One-tap autofill

Updated June 2026 5 min read

One-tap autofill puts a button on the OTP message. The user taps once and the code drops straight into your Android app — no typing, no copy-paste.

All guides
On this page

Quick facts

Delivery type
One-tap autofill
Works on
Android app users
User action
One tap
Needs
Package name + signing hash

WhatsApp one-tap autofill is an authentication delivery type where the OTP message shows a button; tapping it sends the code directly into your Android app and fills the login field automatically. It needs your app's package name and signing hash configured, and falls back to copy-code when autofill isn't available.

In simple language: One-tap autofill is an OTP button — the user taps it once and WhatsApp fills the code into your app for them, instead of them copying and pasting it.

Who should read this?

  • Teams with an Android app sending OTPs
  • Developers reducing OTP login friction
  • Owners comparing OTP delivery types

Typing a six-digit code is small friction, but at the login screen, small friction loses customers. One-tap autofill removes most of it: instead of asking the user to copy a code and paste it, the message shows a button like “Autofill”. The user taps it once, and WhatsApp drops the code straight into your app’s login field.

So the journey shrinks from read code → copy → switch app → paste down to a single tap.

A WhatsApp one-tap autofill authentication message showing the Autofill button

Example: a user requests a login code. The WhatsApp message arrives with an “Autofill” button; they tap it, your app opens with the code already filled, and they’re in.

One-tap autofill is an Android feature, because it relies on Android’s ability to link a message button to a specific installed app. When the user taps the button, Android verifies the app using its package name and signing hash, then opens it and passes the code in. Because this needs Android app-linking, it doesn’t work on iPhone or WhatsApp Web — those users fall back to copy-code automatically.

Creating a one-tap template

To set up one-tap, you create an authentication template with a POST request that describes its parts. The key pieces:

  • name — what you’ll call the template (up to 512 characters).
  • category — must be AUTHENTICATION.
  • language — the language code it’s approved in.
  • components — the body, footer and button, described below.

The body can switch on a security recommendation (add_security_recommendation), which adds the line “For your security, do not share this code.”

The footer can carry a code-expiry note (code_expiration_minutes, 1–90 minutes).

The button is where one-tap lives. You set:

FieldRequired?What it does
typeYesotp
otp_typeYesone_tap
textOptionalLabel for the copy-code fallback button (max 25 chars)
autofill_textOptionalLabel for the autofill button (max 25 chars)
package_nameYesYour Android app’s package name, like com.yourbrand.app
signature_hashYesYour app’s signing-key hash

The package name and signing hash are how WhatsApp confirms it’s autofilling into your real app, not an impostor. The most common slip is using the debug signing hash during testing and forgetting to swap in the release hash for the Play Store build — so it works on the test phone but fails for real users.

One quirk to expect: even though you submit the button as otp, the saved template shows the button type as url. That’s normal.

Sending a one-tap template

Once the template is approved, sending is a straightforward POST request: name the approved template, pass the language code, and supply the verification code value for that user. WhatsApp builds the message with the autofill button, and on a matching Android app, the tap fills the code in.

You can also set message_send_ttl_seconds to control how long WhatsApp keeps trying to deliver the code before giving up — keep it short for security.

The copy-code fallback

Not everyone can autofill — iPhone users, WhatsApp Web users, or anyone without your app installed. One-tap autofill handles this gracefully: the same message also offers copy-code.

So if autofill can’t run, the user simply taps “Copy code” and pastes it the normal way. Nobody gets stuck.

Always keep this fallback in mind: one-tap is an upgrade for Android app users, layered on top of the universal copy-code experience — not a replacement for it. Learn more in the Copy Code guide.

Keep reading

Related questions people ask

What is WhatsApp one-tap autofill?

It's an OTP delivery type where the WhatsApp message shows a button. The user taps it once, and the code is sent into your Android app and fills the login field automatically — no copying or typing.

What setup does one-tap autofill need?

Your app's package name and signing hash must be added to the authentication template. The signing hash proves to WhatsApp which app the button is allowed to open.

Does one-tap autofill work on iPhone?

No. One-tap autofill is an Android feature because it relies on Android's app-linking. iPhone users automatically fall back to copy-code.

Key takeaways

  • One-tap autofill fills the OTP into your Android app with one tap.
  • It needs your app's package name and release signing hash.
  • Users who can't autofill fall back to copy-code automatically.
Published: June 2026 Last reviewed: June 2026 Reviewed by: ChatMitra WhatsApp API Team

Put WhatsApp to work for your business

Start free on the Starter plan — pay just ₹0.20 per conversation, no subscription. Upgrade to Pro (₹999/month) when you need automation, or Enterprise for zero platform fees at scale.