Authentication

Send OTP

Send a One-Time Password (OTP) via WhatsApp.

GET
https://api.wawp.net/v2/auth/otp/send?access_token=YOUR_TOKEN&chatId=201XXXXXXXXX&footer=Secured+by+Wawp&instance_id=YOUR_INSTANCE&lang=ar

Authentication Required

Login to swap the placeholders with your real Instance ID and Access Token.

Log In
Test /v2/auth/otp/send endpoint
GETPOST

No query parameters required

This endpoint doesn't expect data in the URL.

Seamless Authentication: The Wawp Authenticator Strategy

Transform your platform's user experience by replacing expensive SMS logic or slow Email verification with instant, secure WhatsApp OTPs. This endpoint powers a global-ready Identity Management flow.

Global Multi-Language Support 🌍

Our system supports 26+ global languages natively. When you specify a 'lang' parameter, the system automatically selects one of 5 different message templates for that language to ensure variety and security.

CodeLanguageCodeLanguage
enEnglish (Default)arArabic
frFrenchesSpanish
ptPortuguesedeGerman
itItaliantrTurkish
idIndonesianhiHindi
ruRussianjaJapanese
koKoreanzhChinese
nlDutchplPolish
viVietnamesethThai
msMalayfaPersian
urUrdubnBengali
elGreekroRomanian
svSwedishukUkrainian

🚀 Additional Context (Performance & Security)

  • Universal Auth: This endpoint is universal. It accepts credentials via Headers (Authorization: Bearer), JSON Body, or Query parameters.
  • Anti-Spam Shield (60s): Strictly enforced 60-second cooldown per recipient to prevent automated abuse and protect your sender reputation.
  • Subscription Aware: Systems automatically detect your plan. Unlimited users bypass local rate-limiting queues for immediate dispatch.
  • Validations: Automatically formats and validates phone numbers before dispatching to ensure high success rates.

Anti-Ban & Deliverability Engine 🛡️

We utilize advanced heuristics to protect your WhatsApp numbers from being flagged:

  1. Template Rotation: Every request picks a random phrasing among 5 variations.
  2. Mathematical Uniqueness: Every message includes a unique invisible/visible transaction ID to prevent hash-matching by WhatsApp.
  3. Smart Delays: Messages are queued with random millisecond delays (3-8 seconds) to mimic human typing patterns.

Request Parameters

Configure the parameters required to interact with this endpoint. All query and body arguments are listed below with their details.

URL Parameters

Passed in the URL query string
string

Your unique WhatsApp Instance ID

Example:
string

Your API Access Token

Example:
string

The recipient's valid phone number (International format).

Example:
string

Language code (Default: en).

Example:
string

Optional custom text to append to the message.

Example:

Request Samples

Use these ready-to-go code snippets to integrate our API into your project quickly and efficiently. Choose your preferred language and library.

1const baseUrl = "https://api.wawp.net";
2const endpoint = "/v2/auth/otp/send";
3const params = new URLSearchParams({
4  "instance_id": "YOUR_INSTANCE",
5  "access_token": "YOUR_TOKEN",
6  "chatId": "201XXXXXXXXX",
7  "lang": "ar",
8  "footer": "Secured by Wawp"
9}).toString();
10
11
12fetch(`${baseUrl}${endpoint}${params ? '?' + params : ''}`, {
13  method: "GET",
14  headers: { "Content-Type": "application/json" },
15  
16})
17  .then(async (response) => {
18    if (response.ok) {
19      const data = await response.json();
20      console.log("Success:", data);
21      return data;
22    }
23    
24    // Error Handling
25    if (response.status === 401) {
26      console.error("Error 401: Unauthorized - Invalid access_token");
27    }
28    if (response.status === 429) {
29      console.error("Error 429: Rate Limit Exceeded - Recipient protection");
30    }
31
32    const errorText = await response.text();
33    console.error(`Error ${response.status}: ${errorText}`);
34  })
35  .catch((error) => console.error("Network Error:", error));
Interactive Samples
Ln 35, Col 1javascript

Expected Responses

Explore all possible responses and outcomes from the server. We have documented each status code with data examples to make success and error handling easier.

OTP sent successfully
application/json
string *
string *
number *
string *

Example

{
"code": "success",
"message": "Verification code sent successfully",
"expires_in": 300,
"job_id": "send_123_456"
}
Unauthorized - Invalid access_token
Rate Limit Exceeded - Recipient protection
Previous TopicGet QR Image
Next TopicVerify OTP

Command Palette

Search for a command to run...