Support to get any developer help. Probably we might have to run an ad campaign on facebook/insta to get some attention I guess :)
{ "error": { "message": "(#135000) Generic user error", "type": "OAuthException", "code": 135000, "error_data": { "messaging_product": "whatsapp", "details": "Generic user error" }, "fbtrace_id": "ATOjiv6quaciqRzMUGNDDJh" } }