# Getting Authorization Information with Authorization Code
After the user completes the authorization process on the third-party platform authorization page, the third-party platform developers can use the URL parameter in the callback URI to get the authorization code. The following API is used to exchange for the Official Account/Mini Program authorization information. We recommend you save the refresh token (authorizer_refresh_token) in the authorization information.
Note: The Official Account/Mini Program can select to grant the third-party platform only some permissions. Therefore, the third-party platform developers must use this API to learn which permissions the Official Account/Mini Program has granted it, rather than simply assuming the declared permissions were all granted.
# Request Address
POST https://api.weixin.qq.com/cgi-bin/component/api_query_auth?component_access_token=COMPONENT_ACCESS_TOKEN
# Request Parameters
| Parameter | Type | Required | Description |
|---|---|---|---|
| component_access_token | string | Yes | Token |
| component_appid | string | Yes | Third-party platform's AppID |
| authorization_code | string | Yes | Authorization code, which is returned to the third-party platform after successful authorization. For details, see the Third-party Platform Authorization Process Description. |
POST data example:
{
"component_appid":"appid_value" ,
"authorization_code": "auth_code_value"
}
# Parameters of Returned Result
| Parameter | Type | Description |
|---|---|---|
| authorization_info | Object | Authorization information |
# Authorization information description
| Parameter | Type | Description |
|---|---|---|
| authorizer_appid | string | Authorizer's AppID |
| authorizer_access_token | string | API call token (returned when the authorized Official Account/Mini Program has API permissions). |
| expires_in | number | Validity period of authorizer_access_token, in seconds (returned when the authorized Official Account/Mini Program has API permissions). |
| authorizer_refresh_token | string | Refresh token (returned when the authorized Official Account/Mini Program has API permissions). It is used by the third-party platform to get or refresh authorizer_access_token already granted by the user. Once this token expires, the user must grant authorization again, allowing the third-party platform to obtain a new refresh token. After the user grants authorization again, the previous refresh token expires. |
| func_info | object | The list of permission sets granted to the developer |
Example of returned result
{
"authorization_info": {
"authorizer_appid": "wxf8b4f85f3a794e77",
"authorizer_access_token": "QXjUqNqfYVH0yBE1iI_7vuN_9gQbpjfK7hYwJ3P7xOa88a89-Aga5x1NMYJyB8G2yKt1KCl0nPC3W9GJzw0Zzq_dBxc8pxIGUNi_bFes0qM",
"expires_in": 7200,
"authorizer_refresh_token": "dTo-YCXPL4llX-u1W1pPpnp8Hgm4wpJtlR6iV0doKdY",
"func_info": [
{
"funcscope_category": {
"id": 1
}
},
{
"funcscope_category": {
"id": 2
}
},
{
"funcscope_category": {
"id": 3
}
}
]
}
}