WeChat official account developed by Access token

Access token is required to customize the menu

The official account uses AppID and AppSecret to call the interface to get access_. token
The official account and the applet can call the interface to get access_ by using AppID and AppSecret. token. Appid and appsecret can be obtained in "wechat public platform - Development - basic configuration" page

access_token is the global only interface calling credential for official account. When calling the interfaces, the official account needs to use access_. token. Developers need to keep it properly. access_ At least 512 character space should be reserved for token storage. access_ The validity period of the token is currently 2 hours. It needs to be refreshed regularly. Repeated acquisition will result in the access obtained last time_ The token is invalid.

access_ The valid period of the token is 7200 seconds (two hours). During the valid period, it can be used all the time, only when access_ When the token expires, you need to call the interface again to obtain access_token. Ideally, a 7x24 hour system only needs to get access 12 times a day_ The token is obtained every 2 hours. If it is within the validity period, obtain access again_ Token, then the last access obtained_ The token will become invalid.
Currently, get access_ The call frequency of token interface is limited to 2000 times / day. If you call to obtain access before sending customer service messages, obtaining user information and mass messages every time_ It is obviously unreasonable for the token interface to obtain the interface access certificate. On the one hand, it will be more time-consuming (one more interface call operation). On the other hand, the call limit of 2000 times / day may not be enough. Therefore, in practical application, we need to obtain access_ The token is stored, and then access is called periodically_ The token interface updates it to ensure access to be taken out at any time_ All tokens are valid.

Original link

Interface call request description

https request method: GET https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET

Parameter description

parameter explain
grant_type Get access_ Fill in client with token_ credential
appid Third party user unique voucher
secret Third party user's unique credential key, i.e. appsecret

Return description

Normally, WeChat will return the following JSON packets to the official account:

Parameter description

parameter explain
access_token Obtained credentials
expires_in Voucher validity time, unit: seconds

Encapsulate these two parameters

package com.rzk.pojo;

import lombok.Data;

public class Token {
    private String accessToken;
    private int expiresIn;


package com.rzk.util;
public class HttpConstant {

    //Get Access token URI
    public static String API_URI = "https://api.weixin.qq.com/cgi-bin/token?grant_type=client_credential&appid=APPID&secret=APPSECRET";

HttpClient tool class

package com.rzk.util;

import com.rzk.pojo.Token;
import org.apache.http.HttpEntity;
import org.apache.http.client.methods.CloseableHttpResponse;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.entity.BufferedHttpEntity;
import org.apache.http.impl.client.CloseableHttpClient;
import org.apache.http.impl.client.HttpClientBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;

import java.io.IOException;

public class HttpClient {

     * GET request
     * @param url
     * @return
    public static String doGetRequest(String url) {
        String result = "";
        CloseableHttpClient httpClient = HttpClientBuilder.create().build();
        HttpGet httpGet = new HttpGet(url);
        CloseableHttpResponse response = null;
        try {
            response = httpClient.execute(httpGet);
            HttpEntity responseEntity = response.getEntity();
            result = EntityUtils.toString(responseEntity);
        } catch (Exception e) {
        }  finally {
            try {
                if (httpClient != null) {
                if (response != null) {
            } catch (IOException e) {
        }return result;


    @GetMapping(value = "accessToken")
    public String AccessToken(){
        Token token = new Token();
        //Using httpclient requests
        String result = HttpClient.doGetRequest(HttpConstant.API_URI.replace("APPID", environment.getProperty("wx.appid")).replace("APPSECRET", environment.getProperty("wx.secret")));
        //Convert to json object
        JSONObject json = JSON.parseObject(result);

        return token.getAccessToken();

Request accessToken

You also need to go to the official account to set up a whitelist list and fill in your server's ip address.

Added by man12_patil3 on Sat, 15 Jan 2022 09:27:46 +0200