Alipay International Mini Program Development PlatformAlipay International Mini Program Development PlatformDOCS

User information capability

All the user information on the Mini Program Platform requires user's authorization. Based on the industry standard OAuth2.0 authorization mechanism, mini program developers can get user authorization to obtain user information.

Note: Developers must fully respect the privacy of users and properly use the user authorization. If the information is found to be used beyond the agreed scope or reasonable usage, the platform has the right to permanently withdraw the interface authority of mini program.

Prerequisites

  • This capability is open to merchants who have become business partners of the wallet.
  • Make sure that the integration and configuration have been completed and the mini program has been released.

Interaction process

Silence mode

The silence mode requires the user's consent on a native app to collect the required information. The interaction flow of the silence mode is illustrated as below:

MP best practice for payment.jpg

  1. The user opens the wallet app and is redirected to the merchant mini program.
  2. The merchant mini program calls the getAuthCode JSAPI to request authCode from the wallet app.
  3. The wallet app returns authCode to the merchant mini program, which sends authCode to the ISV or merchant server.
  4. With the obtained authCode in step 3, the ISV or merchant server calls the /{version}/oauths/applyToken OpenAPI to request accessToken and uid from the wallet server.

Note: The version is the version of Open APIs, for example, v1 or v2.

  1. The wallet server returns accessToken and uid to the ISV or merchant server.

Notes:

  • authCode is used to exchange for accessToken. Every time the user authorization is completed, authCode in the JSAPI response is different. authCode can only be used once and will automatically expire within one day.
  • After the ISV or merchant obtains accessToken and uid:
    • The ISV or merchant can use accessToken to call other OpenAPIs. For example, call the inquiryUserInfoByAccessToken OpenAPI to query the user information.
    • The ISV or merchant can generate a session that maps to accessToken and uid, then set session expiration time and store the mapping. The session will be stored in the mini program framework.

User consent mode

The user consent mode is used to get public user information without further permission from wallets. The interaction flow of the user consent mode is illustrated as below:

MP best practice for payment2.jpg

Get user open info

When the merchant mini program intends to get some public information of users, such as name and avatar, use the user consent mode with the getOpenUserInfo JSAPI. The user needs to sign the agreement and clicks the Accept button. This function is used to display some personal data of the user in the mini program.

Get auth code

When the merchant mini program intends to get authCode for further usage, call the getAuthCode JSAPI by specifying the scope field.

API list

JSAPI

Description

my.getOpenUserInfo

Gets user basic information, such as avatar, nickname, etc.

my.getAuthCode

Gets user's authentication code.

OpenAPI

Description

/{version}/authorizations/{apiName} 

Note: The version is the version of Open APIs, for example, v1 or v2.

For details, see the Open APIs for Merchants chapter.

/{version}/users/inquiryUserInfo

More information

Capabilities

JSAPIs

Open APIs

Developing Mini Program

Using Mini Program Platform

Features