WhatsApp Business API MCP Tools
WhatsApp Business API MCP tools follow official number, business profile, contacts, segments, consent, team inbox, 24-hour session, template approval, broadcast, interactive button, auto-reply, webhook, delivery reporting, and audit workflows.
Read WhatsApp Business API, webhook, send limit, 24-hour window, template, and approval settings.
Read-only. No approval required.
Do not expose Meta access tokens, webhook secrets, app secrets, or phone number private credentials.
whatsapp.phone_numbers.list
readList official WhatsApp numbers, display names, quality rating, messaging tier, and connection state.
Read-only. No approval required.
Hide verification details and provider identifiers unless admin role is present.
whatsapp.business_profile.get
readRead business profile, address, website, category, description, opening hours, and official account state.
whatsapp.phone_numbers.list
Read-only. No approval required.
Do not expose account verification documents or Meta business manager secrets.
whatsapp.contacts.list
readList WhatsApp contacts, phone, tags, segments, consent, block state, and recent interaction.
Read-only. No approval required.
Mask phone and profile data according to customer-data permissions.
Read one contact profile, conversations, consent, subscription preference, purchase history, and CRM links.
Read-only. No approval required.
Keep contact data tenant-scoped and channel-consent scoped.
whatsapp.segments.list
readList customer segments, criteria, estimated audience, exclusions, and allowed template categories.
whatsapp.contacts.list, whatsapp.consent_records.list
Read-only. No approval required.
Segment counts must exclude opted-out, blocked, or invalid contacts.
whatsapp.consent_records.list
readList WhatsApp consent, opt-out, block state, source, timestamp, and allowed message categories.
Read-only. No approval required.
Consent state is authoritative for broadcasts and must not be bypassed.
whatsapp.conversations.list
readList conversations by state, owner, queue, last message, unread, SLA, or 24-hour window.
Read-only. No approval required.
Only return conversations available to the requester or assigned team.
whatsapp.conversation.get
readRead messages, attachments, button replies, assignment, CRM context, orders, and handling history.
whatsapp.conversations.list
Read-only. No approval required.
Mask private staff notes and attachment URLs unless authorized.
whatsapp.inbox_assignments.list
readList team inbox queues, owners, routing rules, handover history, and open conversations.
whatsapp.conversations.list
Read-only. No approval required.
Do not reveal conversations assigned to restricted queues.
whatsapp.templates.list
readList approved, pending, rejected, paused, and multilingual Meta message templates.
Read-only. No approval required.
Do not use unapproved templates for outbound business-initiated messages.
whatsapp.template.get
readRead template copy, variables, media, buttons, language, category, review reason, and quality state.
Read-only. No approval required.
Show rejected reasons without exposing Meta internal tokens or reviewer data.
whatsapp.template_quality.get
readRead template quality, block rate, report rate, pause risk, and send restrictions.
Read-only. No approval required.
Quality data should guide throttling and must not be edited by reads.
whatsapp.broadcasts.list
readList broadcast drafts, audience, template, schedule, approval, send state, and failure reasons.
whatsapp.segments.list, whatsapp.templates.list
Read-only. No approval required.
Audience counts must exclude opt-outs and contacts without required consent.
Read FAQ, auto-reply, keyword, journey, button nodes, and fallback flows.
Read-only. No approval required.
Draft automation should not answer customers until enabled through approval.
whatsapp.keyword_rules.list
readList keywords, intents, replies, routing queues, trigger conditions, and priority.
Read-only. No approval required.
Avoid exposing internal routing logic to customer-facing users.
whatsapp.webhook_logs.list
readList inbound, status update, template review, and delivery receipt webhook logs and errors.
Read-only. No approval required.
Mask webhook payload PII and secrets; retain replay boundaries.
whatsapp.opt_outs.list
readList opt-outs, blocks, STOP keywords, complaints, and suppression list.
whatsapp.consent_records.list
Read-only. No approval required.
Suppression list must be enforced before any broadcast or campaign send.
whatsapp.media_assets.list
readList images, documents, videos, template header media, dimensions, and review state.
Read-only. No approval required.
Only return signed asset references and check Meta media policy.
whatsapp.message_delivery.list
readList message sent, delivered, read, failed, reply, click, and error codes.
whatsapp.broadcasts.list or whatsapp.conversation.get
Read-only. No approval required.
Do not expose other customers' message state outside authorized reports.
whatsapp.conversation_summary.get
readRead response time, SLA, open conversations, routing volume, resolution rate, and staff workload.
whatsapp.conversations.list, whatsapp.inbox_assignments.list
Read-only. No approval required.
Aggregate staff metrics unless manager permission allows individual detail.
whatsapp.campaign_report.get
readRead broadcast delivery, read, reply, button click, conversion, opt-out, and cost summary.
whatsapp.broadcasts.list, whatsapp.message_delivery.list
Read-only. No approval required.
Respect attribution boundaries and avoid exposing individual behavior unnecessarily.
whatsapp.policy_rules.get
readRead Meta template category, consent, opt-out, 24-hour window, frequency, and approval rules.
Read-only. No approval required.
Policy rules must be treated as guardrails for every send and automation write.
whatsapp.audit_logs.list
readRead audit logs for contacts, consent, templates, broadcasts, conversations, routing, automation, and webhooks.
whatsapp.contact.get or whatsapp.broadcasts.list
Read-only. No approval required.
Audit logs must be immutable and restricted to admin/compliance roles.
whatsapp.template_submit.preview
previewPreview template category, copy, variables, buttons, media, language, and Meta review risk.
whatsapp.template.get, whatsapp.policy_rules.get, whatsapp.media_assets.list
Approval required before submitting or resubmitting a Meta template.
Detect prohibited claims, wrong category, missing variables, and policy mismatch.
whatsapp.broadcast.preview
previewPreview broadcast audience, consent, template, variables, schedule, cost, frequency, and opt-out risk.
whatsapp.segments.list, whatsapp.consent_records.list, whatsapp.template.get, whatsapp.policy_rules.get
Human approval required before any bulk or campaign send.
Exclude opt-outs, blocked numbers, invalid contacts, and unapproved templates.
whatsapp.session_message.preview
previewPreview customer-care-window message, attachment, button, recipient, and context.
whatsapp.conversation.get, whatsapp.policy_rules.get
Approval required for sensitive, payment, or policy-changing replies.
Block free-form business-initiated sends outside the 24-hour session window.
whatsapp.automation_change.preview
previewPreview auto-reply, keyword, routing, fallback, button, and affected conversation flows.
whatsapp.flows.list, whatsapp.keyword_rules.list, whatsapp.policy_rules.get
Approval required before automation becomes live.
Prevent loops, wrong queue routing, misleading replies, and unapproved template sends.
whatsapp.contact_import.preview
previewPreview contact import dedupe, phone format, consent source, segment, opt-out exclusion, and errors.
whatsapp.contacts.list, whatsapp.consent_records.list, whatsapp.opt_outs.list
Approval required before bulk contact import or consent update.
Do not import contacts without traceable consent source.
whatsapp.order_payment_message.preview
previewPreview in-chat order, payment link, product data, customer data, and outbound message.
whatsapp.conversation.get, whatsapp.contact.get, whatsapp.session_message.preview
Approval required before creating order or sending payment link.
Confirm customer identity and avoid exposing payment links to wrong conversations.
whatsapp.handover.preview
previewPreview conversation assignment, handover, queue, SLA, internal note, and notification impact.
whatsapp.conversation.get, whatsapp.inbox_assignments.list
Approval required for restricted queues or bulk reassignment.
Do not expose private notes to customers and preserve handover history.
whatsapp.contact.upsert
writeCreate or update contact, name, phone, CRM link, tags, language, and preferences.
whatsapp.contact.get or whatsapp.contacts.list
Approval required for sensitive identity or phone changes.
Deduplicate by normalized phone and preserve consent history.
whatsapp.contact.import
writeBulk import contacts, segments, tags, and consent sources.
whatsapp.contact_import.preview
Approval required before bulk import.
Reject rows without valid phone or traceable consent.
whatsapp.segment.upsert
writeCreate or update segment criteria, exclusions, sync rules, and usage.
whatsapp.segments.list, whatsapp.broadcast.preview
Approval required when segment affects active or scheduled broadcasts.
Keep opt-outs excluded and prevent accidental all-customer targeting.
whatsapp.consent.update
writeUpdate consent, opt-out, block, source, category, and timestamp.
whatsapp.consent_records.list, whatsapp.opt_outs.list
Approval required for bulk consent changes or opt-out reversal.
Never override opt-out without verified customer action and audit record.
whatsapp.conversation.assign
writeAssign, hand over, or reassign conversation to queue, team, or owner.
whatsapp.handover.preview
Approval required for restricted queue transfers or bulk changes.
Preserve handover history and do not notify customers with internal notes.
whatsapp.session_message.send
writeSend text, attachment, button, or service reply inside the 24-hour customer-care window.
whatsapp.session_message.preview
Approval required for sensitive or payment-related replies.
Block session messages outside active customer-care window unless template is used.
whatsapp.template_draft.upsert
writeCreate or update template draft, variables, media, buttons, languages, and category.
whatsapp.template_submit.preview
Approval required before customer-facing use or Meta submission.
Validate variables and category before storing submit-ready draft.
whatsapp.template.submit
writeSubmit template to Meta review or resubmit a corrected version.
whatsapp.template_submit.preview
Explicit approval required before submission.
Use preview as contract and store Meta review response in audit.
whatsapp.broadcast.create
writeCreate broadcast draft, audience, template, variables, exclusions, and objective.
whatsapp.broadcast.preview
Approval required before scheduling or sending.
Do not create executable broadcast without approved template and consent-filtered audience.
whatsapp.broadcast.schedule
writeSchedule approved broadcast send time, throttling, batches, and fallback.
whatsapp.broadcast.preview, whatsapp.broadcasts.list
Human approval required before execution.
Recheck template approval, quality rating, consent, and opt-out state before send.
whatsapp.flow.upsert
writeCreate or update FAQ, auto-reply, button flow, routing, and fallback.
whatsapp.automation_change.preview
Approval required before flow is active.
Prevent loops, stale pricing, and policy-violating replies.
whatsapp.keyword_rule.upsert
writeCreate or update keyword, intent, reply, routing queue, and priority.
whatsapp.automation_change.preview
Approval required before live routing or replies change.
Avoid matching overly broad keywords that misroute customers.
whatsapp.auto_reply.enable
writeEnable, disable, or adjust active scope and schedule for auto-reply flows.
whatsapp.automation_change.preview
Approval required before activation or deactivation.
Check fallback and human handover path before enabling.
whatsapp.conversation.close
writeClose resolved conversation with outcome, tags, SLA, and follow-up.
whatsapp.conversation.get
Approval required for complaint, payment, or escalation closures.
Do not close unresolved or active escalation conversations without owner confirmation.
whatsapp.order.create_from_chat
writeCreate order from chat with customer, products, quantities, prices, and notes.
whatsapp.order_payment_message.preview
Approval required before creating order from conversation.
Confirm customer identity, product, price, and stock/source system before write.
whatsapp.payment_link.send
writeSend approved order or invoice payment link into a conversation.
whatsapp.order_payment_message.preview
Approval required before sending payment link.
Use short-lived links and verify recipient conversation before send.
whatsapp.media_asset.upload
writeUpload images, documents, videos, and metadata for templates or conversations.
whatsapp.media_assets.list, whatsapp.template_submit.preview
Approval required before media is used in approved templates or broadcasts.
Scan files and validate Meta media size/type policy.
Apply tag, segment signal, or follow-up state to contact or conversation.
whatsapp.contact.get, whatsapp.conversation.get
Approval required for bulk tags that affect campaigns or routing.
Avoid tags that imply consent unless consent update is explicitly recorded.
whatsapp.webhook.retry
writeRetry failed webhook processing for inbound messages, delivery state, or template review.
whatsapp.webhook_logs.list
Approval required for bulk replay or state-changing webhook retry.
Use idempotency keys and never replay already-applied customer actions.
whatsapp.action_request.status
statusCheck status for WhatsApp writes, previews, or approval requests without re-executing actions.
Read-only status lookup. No approval required.
Return status and audit references only; never replay sends, broadcasts, or webhook writes.