# Authorization Process Technical Notes
# I. Overview
# (1) Overall explaination
(1) The small procedures involved in this article or Official Account message template Technical implementation processes licensed to third-party platforms are only applicable to platform-based third-party platforms and are not applicable to customized third-party platforms.
- At present, three kinds of authorization methods are provided, namely, PC version scan code authorization, H5 version authorization and Mini Program plug-in license. Developers can choose the appropriate authorization mode according to their own business situation.
3, the service provider to obtain business authorization is the basis of "service providers to provide services for businesses," the service provider can build an authorization link and authorization code in accordance with the document below. You can also obtain the authorization link and authorization code automatically generated by the system through "one-click deployment of officially provided third-party platform cloud services."
4, to complete a complete authorization, the need for the cooperation of service providers and businesses, the relevant processes are as follows.
# (2) Self-built authorization links
Step 1, go to WeChat open platform - third-party platform - details - development configuration, complete the permission set and development information configuration.
Step 2: Call the interface to obtain the pre-authorization code (pre_auth_Code), for interface details, please check theapi_create_preauthcode
Step 3: Prepare “Authorization Callback URI, and then generate the authorization QR code on the PC side or the authorization link on the mobile side in accordance with the official documentation rules, please see the instructions below for details
Step 4, Official Account message template/The Mini Program administrator scans the code or visits the mobile authorization link to confirm that he agrees to authorize the third-party platform. (If the third-party platform account has not yet been released across the network, you need to first use the Official Account message template Or Mini Program to join the third-party platform - the development of information “Authorization test Official Account message template/List of Mini Programs” 。 )
Step 5. After the administrator authorization is confirmed, the authorization page will automatically jump into the callback URI, and in the URL Returns the authorization code and expiration time in the(redirect_url?auth_code=xxx&expires_in=600)。
Step six, call interface generationauthorizer_access_TokenAnd then use that token to call the Official Account message template or Mini Program's associated API。
# (3) Use official cloud services to generate authorization links
Step 1, create a third-party platform account to choose the cloud service, and then a key deployment, a key configuration, to complete the construction.
Step two, go to the "service provider micro-butler" - butler center - authorization link generator, you can copy the authorization link and authorization code that has been generated. The remaining steps, as above.
# (4) Additional Notes
What service providers can call on behalf of the merchant API, depending on which set of permissions the merchant has granted to the service provider, and also depending on which interface permissions the Official Account message template or Mini Program itself has, use JS SDK And other capabilities.
If the merchant needs to deauthorize, you need to log inWeChat Official PlatformTo operateThird-party service providers are not currently supported for active de-authorization.
If the Mini Program/Official Account message template The administrator only wants to cancel the authorization of the individual permission set of the service provider, then you can re-scan the code to enter the authorization page, and then customize the permission set and re-authorize it. (If you are a Mini Program merchant, you can go toWeChat Official Platform - Settings - Third Party Settings - Management Authorization, enter the Update Authorization page to cancel part of the authorization can be)
When the new permission set is officially opened, service providers can go to third-party platforms to add new permissions to meet new business needs. The Revised Newly Authorized Official Account message template/An application that adds new permissions when an Mini Program is authorizedAlready authorized old users, the old permissions are not affected, but the new permission set needs to be re-scanned by the merchant to upgrade the authorization.
Permission sets can only be granted to Official Account message template Or ordinary Mini programs and small stores, other types of accounts are temporarily not supported. Can be accessed throughapi_get_authorizer_infoCheck the type of account.
# II. Methods for Building Authorized Links
# 1, authorization link parameter explaination
| parameter | Required | Introductions |
|---|---|---|
| component_appid | yes | Third-party platform appid |
| pre_auth_code | yes | Preauthorization code |
| redirect_uri | yes | - Authorization Callback URI(Fill in the form https://xxx)(The plug-in version does not have this parameter). - Administrator authorization confirmation will automatically jump into the callback URI, and in the URL Returns the authorization code and expiration time in the(redirect_url?auth_code=xxx&expires_in=600) |
| auth_type | yes | - The account type to be authorized, that is, the merchant clicks the authorization link or scans the authorization code, and displays the authorization account type on the user's mobile phone. - 1 The phone only shows. Official Account message template2 Show only the Mini Program, 3 Express Official Account message template And Mini programs are shown. If unspecified, the default Mini Program and the Official Account message template All show. - Third-party platform developers can use this field to control the type of account authorized. - Accounts that have been cancelled, frozen, banned, and not yet registered no longer appear on the Authorized Accounts list. |
| biz_appid | no | - Specifies the authorization of a unique Mini Program or Official Account message template 。 - If appid is specified, it can only be authorized by the administrator of the appid, and other users will report an error when scanning the code. - auth_type、biz_appid Two fields if the information set conflicts, the biz_Appid has a higher priority. - For example, auth_Type = 1, but biz_Appid is appid of a Mini Program, it will follow the auth_Type = 2 to deal with, that is to biz_Type appid to pull up the corresponding permission set list. |
| category_id_list | no | - The specified permission set id list, if not specified, pulls the list of permission sets that the current third-party account has published throughout the network by default. - If you need to specify a single permission set ID, write as “category_id_list=99” If there are more than one permission set, the permission set id is separated from the id by a middle vertical bar. |
# 2, authorization list page logic explaination
- When the merchant enters the account list displayed on the authorized account list page, in addition to being affected by the "authorization parameters," it is also related to the configuration of the third-party platform account and the role of the WeChat account user.
# 3, different types of authorization link use scenarios
| version | Use the scene |
|---|---|
| PC version | - Access to the PC version of the authorization link will automatically appear authorization code, merchants to WeChat scan the code to enter the authorized account list page, select the account to complete the authorization. - The link is usually placed on the server's PC website or in the SaaS business console. |
| Version H5 | - Access the H5 version authorization link to go directly to the authorized account list page, select the account to complete the authorization. - This link is usually placed on the service provider's H5 version (e.g. service number) official website or in the saas business console |
| Plugin version | - Merchants can directly enter the authorized account list page in the service provider Mini Program and select the account to complete the authorization. - Usually, the link is placed in the official website of the service provider's Mini Program or in the saas business console |
# 4, authorized link splicing mode
| version | Use the scene |
|---|---|
| PC version | https://mp.weixin.qq.com/cgi-bin/componentloginpage?component_appid=xxxx&pre_auth_code=xxxxx&redirect_uri=xxxx&auth_type=xxx |
| H5 Edition - New Edition | https://open.weixin.qq.com/wxaopen/safe/bindcomponent?action=bindcomponent>_scan=1&component_appid=xxxx&pre_auth_code=xxxxx&redirect_uri=xxxx&auth_type=xxx&biz_appid=xxxx#wechat_redirect |
| H5 Version-Old Version | https://mp.weixin.qq.com/safe/bindcomponent?action=bindcomponent>_scan=1&component_appid=xxxx&pre_auth_code=xxxxx&redirect_uri=xxxx&auth_type=xxx&biz_appid=xxxx#wechat_redirect |
# 5, plug-in version of the use
- You need to apply for the "Vendor Component" before you can use the Plug-in Version License Page. For more instructions on the Mini Program Vendor Component, please check[https://developers.weixin.qq.com/doc/oplatform/Third-party_Platforms/2.0/product/Register_Mini_Programs/The beta_mp_plugin.html](https://developers.weixin.qq.com/doc/oplatform/Third-party_Platforms/2.0/product/Register_Mini_Programs/The beta_mp_plugin.html)。
# Code Examples
const MiniprogramThirdpartyPlugin = requirePlugin('miniprogram-thirdparty-plugin')
// to initialize
MiniprogramThirdpartyPlugin.init(wx)
// Request User Authorization
MiniprogramThirdpartyPlugin.openAuthorizeAccount({
platformAppID: '',
preAuthCode:,//Preauthorization code obtained
authType:3,
bizAppid: wxxxxxxxxx,//Non-mandatory field, please see the end of the article for parameter details
})
# Plug-in version parameter explaination
| parameter | Required | |
|---|---|---|
| platformAppID | yes | Third-party platform appid |
| preAuthCode | yes | Pre-authorization code, which can be obtained bypre_auth_Code interfaceGet |
| authType | yes | Type of account to be authorized: 1 After the merchant clicks the link, the mobile terminal only shows Official Account message template、2 Show only the Mini Program, 3 Express Official Account message template And Mini programs are shown. If unspecified, the default Mini Program and the Official Account message template All show. Third-party platform developers can use this field to control the type of account authorized. |
| bizAppid | no | Specifies the authorization of a unique Mini Program or Official Account message template |
# III. Steps for the Use of Merchants
- Can go toAuthorization Related OperationsFor viewing.