The security field reports security setting changes on a WhatsApp business phone number, especially two-step verification PIN changes and reset requests.
What security Reports
The field reports phone-number security events:
| Event | Meaning |
|---|---|
PIN_CHANGED | A Meta Business Suite user changed or enabled the business phone number PIN in WhatsApp Manager. |
PIN_RESET_REQUEST | A Meta Business Suite user requested to turn off two-step verification. |
PIN_REQUEST_SUCCESS | The user completed the reset-email flow to turn off two-step verification. |
requester is included for PIN reset requests and identifies the Meta Business Suite user ID that initiated the action.
When It Fires
Meta sends this field when a user changes or enables the PIN, starts a two-step verification reset, or completes the reset instructions from the reset email.
Payload Shape
{
"object": "whatsapp_business_account",
"entry": [
{
"id": "<WABA_ID>",
"time": 1748811473,
"changes": [
{
"field": "security",
"value": {
"display_phone_number": "15550783881",
"event": "PIN_RESET_REQUEST",
"requester": "61555822107539"
}
}
]
}
]
}Dualhook Handling
Dualhook subscribes to security as a normalized management field. It uses the event for operational visibility around phone-number security, logs the management event metadata, and forwards it to your configured endpoint with Dualhook forwarding headers.
This field does not contain message content. It can still be security-sensitive because it describes PIN reset activity, so treat it as an audit event.
Implementation Notes
- Alert on
PIN_RESET_REQUEST; it can indicate an expected admin action or an unexpected security change. - Store
display_phone_number, WABA ID, timestamp, event, andrequesterwhen present. - Correlate security events with staff access changes in Meta Business Suite.
- If two-step verification prevents registration or recovery, see the dedicated 2FA documentation before retrying.