# 初始值
After the completion of the merchant authorization to the third-party platform, the third-party platform can obtain the authorizer_access_Token to call the relevant api, this chapter is mainly introduced to generate Token process.
| step | Introductions |
|---|---|
| 1. Configure the authorization event URL for receivingcomponent_verify_ticket | For security reasons, after the approval of the third-party platform creation, the WeChat server at intervals of 10 Minutes will be pushed once to the third-party message receiving address component_verify_Ticket to obtain a third-party platform interface call credential. component_verify_The ticket is valid for 12 hours |
| 2, get the component_verify_After the ticket, follow theAccess to third-party platforms component_access_Token Interface document, calling the interface to get the component_access_Token | component_access_Token is valid for 2 hours, when the component is not received in time_verify_Ticket, it is suggested that the component that is available once_verify_Ticket continues to build component_access_token。 Avoid them because component_verify_ticket Failed to receive updates component_access_Token The situation. |
| 3, access to component_access_After the token, follow theGet Preauthorization Code pre_auth_codeInterface Documentation , Adjust the interface to get pre_auth_code | Used to generate scan authorization two-dimensional code or link required pre_auth_code |
| 4. Get the pre_auth_After the code, follow theAuthorization Technical Process Dxplainationfile , Get authorization after guiding user authorization_code | authorization_Code has an expiration time that is called back after authorization URI to return.Also through the pushNotification of Change of AuthorizationThe way in which authorization_Send code to a third-party platform |
| 5. Obtaining authorization_After the code, follow theUse an authorization code in exchange for Official Account message template Or Mini Program interface call credentials and authorization information Interface Documentation , Call interface to get authorizer_refresh_Token | Invoking credentials through the authorization code and its own interface component_access_Token) in exchange for the Official Account message template or Mini Program interface call credentials (authorizer)_access_Token And for refreshing the former when it is about to expire authorizer_refresh_Token) and authorization information (such as which permissions are granted) |
| 6. Get an authorizer_refresh_After the token, follow theObtain/Refresh Authorization Official Account message template Or the interface call credentials of the Mini Program Interface Documentation , Call interface to get authorizer_access_Token | Can be accessed through authorizer_refresh_Token Obtain Official Account message template Or the call token of the Mini Program interface |
| 7. According to the interface document, instead of Official Account message template Or Mini Program call interface | After authorization is completed, the third-party platform can invoke the credentials (authorizer) via the Official Account message template or Mini Program interface._access_Token) to invoke the interface instead, see the interface documentation |
Note:
All of the above mentioned API The call needs to validate the caller IP Address. Whitelist only filled in the whitelist IP address list of third-party platforms IP In the address list. IP Address, can be called legally, all others are rejected.