Call this API at the server side. For more information, see Server API.
Obtains the globally unique credential (
access_token) for calling backend APIs on Mini Programs. The
access_token is required for calls to most backend APIs. Developers need to save it properly.
# Request Address
# Request Parameters
|appid||string||Yes||The AppID. It is the unique credential of the Mini Program. You can obtain it in WeChat Official Accounts Platform > Settings > Development Settings. (A developer account in a normal status is required)|
|secret||string||Yes||The AppSecret. It is the password of the unique credential of the Mini Program. It is obtained in the same way as the AppID.|
# Return Value
JSON data package that is returned
|access_token||string||The obtained credential.|
|expires_in||number||The time when the credential expires, in seconds. Its value is within 7,200 seconds.|
Valid values of errcode
|-1||System is busy. Try again later.|
|40001||Incorrect AppSecret or mismatched AppSecret. Check whether AppSecret is correct.|
|40002||Ensure that the value of grant_type fields is client_credential.|
|40013||Invalid AppID. Check whether AppID is correct. Avoid abnormal characters. Note the capitalization.|
# Return Data Example
# Storage and Updates of access_token
- To store
access_token, you need to reserve space for at least 512 characters.
access_tokenis valid for 2 hours, and needs to be updated periodically. Repeatedly obtaining
access_tokenwill cause the previously obtained
- It is recommended to obtain and update
access_tokenby using a central control server. All the
access_tokenvalues used by other service logic servers come from this central control server, and should not be updated separately. Otherwise,
access_tokenmay be overwritten, which affects services.
- The validity period of
access_tokenis expressed in the returned
expire_in, and its available value is within 7200 seconds. The central control server needs to update
access_tokenin advance based on this validity period. During the update, the central control server may continue to output old
access_tokenvalues. In this case, the backend of the Official Accounts Platform will ensure that both new and old
access_tokenvalues are available within five minutes, so that third-party services are smoothly transitioned.
- The validity of
access_tokenmay be adjusted in the future. Therefore, the central control server not only needs to actively update
access_tokenon schedule, but also provides an API for passive update of
access_token. In this way, when learning that
access_tokenis expired in a call, the service server may trigger the update procedure for
For details, see the Obtaining access_token document on WeChat Official Accounts Platform.
# Online Debugging
Developers can debug this API via Webpage Debugging Tools.