Skip to main content
Version: Latest

Table of Contents

1. Overview

What WhatsApp Integration is, what it owns, what the ERP owns, why it is not a full framework, its relationship with the Notification Framework and the ERP Communication/Inbox modules.

2. Architecture

Standalone library boundary, ERP host boundary, runtime ownership, dependency graph, package graph, the two-layer model (provider library + ERP business layer).

3. Packages

Shumoul.WhatsAppIntegration.Contracts, .Abstractions, .Core, the test project, current version (1.0.1), and each package's allowed/forbidden responsibilities.

4. Configuration

Every configuration key (no secret values), Graph API version, BaseUrl, tenant-scoped credentials, and the SecretsManifest relationship.

5. Runtime Flows

Mermaid sequence diagrams for every runtime flow: send template, send OTP, send activation, send invoice, receive webhook, verify webhook, reply from inbox, upload/send/download media, delivery status, error handling.

6. API Reference

All 74 HTTP endpoints across the 9 WhatsApp-related controllers, each with method, route, purpose, authorization, permission, request/response models, example JSON, error cases, backend service, Meta API interaction, and Angular/Flutter usage notes.

7. SignalR

The WhatsAppHub real-time layer: route, groups, client-invokable methods, server-broadcast events, authentication, Angular/Flutter usage.

8. Webhooks

GET verification handshake, POST webhook receive, HMAC signature validation, payload structure, message status updates, incoming messages, the ProfileName parsing fix, and failure handling.

9. Templates

Template message structure, variables/components, the OTP/Activation/business-document templates in use, and error cases.

10. Inbox / Conversation

Conversation lifecycle, notes, tags, saved replies, timeline, media, the reply flow, and tenant credentials.

11. Security

Webhook signature verification, token handling, secret handling, permission gates, diagnostic endpoint risks, production safety notes.

12. Testing

Standalone library tests, ERP tests, webhook parser tests, signature tests, phone normalization tests, and how QA should test using Postman.

13. Troubleshooting

Common failure scenarios and their resolutions.

14. Appendix

DTO index, enum index, configuration index, controller index, runtime call graph, glossary.

15. SDK Code Examples

cURL (Linux/macOS and Windows), JavaScript (fetch()/Axios), C# (HttpClient), and Flutter (Dio) for every one of the 74 certified endpoints — see also the official Postman collection.

16. Architecture Validation

Phase 2.2's independent re-verification of the Phase 1 consolidation guarantees, plus two new findings (documented, not fixed).

17. SDK Usage Guide

How another Shumoul module should consume this library: DI/registration, credential override, tenant context, media handling, error handling and retries, webhook registration.

18. Configuration Reference

Platform configuration, tenant configuration, secrets, environment variables, feature flags, and default values — presented as separate, certification-grade tables.

19. Webhook Payload Catalog

Real JSON examples for every Meta message and status type, annotated with exactly what the parser extracts versus what survives only in the raw payload.

20. Meta Error Reference

Every Meta error signature this system actively classifies, plus a reference list of additional Meta platform codes not yet handled.

21. Sequence Diagrams

The ten certification-required Mermaid diagrams: send template, receive webhook, OTP, activation, media upload, media download, conversation flow, delivery status, background retry, failed delivery.