Basic API - Get access token

Basic API - Get access token

Access_token is the global private key of the official account. The official account needs to use access_token when calling various interfaces. Developers need to save it properly. The storage of access_token must reserve at least 512 characters. The validity period of access_token is currently 2 hours. It needs to be refreshed regularly. Repeated acquisition will cause the last access_token to become invalid.

Instructions on how to use and generate the access_token required for calling the public platform API:

1. To keep appsecrect confidential, the third party needs a central control server to obtain and refresh access_token. The access_token used by other business logic servers all comes from the central control server and should not be refreshed separately, otherwise the access_token will be overwritten and affect the business;
2. Currently, the validity period of access_token is conveyed through the returned expire_in, which is currently within 7200 seconds. The central control server needs to refresh the new access_token in advance based on this validity period. During the refresh process, the central control server still outputs the old access_token. At this time, the public platform backend will ensure that both the new and old access_tokens are available within a short refresh time, which ensures a smooth transition of third-party services;
3. The validity period of access_token may be adjusted in the future, so the central control server not only needs to actively refresh it internally at a fixed time, but also needs to provide an interface for passively refreshing access_token, so that the business server can trigger the access_token refresh process when the API call informs that the access_token has timed out.

If the third party does not use the central control server, but chooses each business logic point to refresh the access_token, conflicts may occur, resulting in unstable services.

Official accounts can use AppID and AppSecret to call this interface to obtain access_token. AppID and AppSecret can be obtained from the WeChat Official Accounts Platform official website - Developer Center page (you need to be a developer and your account is not in abnormal status). Note that the https protocol must be used when calling all WeChat interfaces.

Interface call request description

http request method: GET
https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET

Parameter Description

Return Description

Under normal circumstances, WeChat will return the following JSON data packet to the official account:

{"access_token":"ACCESS_TOKEN","expires_in":7200}

When an error occurs, WeChat will return an error code and other information. An example of a JSON data packet is as follows (this example is an invalid AppID error):

{"errcode":40013,"errmsg":"invalid appid"}

<<:  Message signing and encryption/decryption - Developer Q&A

>>:  Basic interface - Get the WeChat server IP address

Recommend

Android's official pull-down refresh component SwipeRefreshLayout

1. Problem Description In Android development, th...

Is the $8 billion acquisition of Harman Samsung worth it?

Recently, Samsung has become the focus of attenti...

Why lower user expectations?

Killing users’ unnecessary expectations and overl...

Weibo Brand Account Social Marketing Handbook

In 2021, will we still have Weibo? When brand blu...

4 analysis models for high-conversion products!

Today, I would like to talk to you about the issu...

App promotion and operation, 3 rules to encourage users to promote social media

In the mobile gaming market, given the increasing...

Why is figure skating always a "Beauty and the Beast" combination?

The Beijing Winter Olympics is about to begin! Th...

Marketing is a psychological war, not a product war!

Which is better, Coca-Cola or Pepsi? This may be ...

Product Manager 90-Day Practical Course 31

What will I gain from joining the “Product Manage...

How do communities attract traffic and convert people?

Everyone is talking about community operation and...