WhatsApp Cloud API talks to RedBot through an HTTPS callback (a self-signed certificate is not accepted). For local development we expose Node-RED through an ngrok tunnel; for production you'll point Meta at your real HTTPS hostname.

1. Expose Node-RED over HTTPS with ngrok

Install ngrok and sign in (ngrok config add-authtoken …), then open a shell and run:

ngrok http 127.0.0.1:1880

ngrok prints a forwarding URL such as https://abcd-1234.ngrok-free.app. The full webhook RedBot listens on is:

https://<your-tunnel>.ngrok-free.app/redbot/whatsapp

Keep this terminal open while testing — every time you restart ngrok the URL changes (unless you have a reserved domain), and you'll have to update the webhook in Meta.

Tip: a paid ngrok plan gives you a static domain (--domain my-bot.ngrok.app) so you don't have to reconfigure the webhook on every restart.

2. Create the Meta app and WhatsApp Business Account (WABA)

The Meta flow has been reorganised since the original guide. Two things must exist:

1. A Meta Business Portfolio (formerly "Business Manager") at https://business.facebook.com/. Create one if you don't have it — this is what owns the WABA, the app, and billing.
2. A Meta for Developers app at https://developers.facebook.com/apps/create/.

2.1 Create the app

• Go to https://developers.facebook.com/apps/ → Create app.
• Use case: Other → app type: Business.
• Give it a name, attach the Business Portfolio from step 1.

2.2 Add the WhatsApp product

In the app dashboard sidebar choose Add product → WhatsApp → Set up.

This automatically provisions:

• A test WhatsApp Business Account (WABA)