It seems that the usual use case when using Whatsapp business api is customers initiating conversations with a business from their personal Whatsapp account, and the business can reply with automated messages such as order status. But does it support the use case of customers using a chatbot on a website, then escalating to human support with agents who are using Whatsapp business? In other words, the API is being used to communicate with agents of the business, rather than their customers.

There seems to be a limitation that the Whatsapp user has to send the first message before the business can reply. This makes sense for the first use case where a customer will usually be initiating something like getting an order update, but not for the case where you want to send a question from a customer in the chatbot to the agent in Whatsapp.

Whatsapp business does support the idea of multiple agents dealing with conversations, but can these conversations be created with the API as if coming from customers?

I want to print dynamic multiline text in whatsapp messages. The messages are sent via Facebook Graph API. I have used the \\n character to insert a new line. See request below.

Request:

POST https://graph.facebook.com/v20.0/XXXXXXXXXXXXXXXX/messages Content Type: application/json; charset=UTF-8 Body: {"messaging_product":"whatsapp","to":"XXXXXXXXXXX","type":"template","template":{"language":{"code":"en"},"name":"order_updated_message","components":[{"type":"body","parameters":[{"type":"text","text":"Jon Doe"},{"type":"text","text":2},{"type":"text","text":" *1. Wrapped Plate, 8 in | 1 Pc*\\nRate: 3.000\\nQty: 8000\\nAmount: 24000.00\\n\\n *2. Bottle Brush | 1 Pc*\\nRate: 18.644\\nQty: 11\\nAmount: 242.00"},{"type":"text","text":24242.00},{"type":"text","text":"John Lee"},{"type":"text","text":"+91XXXXXXXXX"}]}]}} 

The request succeeded till a few days ago, but then kept failing. See the failure response below.

Response:

HTTP Status: 400 Bad Request {     "error": {         "message": "(#100) Invalid parameter",         "type": "OAuthException",         "code": 100,         "error_data": {             "messaging_product": "whatsapp",             "details": "Param text cannot have new-line/tab characters or more than 4 consecutive spaces"         },         "fbtrace_id": "XXXXXXXXXXXXXXXXXXXX"     } } 

If I remove the \\n character, the request succeeds. So Im assuming the failure is caused by \\n itself.

I also tried replacing \\n with the following:

• \n --> same error
• \u000A --> same error
• %0A --> character displayed as it is. (No new-line)

Can you tell me what has gone wrong?

Note: The message body contains our customer's ordered items. The number of items can vary by order and hence the number of lines can vary in each message. Thus, I cannot add new lines in the message template.

The issue

I am trying to setup a flow with WhatsApp Business API but am unable to complete the decryption of the key as part of the endpoint healthcheck.

I get this error: Encryption/decryption failed

in decrypt_request     aes_key = private_key.decrypt(encrypted_aes_key, OAEP(mgf=MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None)) ValueError: Encryption/decryption failed. 

How to reproduce the issue

Below are the steps I followed, as per the docs here and here:

1. Set up the flows endpoint.

2. Generate 2048-bit RSA Key Pair.

openssl genrsa -des3 -out private.pem 2048 

The key looks like this:

-----BEGIN ENCRYPTED PRIVATE KEY----- AAA........ BBB.... .... -----END ENCRYPTED PRIVATE KEY----- 

1. Export the RSA Public Key to a file:

openssl rsa -in private.pem -outform PEM -pubout -out public.pem 

1. Set business public key.

curl -X POST \   'https://graph.facebook.com/v21.0/PHONE_NUMBER_ID/whatsapp_business_encryption' \   -H 'Authorization: Bearer ACCESS_TOKEN' \   -H 'Content-Type: application/x-www-form-urlencoded' \   --data-urlencode 'business_public_key=-----BEGIN PUBLIC KEY----- AAA BBB CCC -----END PUBLIC KEY-----' 

1. Create encryption/decryption code:

import json import os from base64 import b64decode, b64encode from cryptography.hazmat.primitives.asymmetric.padding import OAEP, MGF1, hashes from cryptography.hazmat.primitives.ciphers import algorithms, Cipher, modes from cryptography.hazmat.primitives.serialization import load_pem_private_key from fastapi import HTTPException, Request import logging # Load the private key string # PRIVATE_KEY = os.environ.get('PRIVATE_KEY') PRIVATE_KEY_PATH = "./private.pem" with open(PRIVATE_KEY_PATH, "rb") as pem_file:          PRIVATE_KEY = pem_file.read().decode("utf-8") async def data(request: Request):     try:         # Parse the request body         body = json.loads(await request.body())         logging.info(f"body = {body}")         # Read the request fields         encrypted_flow_data_b64 = body['encrypted_flow_data']         encrypted_aes_key_b64 = body['encrypted_aes_key']         initial_vector_b64 = body['initial_vector']         decrypted_data, aes_key, iv = await decrypt_request(             encrypted_flow_data_b64, encrypted_aes_key_b64, initial_vector_b64)         print(decrypted_data)         # Return the next screen & data to the client         response = {             "screen": "SCREEN_NAME",             "data": {                 "some_key": "some_value"             }         }         # Return the response as plaintext         return await encrypt_response(response, aes_key, iv)     except Exception as e:         print(e)         raise HTTPException(status_code=500, detail="Internal Server Error") async def decrypt_request(encrypted_flow_data_b64, encrypted_aes_key_b64, initial_vector_b64):     flow_data = b64decode(encrypted_flow_data_b64)     iv = b64decode(initial_vector_b64)     # Decrypt the AES encryption key     encrypted_aes_key = b64decode(encrypted_aes_key_b64)     private_key = load_pem_private_key(         PRIVATE_KEY.encode("utf-8"), password=os.getenv("PASSPHRASE").encode('utf-8'))     aes_key = private_key.decrypt(encrypted_aes_key, OAEP(         mgf=MGF1(algorithm=hashes.SHA256()), algorithm=hashes.SHA256(), label=None))     # Decrypt the Flow data     encrypted_flow_data_body = flow_data[:-16]     encrypted_flow_data_tag = flow_data[-16:]     decryptor = Cipher(algorithms.AES(aes_key),                        modes.GCM(iv, encrypted_flow_data_tag)).decryptor()     decrypted_data_bytes = decryptor.update(         encrypted_flow_data_body) + decryptor.finalize()     decrypted_data = json.loads(decrypted_data_bytes.decode("utf-8"))     return decrypted_data, aes_key, iv async def encrypt_response(response, aes_key, iv):     # Flip the initialization vector     flipped_iv = bytearray()     for byte in iv:         flipped_iv.append(byte ^ 0xFF)     # Encrypt the response data     encryptor = Cipher(algorithms.AES(aes_key),                        modes.GCM(flipped_iv)).encryptor()     return b64encode(         encryptor.update(json.dumps(response).encode("utf-8")) +         encryptor.finalize() +         encryptor.tag     ).decode("utf-8") 

1. Trigger the health check from https://business.facebook.com/latest/whatsapp_manager/flows

Can someone tell me what I'm doing wrong?

I created a webhook and added the business number. My webhook is correctly verified and is receiving test messages sent from the dashboard, however when I send whatsapp messages to the business number, the webhook does not receive them.

I tried to follow this suggestion https://stackoverflow.com/questions/79175537/whatsapp-business-api-messages-webhook-not-triggering-even-with-manual-testin, however if I try to do the curl

 curl -X POST \ 'https://graph.facebook.com/v21.0/WHATSAPP_BUSINESS_ACCOUNT_ID/subscribed_apps' \ -H 'Authorization: Bearer ACCESS_TOKEN' 

using as ACCESS_TOKEN the temporary access token generated in the whatsapp facebook page, I get the error:

"Unsupported get request. Object with ID 'my-id' does not exist, cannot be loaded due to missing permissions, or does not support this operation. Please read the Graph API documentation".

I don't know what to do next, if anyone has anything to suggest any help is appreciated!

I'm having a few issues with WhatsApp business API webhook. I've subscribed to the webhook under WhatsApp business account and turned on the messages event as well, but I don't get any notifications when the user sends a message to the business number.

I can say for sure that my server is setup properly to receive calls as the test webhook calls are reaching my server, but nothing when the user sends a message to the associated business number.

I have checked my access token as well for anything and it seems to have the proper permissions associated with in the access token debugger including whatsapp_business_management and whatsapp_business_messaging

Has anyone faced this before?

I have checked my access token as well for anything and it seems to have the proper permissions associated with in the access token debugger including whatsapp_business_management and whatsapp_business_messaging