Basic API - Get access token

Basic API - Get access token

Access_token is the global private key of the official account. The official account needs to use access_token when calling various interfaces. Developers need to save it properly. The storage of access_token must reserve at least 512 characters. The validity period of access_token is currently 2 hours. It needs to be refreshed regularly. Repeated acquisition will cause the last access_token to become invalid.

Instructions on how to use and generate the access_token required for calling the public platform API:

1. To keep appsecrect confidential, the third party needs a central control server to obtain and refresh access_token. The access_token used by other business logic servers all comes from the central control server and should not be refreshed separately, otherwise the access_token will be overwritten and affect the business;
2. Currently, the validity period of access_token is conveyed through the returned expire_in, which is currently within 7200 seconds. The central control server needs to refresh the new access_token in advance based on this validity period. During the refresh process, the central control server still outputs the old access_token. At this time, the public platform backend will ensure that both the new and old access_tokens are available within a short refresh time, which ensures a smooth transition of third-party services;
3. The validity period of access_token may be adjusted in the future, so the central control server not only needs to actively refresh it internally at a fixed time, but also needs to provide an interface for passively refreshing access_token, so that the business server can trigger the access_token refresh process when the API call informs that the access_token has timed out.

If the third party does not use the central control server, but chooses each business logic point to refresh the access_token, conflicts may occur, resulting in unstable services.

Official accounts can use AppID and AppSecret to call this interface to obtain access_token. AppID and AppSecret can be obtained from the WeChat Official Accounts Platform official website - Developer Center page (you need to be a developer and your account is not in abnormal status). Note that the https protocol must be used when calling all WeChat interfaces.

Interface call request description

http request method: GET
https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET

Parameter Description

Return Description

Under normal circumstances, WeChat will return the following JSON data packet to the official account:

{"access_token":"ACCESS_TOKEN","expires_in":7200}

When an error occurs, WeChat will return an error code and other information. An example of a JSON data packet is as follows (this example is an invalid AppID error):

{"errcode":40013,"errmsg":"invalid appid"}

<<:  Message signing and encryption/decryption - Developer Q&A

>>:  Basic interface - Get the WeChat server IP address

Recommend

Qingming Festival is coming soon, come and have a taste of spring!

Mixed Knowledge Specially designed to cure confus...

A comprehensive guide to upgrading private domain traffic

Private domain traffic , relative to public domai...

Comfortable and free! You deserve such space life

In the blink of an eye The Shenzhou 13 crew has b...

APP promotion scenario: let users actively download your product!

"Scenario-based" is a prerequisite that...

How to acquire users at low cost when starting an Internet business after 2016?

No matter it is a capital winter or an industry b...

Tik Tok Operation Script Strategy

1. What is a short video script? A short video sc...

Chen Kai stock intraday T+0 trading system

Chen Kai stock intraday T+0 trading system resour...

A collection of commonly used tools for short video live streaming!

1. Editing tools (there are many tools, and I rec...

Lessons from China’s 4G breakthrough

The number of 4G users exceeded 50 million, a goa...