Self developed access of e-commerce merchants

The self developed access of microblog e-commerce merchant accounts is mainly for businesses with independent development capability. Different from the application of e-commerce service providers, the self developed access of businesses is developed by businesses themselves and cannot be provided to other businesses.

E-commerce service provider access, different from e-commerce merchants' self-developed access, is a third-party service provider providing services to e-commerce merchants. Please move to E-commerce service provider access

Update log

Update time Update content
  • New merchant performance interface (only for virtual merchants)
  • New merchant event notification push access (only for virtual merchants)
  • The interface Get Sub Order List and Search Sub Order add the return field state_code
  • The interface Get Sub Order Details adds the return fields Expect_finish_time, Finish_type, and is_timeout
  • When the interface Submit Shipment needs logistics shipment, if the required address information is missing, it will try to get the default after-sales address of the merchant once
  • The interface [Get sub order details] adds the return field [contact_phone] (the mobile phone number of the virtual and medical beauty order contact)

Access preparation

For the access of self-developed businesses, the accessed microblog accounts need to be consistent: microblog accounts bound to microblog stores (filled in when entering), microblog accounts applying for e-commerce business identity, and microblog accounts registered as microblog open platform developers. These three accounts need to be the same microblog account.

The first step is for businesses to enter the business end of microblog e-commerce. When entering, please fill in the microblog account that needs to be bound to the microblog store (it is recommended to use official microblog account).

The second step is to contact the corresponding industry operation of the microblog e-commerce platform after the merchants have settled in, and provide the microblog account and relevant information in [Step 1] to bind the e-commerce business. At this time, the access party will obtain the e-commerce business identity appid and the e-commerce signature key sign key, which are used to verify the signature when calling the e-commerce capability interface. See E-commerce capability interface verification signature

Note: If the business has not yet established a connection with the industry operation, you can consult the official customer service of the microblog e-commerce through the microblog client Weibo e-commerce customer service waiter The customer service personnel will help you establish a connection with the industry operation.

The third step is that businesses use the microblog account in the previous two steps to log in to the microblog open platform, register as a developer, and complete identity authentication. When the developer's identity authentication is completed, they can create e-commerce business type applications on the open platform (micro connection - e-commerce business), and wait for approval. At this time, the access party will obtain the appkey and appsecret of the microblog open platform, For obtaining authorization, see E-commerce merchant access - basic capabilities - obtaining merchant account authorization

Please read the step requirements carefully. The uid is the unique identifier for calling data. You need to ensure that the uid in the above three steps is consistent. When adjusting the service connection, it is necessary to pass the dual verification of [Step] - E-commerce] and [Step III - Open Platform], both of which are indispensable.

Validation field required Obtaining method Whether it is dynamic verification
E-commerce platform E-commerce merchant ID appid and e-commerce signature key Contact e-commerce operators Weibo e-commerce customer service waiter , the operator applies and issues the merchant identity and key to the merchant No, details: E-commerce capability interface verification signature
Open platform The appkey and appsecret of Weibo open platform Log in to the open platform, click on the app key and appsecret Yes, the merchant needs to obtain authorization according to the requirements of the third step, and click authorization. The validity period of the authorization should be periodically refreshed by the merchant (the validity period of access_token is 2h, it is recommended to set 1.5h refresh, and reserve redundancy time). At the same time, it is necessary to establish a compensation mechanism for extreme cases, such as the error report caused by refreshing when it is about to connect. Details: E-commerce merchant access - basic capabilities - obtaining merchant account authorization

Basic capability

At present, it mainly provides access to merchant account authorization when merchant accounts access microblog e-commerce services independently_ The ability of token.

Authorize login to obtain access_ token

E-commerce merchant application, access authorized by its own merchant account_ Token is its only interface calling voucher. E-commerce merchants need to use this access when calling each interface in their self-developed access to Weibo e-commerce services_ Token, developers need to properly store access on the server_ Token, which should not be saved to the application front end.

Access authorized by e-commerce merchants_ Access obtained by token, web application and mobile application_ Token is different. The access granted by e-commerce merchants_ The token is valid for 2 hours and needs to be refreshed regularly. Repeated access will result in the last access_ Token is invalid.

For e-commerce merchant accounts, when self developing access to microblog e-commerce services, the following interfaces can be directly called through the appkey and appsecret of e-commerce merchants self developing access to obtain their own authorized access_ token。

E-commerce merchants develop their own access. If there is a need to obtain authorization from other microblog users, it needs to be handled according to the two-step authorization process of web applications, namely through oauth2/authorize, oauth2/access_ The token interface first requests the authorization of other Weibo users, gets the authorization code after the other party agrees and clicks Authorization, and then exchanges the authorization code for access through the server_ token。

E-commerce merchants self-developed access authorization interface

Obtain the authorization token of your own e-commerce merchant account

Interface URL

HTTP request mode


Request Parameters
Parameter name Required type Description
client_ id true string [E-commerce merchants' self-developed access to APPKEY] applied by e-commerce merchants on the microblog open platform.
timestamp true string Current timestamp in milliseconds.
nonce true string Random string.
sign true string Signature: md5 (client_id&developer_uid&timestamp&nonce&secret).

Note: where client_ ID refers to the [e-commerce merchants' self-developed access to APPKEY], developer_ Uid is the developer, that is, the microblog UID of the e-commerce merchant account.

Return Result JSON Example
 { "client_id": "772915", "uid": 1404376560, "access_token": "2.00lnqNgH0YhE_q6594efd4abyzYM7E", "issued_at": 1655101652, "expires_in": 2637148 }

Return Field Description
Return value field type Field Description Description
client_ id string [E-commerce merchants' self-developed access to APPKEY] applied by e-commerce merchants on the microblog open platform.
uid string The Weibo UID of authorized users is actually the UID of e-commerce merchant accounts.
access_ token string The authorized [e-commerce merchant authorization access_token] is used to call the e-commerce merchant open interface.
issued_ at string access_ The timestamp of token generation.
expires_ in string access_ The life cycle of a token, in seconds.

After e-commerce merchants obtain their own merchant account authorization, developers should maintain access on the server_ The validity period of the token and the access_ Token, the call to the microblog open interface should also be completed on the server side, and access should not be_ When the token is transferred to the front end, do not call the microblog open interface on the front end, and do not refresh access separately between services on the server end_ Token to avoid conflicts and overlapping access_ Token, which affects the calling interface.

Platform capability

The platform capabilities provided to e-commerce merchants currently include order capability interface, commodity capability interface, and event notification push.

Document update time: May 31, 2023