Micro-letter web development and authorization access_token base of support access_token similarities and differences
Question 1: Web access_token and authorized share jssdk in access_token same?
Answer: not the same. Access_token is a one-time authorization page, the foundation supports access_token there is a time limit: 7200s.
Different pages authorized access_token and foundation support access_token, that micro-channel sharing in the access_token, is not a basis to support the access_token: Question 2
Answer: Yes
webpage authorized access_token can only get to a micro-channel user information, the relationship with the micro-channel users one on one , and the basis of support access_token, is effective for all users.
Question 3: The number of times pages access_token authorized limit?
A: No restrictions
Web page authorization process
Divided into four steps:
1, guide the user to enter the authorization page consent, access code
https://open.weixin.qq.com/connect/oauth2/authorize?appid=APPID&redirect_uri=REDIRECT_URI&response_type=code&scope=SCOPE&state=STATE#wechat_redirect2, authorized by the code page in exchange for access_token (the base support in different access_token)
https://api.weixin.qq.com/sns/oauth2/access_token?appid=APPID&secret=SECRET&code=CODE&grant_type=authorization_codeDescription code: code access_token as exchange of notes, each user will be authorized to bring the code is not the same, code can only be used once, five minutes is not used expire automatically.
{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID",
"scope":"SCOPE"
}3, if necessary, developers can authorize access_token refresh the page, avoiding expired
due access_token have a shorter period, when the access_token expires, you can use refresh_token refreshed, refresh_token valid for 30 days, after refresh_token failure, requiring users to re-authorize.
https://api.weixin.qq.com/sns/oauth2/refresh_token?appid=APPID&grant_type=refresh_token&refresh_token=REFRESH_TOKEN{
"access_token":"ACCESS_TOKEN",
"expires_in":7200,
"refresh_token":"REFRESH_TOKEN",
"openid":"OPENID",
"scope":"SCOPE"
}4, through the web openid authorization access_token and get information about users (UnionID support mechanisms)
https://api.weixin.qq.com/sns/userinfo?access_token=ACCESS_TOKEN&openid=OPENID&lang=zh_CN{
"openid":" OPENID",
" nickname": NICKNAME,
"sex":"1",
"province":"PROVINCE"
"city":"CITY",
"country":"COUNTRY",
"headimgurl": "http://thirdwx.qlogo.cn/mmopen/g3MonUZtNHkdmzicIlibx6iaFqAc56vxLSUfpb6n5WKSYVY0ChQKkiaJSgQ1dZuTOgvLLrhJbERQQ4eMsv84eavHiaiceqxibJxCfHe/46",
"privilege":[ "PRIVILEGE1" "PRIVILEGE2" ],
"unionid": "o6_bmasdasdsad6_2sgVt7hMZOPfL"
}PS: the scope of application of the authorization, snsapi_base not even in the case of interest (without the pop-authorization page jump directly, the user can only get openid), snsapi_userinfo (pop authorization page, you can get the nickname, gender, location and by openid. next, as long as the user authorization, you can also get information)
Inspection Authorization certificate (access_token) is valid
https://api.weixin.qq.com/sns/auth?access_token=ACCESS_TOKEN&openid=OPENIDaccess_token,网页授权接口调用凭证,注意:此access_token与基础支持的access_token不同
openid 用户的唯一标识jsapi_ticket
You must look at jsapi_ticket before generating the signature, jsapi_ticket temporary bill number for the public to call micro letter JS interface. Under normal circumstances, jsapi_ticket valid for 7200 seconds to get through access_token. Due to the number of api calls get jsapi_ticket very limited, frequently refreshed jsapi_ticket api calls will lead to limited impact of their business, the developer must in their service global cache jsapi_ticket.
https://api.weixin.qq.com/cgi-bin/ticket/getticket?access_token=ACCESS_TOKEN&type=jsapi{
"errcode":0,
"errmsg":"ok",
"ticket":"bxLdikRXVbTPdHSM05e5u5sUoXNKd8-41ZO3MhKoyN5OfkWITDGgnr2fwJ0m9E8NYzWKVZvdVtaUgWvsdshFKA",
"expires_in":7200
}