ERROR:
"error":{"message":"Error validating access token: Session has expired on Monday
Regenerating a new token fixes it temporarily because you get a fresh session, but the problem will keep returning unless you use a long-term/permanent solution.
Permanent Solution for WhatsApp (Meta) Token Expiry
- Use a Long-Lived Token Facebook/Meta provides short-lived (1–2 hours) and long-lived (usually 60 days) tokens.
For a permanent solution, convert your short-lived token to a long-lived one with the official token exchange API.
How to Get a Long-Lived Token
Go to your Meta App in the Facebook Developer portal.
Obtain a short-lived access token.
Exchange it for a long-lived token:
GET https://graph.facebook.com/v20.0/oauth/access_token?
grant_type=fb_exchange_token&
client_id={app-id}&
client_secret={app-secret}&
fb_exchange_token={short-lived-token}
Use the returned token as your environment value.
Use Refresh Token/Programmatic Refresh
For business/production: build an automated job (cron/scheduler) to monitor for expiry and refresh the token via API before it expires.
Store the new token securely (database, env, or remote secrets manager).
App Review and "Permanent" Token
For some WhatsApp Business API and approved apps, you can get a "permanent" system user token after application review, which only requires renewal every 60 days.
See Meta documentation:
About System User Access Tokens (Meta)
Monitoring and Alerts
Build a simple alert system: if your API starts returning token expiry errors, trigger an alert to your admin/devs to refresh the token manually (at least as a short-term backup).
Final advice: Automate the token refresh flow, store tokens securely, and monitor for expiry! Relying on manual updates is not scalable for production.
Top comments (0)