品牌会员入会组件预授权
更新时间:2025.11.19生成用于商家小程序或 H5 拉起入会组件的品牌预授权凭证
接口限频:按品牌商户品牌 ID 维度 5 次/秒
接口说明
支持商户:【品牌商户】
请求方式:【POST】/brand/card-member/pre-auth-tokens
请求域名:【主域名】https://api.mch.weixin.qq.com 使用该域名将访问就近的接入点
【备域名】https://api2.mch.weixin.qq.com 使用该域名将访问异地的接入点 ,指引点击查看
请求参数
Header HTTP头参数
Authorization 必填 string
请参考签名认证生成认证信息
Accept 必填 string
请设置为application/json
Content-Type 必填 string
请设置为application/json
Wechatpay-Serial 必填 string
【微信支付公钥ID】 请传入brand_id对应的微信支付公钥ID,接口将会校验两者的关联关系,参考微信支付公钥产品简介及使用说明获取微信支付公钥ID和相关的介绍。以下两种场景将使用到微信支付公钥: 1、接收到接口的返回内容,需要使用微信支付公钥进行验签; 2、调用含有敏感信息参数(如姓名、身份证号码)的接口时,需要使用微信支付公钥加密敏感信息后再传输参数,加密指引请参考微信支付公钥加密敏感信息指引。
body 包体参数
card_id 必填 string(32)
【会员卡模板 ID】 商家创建会员卡模板成功后系统返回的会员卡模板ID
openid 必填 string(128)
【用户标识】 用户在品牌商家会员卡模板AppID下的唯一标识,获取方式详见参数说明。
请求示例
curl
Java
Go
POST
1curl -X POST \ 2 https://api.mch.weixin.qq.com/brand/card-member/pre-auth-tokens \ 3 -H "Authorization: WECHATPAY-BRAND-SHA256-RSA2048 brand_id=\"XXXX\",..." \ 4 -H "Accept: application/json" \ 5 -H "Wechatpay-Serial: PUB_KEY_ID_XXXX" \ 6 -H "Content-Type: application/json" \ 7 -d '{ 8 "card_id" : "pbLatjvWOibDc5-TBnbUk1pD12o0", 9 "openid" : "obLatjnx9gnqzS4myYGmLZ7LgLBA" 10 }' 11
需配合微信支付工具库 WXPayUtility 使用,请参考Java
1package com.java.demo; 2 3import com.java.utils.WXPayBrandUtility; // 引用微信支付工具库,参考:https://pay.weixin.qq.com/doc/brand/4015826861 4 5import com.google.gson.annotations.SerializedName; 6import com.google.gson.annotations.Expose; 7import okhttp3.MediaType; 8import okhttp3.OkHttpClient; 9import okhttp3.Request; 10import okhttp3.RequestBody; 11import okhttp3.Response; 12 13import java.io.IOException; 14import java.io.UncheckedIOException; 15import java.security.PrivateKey; 16import java.security.PublicKey; 17import java.util.ArrayList; 18import java.util.HashMap; 19import java.util.List; 20import java.util.Map; 21 22/** 23 * 入会组件预授权 24 */ 25public class CreatePreAuthToken { 26 private static String HOST = "https://api.mch.weixin.qq.com"; 27 private static String METHOD = "POST"; 28 private static String PATH = "/brand/card-member/pre-auth-tokens"; 29 30 public static void main(String[] args) { 31 // TODO: 请准备商户开发必要参数,参考:https://pay.weixin.qq.com/doc/brand/4015415289 32 CreatePreAuthToken client = new CreatePreAuthToken( 33 "xxxxxxxx", // 品牌ID,是由微信支付系统生成并分配给每个品牌方的唯一标识符,品牌ID获取方式参考 https://pay.weixin.qq.com/doc/brand/4015415289 34 "1DDE55AD98Exxxxxxxxxx", // 品牌API证书序列号,如何获取请参考 https://pay.weixin.qq.com/doc/brand/4015407570 35 "/path/to/apiclient_key.pem", // 品牌API证书私钥文件路径,本地文件路径 36 "PUB_KEY_ID_xxxxxxxxxxxxx", // 微信支付公钥ID,如何获取请参考 https://pay.weixin.qq.com/doc/brand/4015453439 37 "/path/to/wxp_pub.pem" // 微信支付公钥文件路径,本地文件路径 38 ); 39 40 CreatePreAuthTokenRequest request = new CreatePreAuthTokenRequest(); 41 request.cardId = "pbLatjvWOibDc5-TBnbUk1pD12o0"; 42 request.openid = "obLatjnx9gnqzS4myYGmLZ7LgLBA"; 43 try { 44 PreAuthToken response = client.run(request); 45 // TODO: 请求成功,继续业务逻辑 46 System.out.println(response); 47 } catch (WXPayBrandUtility.ApiException e) { 48 // TODO: 请求失败,根据状态码执行不同的逻辑 49 e.printStackTrace(); 50 } 51 } 52 53 public PreAuthToken run(CreatePreAuthTokenRequest request) { 54 String uri = PATH; 55 String reqBody = WXPayBrandUtility.toJson(request); 56 57 Request.Builder reqBuilder = new Request.Builder().url(HOST + uri); 58 reqBuilder.addHeader("Accept", "application/json"); 59 reqBuilder.addHeader("Wechatpay-Serial", wechatPayPublicKeyId); 60 reqBuilder.addHeader("Authorization", WXPayBrandUtility.buildAuthorization(brand_id, certificateSerialNo,privateKey, METHOD, uri, reqBody)); 61 reqBuilder.addHeader("Content-Type", "application/json"); 62 RequestBody requestBody = RequestBody.create(MediaType.parse("application/json; charset=utf-8"), reqBody); 63 reqBuilder.method(METHOD, requestBody); 64 Request httpRequest = reqBuilder.build(); 65 66 // 发送HTTP请求 67 OkHttpClient client = new OkHttpClient.Builder().build(); 68 try (Response httpResponse = client.newCall(httpRequest).execute()) { 69 String respBody = WXPayBrandUtility.extractBody(httpResponse); 70 if (httpResponse.code() >= 200 && httpResponse.code() < 300) { 71 // 2XX 成功,验证应答签名 72 WXPayBrandUtility.validateResponse(this.wechatPayPublicKeyId, this.wechatPayPublicKey, 73 httpResponse.headers(), respBody); 74 75 // 从HTTP应答报文构建返回数据 76 return WXPayBrandUtility.fromJson(respBody, PreAuthToken.class); 77 } else { 78 throw new WXPayBrandUtility.ApiException(httpResponse.code(), respBody, httpResponse.headers()); 79 } 80 } catch (IOException e) { 81 throw new UncheckedIOException("Sending request to " + uri + " failed.", e); 82 } 83 } 84 85 private final String brand_id; 86 private final String certificateSerialNo; 87 private final PrivateKey privateKey; 88 private final String wechatPayPublicKeyId; 89 private final PublicKey wechatPayPublicKey; 90 91 public CreatePreAuthToken(String brand_id, String certificateSerialNo, String privateKeyFilePath, String wechatPayPublicKeyId, String wechatPayPublicKeyFilePath) { 92 this.brand_id = brand_id; 93 this.certificateSerialNo = certificateSerialNo; 94 this.privateKey = WXPayBrandUtility.loadPrivateKeyFromPath(privateKeyFilePath); 95 this.wechatPayPublicKeyId = wechatPayPublicKeyId; 96 this.wechatPayPublicKey = WXPayBrandUtility.loadPublicKeyFromPath(wechatPayPublicKeyFilePath); 97 } 98 99 public static class CreatePreAuthTokenRequest { 100 @SerializedName("card_id") 101 public String cardId; 102 103 @SerializedName("openid") 104 public String openid; 105 } 106 107 public static class PreAuthToken { 108 @SerializedName("token") 109 public String token; 110 111 @SerializedName("expire_time") 112 public String expireTime; 113 } 114 115} 116
需配合微信支付工具库 wxpay_utility 使用,请参考Go
1package main 2 3import ( 4 "bytes" 5 "demo/wxpay_brand_utility" // 引用微信支付工具库,参考 https://pay.weixin.qq.com/doc/brand/4015826866 6 "encoding/json" 7 "fmt" 8 "net/http" 9 "net/url" 10) 11 12func main() { 13 // TODO: 请准备商户开发必要参数,参考:https://pay.weixin.qq.com/doc/brand/4015415289 14 config, err := wxpay_brand_utility.CreateBrandConfig( 15 "xxxxxxxx", // 品牌ID,是由微信支付系统生成并分配给每个品牌方的唯一标识符,品牌ID获取方式参考 https://pay.weixin.qq.com/doc/brand/4015415289 16 "1DDE55AD98Exxxxxxxxxx", // 品牌API证书序列号,如何获取请参考 https://pay.weixin.qq.com/doc/brand/4015407570 17 "/path/to/apiclient_key.pem", // 品牌API证书私钥文件路径,本地文件路径 18 "PUB_KEY_ID_xxxxxxxxxxxxx", // 微信支付公钥ID,如何获取请参考 https://pay.weixin.qq.com/doc/brand/4015453439 19 "/path/to/wxp_pub.pem", // 微信支付公钥文件路径,本地文件路径 20 ) 21 if err != nil { 22 fmt.Println(err) 23 return 24 } 25 26 request := &CreatePreAuthTokenRequest{ 27 CardId: wxpay_brand_utility.String("pbLatjvWOibDc5-TBnbUk1pD12o0"), 28 Openid: wxpay_brand_utility.String("obLatjnx9gnqzS4myYGmLZ7LgLBA"), 29 } 30 31 response, err := CreatePreAuthToken(config, request) 32 if err != nil { 33 fmt.Printf("请求失败: %+v\n", err) 34 // TODO: 请求失败,根据状态码执行不同的处理 35 return 36 } 37 38 // TODO: 请求成功,继续业务逻辑 39 fmt.Printf("请求成功: %+v\n", response) 40} 41 42func CreatePreAuthToken(config *wxpay_brand_utility.BrandConfig, request *CreatePreAuthTokenRequest) (response *PreAuthToken, err error) { 43 const ( 44 host = "https://api.mch.weixin.qq.com" 45 method = "POST" 46 path = "/brand/card-member/pre-auth-tokens" 47 ) 48 49 reqUrl, err := url.Parse(fmt.Sprintf("%s%s", host, path)) 50 if err != nil { 51 return nil, err 52 } 53 reqBody, err := json.Marshal(request) 54 if err != nil { 55 return nil, err 56 } 57 httpRequest, err := http.NewRequest(method, reqUrl.String(), bytes.NewReader(reqBody)) 58 if err != nil { 59 return nil, err 60 } 61 httpRequest.Header.Set("Accept", "application/json") 62 httpRequest.Header.Set("Wechatpay-Serial", config.WechatPayPublicKeyId()) 63 httpRequest.Header.Set("Content-Type", "application/json") 64 authorization, err := wxpay_brand_utility.BuildAuthorization(config.BrandId(), config.CertificateSerialNo(), config.PrivateKey(), method, reqUrl.RequestURI(), reqBody) 65 if err != nil { 66 return nil, err 67 } 68 httpRequest.Header.Set("Authorization", authorization) 69 70 client := &http.Client{} 71 httpResponse, err := client.Do(httpRequest) 72 if err != nil { 73 return nil, err 74 } 75 respBody, err := wxpay_brand_utility.ExtractResponseBody(httpResponse) 76 if err != nil { 77 return nil, err 78 } 79 if httpResponse.StatusCode >= 200 && httpResponse.StatusCode < 300 { 80 // 2XX 成功,验证应答签名 81 err = wxpay_brand_utility.ValidateResponse( 82 config.WechatPayPublicKeyId(), 83 config.WechatPayPublicKey(), 84 &httpResponse.Header, 85 respBody, 86 ) 87 if err != nil { 88 return nil, err 89 } 90 response := &PreAuthToken{} 91 if err := json.Unmarshal(respBody, response); err != nil { 92 return nil, err 93 } 94 95 return response, nil 96 } else { 97 return nil, wxpay_brand_utility.NewApiException( 98 httpResponse.StatusCode, 99 httpResponse.Header, 100 respBody, 101 ) 102 } 103} 104 105type CreatePreAuthTokenRequest struct { 106 CardId *string `json:"card_id,omitempty"` 107 Openid *string `json:"openid,omitempty"` 108} 109 110type PreAuthToken struct { 111 Token *string `json:"token,omitempty"` 112 ExpireTime *string `json:"expire_time,omitempty"` 113} 114
应答参数
200 OK
token 必填 string(32)
【预授权 token】 用于H5 和小程序场景拉起会员开卡组件投放会员卡
expire_time 必填 string(32)
【token 过期时间】 token过期时间(生成后一小时有效),需遵循 RFC3339 标准格式:yyyy-MM-DDTHH:mm:ss+TIMEZONE。yyyy-MM-DD 表示年月日;T 字符用于分隔日期和时间部分;HH:mm:ss 表示具体的时分秒;TIMEZONE 表示时区(例如,+08:00 对应东八区时间,即北京时间)。示例:2015-05-20T13:29:35+08:00 表示北京时间2015年5月20日13点29分35秒。
应答示例
200 OK
1{ 2 "token" : "d2df23f2f4fasf3gws", 3 "expire_time" : "2020-05-20T13:29:35.120+08:00" 4} 5
错误码
以下是本接口返回的错误码列表。详细错误码规则,请参考微信支付接口规则-错误码和错误提示
文档是否有帮助
