If the user accesses a third-party webpage in the WeChat client, the official account can obtain the user's basic information through the WeChat webpage authorization mechanism, and then implement business logic.
Instructions on the web page authorization callback domain name
1. Before the WeChat official account requests user web page authorization, the developer needs to first Go to the configuration options of "Development - Interface Permissions - Web Services - Web Accounts - Web Authorization to Obtain User Basic Information" on the official website of the public platform, and modify the authorization callback domain name. Please note that the domain name (which is a string) is filled in here, not the URL, so please do not add protocol headers such as http://;
2. The authorization callback domain name configuration specification is the full domain name, for example, if required The domain name authorized by the web page is: www.qq.com. After configuration, the pages under this domain name http://www.qq.com/music.html and http://www.qq.com/login.html can all use OAuth2. .0 authentication. But http://pay.qq.com, http://music.qq.com, http://qq.com cannot perform OAuth2.0 authentication
3. If the official account login is authorized to If a third-party developer manages it, there is no need to make any settings. The third party can replace the official account to implement web page authorization.
Explanation on the difference between the two scopes of web page authorization
1. Web page authorization initiated with snsapi_base as the scope is used to obtain the openid of the user who enters the page, and is authorized silently and automatically jumps to the callback page. What the user perceives is that he directly enters the callback page (often a business page)
2. The web page authorization initiated with snsapi_userinfo as the scope is used to obtain the user's basic information. However, this kind of authorization requires the user to manually agree, and since the user has agreed, there is no need to pay attention, and the user's basic information can be obtained after authorization.
3. The "Obtain User Basic Information Interface" in the user management interface can obtain the user's basic information based on the user's OpenID only after the user interacts with the official account or pushes the event after following the message. This interface, including other WeChat interfaces, requires the user (i.e. openid) to follow the official account before it can be called successfully.
About silent authorization in special scenarios
1. As mentioned above, for web page authorization with snsapi_base as the scope, it is authorized silently and the user is unaware;
2. For users who have followed the official account, if the user enters the official account's web authorization page from the official account's session or custom menu, even if the scope is snsapi_userinfo, the authorization is silent and the user is unaware.
For more technical articles related to WeChat development, please visit the WeChat Development Tutorial column to learn!
The above is the detailed content of What does scope permission mean?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
