WeChat Open Platform

Official Accounts Documentation

Getting Started


Overview

To connect your server to the Official Account system to run your account, developers should follow these three steps:

  1. Complete server configuration
  2. Verify validity of the URL
  3. Implement your account's features

Step 1. Complete server configuration

Log in to the WeChat Official Account Admin panel, select "Developer Center" in the management window, and click "Edit". Enter the URL pointing to your server, the Token, and EncodingAESKey. The URL should be an endpoint in your server that will be used for receiving WeChat messages and events. The token can be manually set to generate a signature; this token will be compared with that contained in the URL to verify security. EncodingAESKey can be manually set or automatically generated to encrypt/decrypt messages.

Next, select an encryption/decryption mode: plaintext mode, compatibility mode, or security mode. The configuration will take effect immediately after being submitted, so developers should be careful when configuring. By default, plaintext mode is used. To select compatibility mode or security mode, configure encryption/decryption codes first. For details, refer to Message Signature and Encryption/Decryption.

Step 2. Verify validity of the URL

After the configuration is submitted, the WeChat Official Account System will send a GET request to the entered URL pointing to the developer's server. The GET request contains the following parameters:

Parameter Description
signature Encrypted signature. This parameter is combined with the token entered and timestamp and nonce parameters in the request.
timestamp Time stamp
nonce Random number
echostr Random string

Developers verify the request by verifying the signature (verification method is provided below). If it is confirmed that the GET request is sent by the WeChat Official Account System, return the echostr parameter value. In this case, access succeeds; otherwise, access fails.

The encryption/verification procedure is as follows:

  1. Sort the token, timestamp, and nonce parameters alphabetically.
  2. Combine the parameters into a string and encrypt it using SHA-1.
  3. Compare the encrypted string with the signature. If they are identical, the request is sent by WeChat.

Step 3. Implement Your Account

After a successful URL verification, the developer has successfully accessed the platform. For subscription accounts, only common message APIs can be used. However, if the Official Account is a service account, the developer can apply for authentication access on the WeChat Official Account admin panel. After receiving authentication access, the developer will obtain access to call a large number of additional APIs.

If a user in an Official Account chat view sends a message to the Official Account or clicks an item in one of the custom-defined menus, the URL pointing to the developer's server will receive the message and an event pushed by the WeChat Official Account System. Subsequently, the developer’s backend should respond based on the account’s own service logic (e.g. send a reply to the user).

Normally, an Official Account will obtain correct output if it makes an API call. For details about output, see the API’s description. If an error code is returned, query the cause of the error based on the Return Codes.

When a user sends a message to an Official Account, the ID visible to the Official Account is the OpenID for the user. This OpenID is generated with encryption. For each Official Account, each user will be represented by a unique OpenID.

Note: that Official Accounts support port 80 only.