How to obtain OAuth2 authentication interface in WeChat Enterprise Account Development

URL links in enterprise applications (including links in custom menus or messages) can obtain employee identity information through OAuth2.0.

Note that the domain name of this URL must completely match the 'Trusted Domain Name' in the enterprise application settings , otherwise a 50001 error code will be returned when obtaining user information.

1. Enterprises obtain code

If an enterprise requires employees to bring their identity information when they jump to the enterprise website, they need to construct the following link:

https://open.weixin.qq.com/connect/oauth2/authorize?appid=CORPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect

• Parameter Description

After the employee clicks it, the page will jump to redirect_uri/?code=CODE&state=STATE, and the enterprise can obtain the employee's userid based on the code parameter.

2. Get member information

• Request Instructions

Https request method: GET

https://qyapi.weixin.qq.com/cgi-bin/user/getuserinfo?access_token=ACCESS_TOKEN&code=CODE&agentid=AGENTID

• Parameter Description

• Permissions

The administrator must have permission to use the agent; the agentid must be the same as the enterprise application ID where the link is redirected.

• Return results

a) If it is correct, the return example is as follows:

 {
 "UserId":"USERID"
 } 

The following is an example of what is returned when an error occurs:

 {
 "errcode" : "40029" ,
 "errmsg" : "invalid code"  
 }