Record the usage process of corporate WeChat web code scanning login.
As usual, let’s look at the login process first:
step
First, enable the "Enterprise WeChat authorized login function" and " Set the authorized callback domain name " in the Enterprise WeChat backend. The authorized callback domain name must be exactly the same as the domain name of the access link . (The domain name of the access link is the domain name that will be redirected after successful login by scanning the QR code. The configured domain name does not include the protocol header, but includes the port).
The next step is to display the QR code. WeChat Enterprise provides two methods, independent page and embedded login QR code. There is no essential difference between the two methods.
How to log in to create a new page
- The link to log in by scanning the QR code on Enterprise WeChat is as follows. We only need to pass the query parameters.
https://open.work.weixin.qq.com/wwopen/sso/qrConnect?appid=CORPID&agentid=AGENTID&redirect_uri=REDIRECT_URI&state=STATE
| parameter | must | illustrate |
|---|---|---|
| appid | yes | CorpID of Enterprise WeChat, view it on the Enterprise WeChat management terminal |
| agents | yes | The web application ID of the authorized party, which can be viewed in the specific web application. |
| redirect_uri | yes | Redirect address, UrlEncode is required |
| state | no | Used to maintain the status of requests and callbacks, and bring them back to the enterprise as they are after authorizing the request. This parameter can be used to prevent CSRF attacks (cross-site request forgery attacks). It is recommended that enterprises bring this parameter. It can be set to a simple random number plus session for verification. |
It can be seen that there are three parameters that must be passed. appid and agentid are constants, and redirect_uri is the address where the page will jump directly after the user scans the QR code to log in successfully.
- When the user allows authorization, the page will be redirected to the redirect_uri with the code and state parameters. If the user prohibits authorization, there is no code parameter. The backend can obtain user information based on the code through the Enterprise WeChat API.
This completes the corporate WeChat scan code login.
WEB embedded login QR code
-
First, introduce the js file of the official WeChat Enterprise API into the file <script src="http://rescdn.qqmail.com/node/ww/wwopenmng/js/sso/wwLogin-1.0.0.js"></script>
-
Create a container in the page, such as
<div id="wx_reg"></div> -
Directly call the function that introduces js on the page where the QR code is to be displayed.
window.WwLogin({
"id" : "wx_reg",
"appid" : "",
"agentid" : "",
"redirect_uri" :"",
"state" : "",
"href" : "",
});
The first four parameters must be passed, the first one is the id of the container, and the remaining three are the same as previously introduced.
This completes the scan code login. Let’s see the effect
