WhatsApp Cloud API Integration: Generating Permanent Access Token

July 14, 2022
Cloud Peritus
WhatsApp Cloud API Integration: Generating Permanent Access Token

Use Case 

Allow me to set the scene, you have stumbled upon Cloud Peritus’ blog, quite fortunately I should add, and you have succeeded in setting up a WhatsApp API connection between Salesforce and WhatsApp (Good for you!). You completed this yesterday and today when trying to send a message, you are struck by a need to authenticate using a 24-hour token as it got expired. This is the worst calamity to strike in the entirety of your existence! But step away from the preverbal ledge of despair as we walk you through how to set up a permanent, your read it right, a PERMANENT access token. Now wipe away those tears, or if you are a yeller have some honey tea, and let’s get down to it. 

Login to your Facebook Developer Account and go to My Apps.

This navigates you to the Apps page where we see the Apps that are already set up. 

On the App card, select the Test Business hyperlink under Business or navigate to the Business Settings Page and select your Business Account to navigate to Business Settings. 

Go to System Users under the Users section in left navigation and click on the Add button to create a System User. 

Provide the System Username, System User Role, and click on Create System User. Once the System User is created, click on the Add Assets button. This is to assign the configured WhatsApp application to the System User that we just created.

On the pop-up that appears, Select App > Select App Name (Demo in our case) and enable Manage App Full Control to give complete access to the App and Save Changes.

Now, click on Generate New Token button.

Select your app from the drop-down (Demo in our case) on the pop-up that appears.

Once you select the App, you will see a list of available permissions. Enable the whatsapp_business_management and whatsapp_business_messaging permissions, and click on Generate Token.

Now, the token will be generated and this token will not expire until or unless you click on the revoke token button. From now onwards we can use this token in the API instead of a temporary access token.

We can also verify the token's scope from the Facebook Access Token Debugger tool.


And that’s how the 24 hour authentication token met its natural demise. Well, not entirely, and maybe you are into the 24 hour thing (judgment free zone) but our excellent developers have shown you a way to create a permanent token. This allows for easier integration between WhatsApp and Salesforce, and if that isn’t the best thing you have heard today then you must be hearing a lot of good news!...Yeah…Anyway, be sure to come back soon for more ways to integrate WhatsApp with Salesforce and more general excellence from our outstanding developers.  

If you are interested in learning more about how we can address your complex business needs through our innovation and thought leadership, please reach out to or visit our website


Pavan Kumar Tavva

Pavan Kumar Tavva

Associate Software Engineer at Cloud Peritus
Tim Kern

Tim Kern

Business Analyst at Cloud Peritus with a focus on Hitech and Financial Services.