E-commerce service provider application
A third-party service provider that provides services for microblog e-commerce businesses. The main service object of the application is the business account of microblog e-commerce businesses.
E-commerce businesses develop their own access, which is different from e-commerce service providers. Please move to E-commerce merchant end access
Basic capability
At present, it mainly provides businesses and users with the ability to authorize the use of e-commerce service provider applications.
Authorize login to obtain access_token
Access_token is the voucher that authorizes merchants and users to log in to the e-commerce service provider's application when they use the e-commerce service provider's application. It is the only verification voucher for the e-commerce service provider's application calling interface. When the e-commerce service provider's application calls each interface, it needs to use access_token. Developers need to properly save access_token on the server and should not save it to the application front end.
The access_token obtained by the e-commerce service provider's application is different from that obtained by the web app and mobile app. The validity period of the access_token obtained by the e-commerce service provider's application is 2 hours, but when it is authorized, it will also get a refresh_token, and the validity period of the refresh_token is 30 days, Developers can refresh the authorization validity period of access_token through refresh_token. Whether the access_token expires or not, as long as the refresh_token is valid, they can use refresh_token to refresh. The refresh strategy is as follows:
1. When there is an authorization relationship, that is, if the user has authorized and has not cancelled authorization, the authorization interface will be called with refresh_token, and new access_token and refresh_token will be returned. At the same time, the old refresh_token will become invalid, and the new access_token and refresh_token will get new validity periods.
2. When the user cancels the authorization, that is, when the authorization relationship between the user and the e-commerce service provider application no longer exists, the access_token and refresh_token will also become invalid together. At this time, the validity of access_token and refresh_token cannot be refreshed.
Obtain authorization interface
Refresh authorized interface and calling method
E-commerce service provider application refresh access_token is different from web applications and mobile applications. Please pay attention to the above instructions.
1. For e-commerce service provider applications, when authorization returns access_token, an additional refresh_token will also be returned:
JSON
{ "access_token": "SlAV32hkKG", "remind_in": 3600, "expires_in": 3600 "refresh_token": "QXBK19xm62" }
2. To maintain the validity of access_token, call oauth2/access_token and pass in refresh_token:
URL
https://api.weibo.com/oauth2/access_token?grant_type=refresh_token&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&redirect_uri=YOUR_REGISTERED_REDIRECT_URI&refresh_token=YOUR_REFRESH_TOKEN
Return the new access_token and refresh_token, and the new validity period
After the application of e-commerce service provider is authorized by the user, the developer should maintain the validity period of access_token on the server side, and save the access_token. The call to the microblog open interface should also be completed on the server side. Do not transfer the access_token to the front end, nor initiate the call to the microblog open interface on the front end. Do not refresh the access_token between services on the server side, To avoid conflicts, which may overwrite access_token and affect the calling interface.
Platform capability
The platform capabilities provided to e-commerce service providers currently include order capability interface and commodity capability interface.
