OpenAPI Overview

Mini programs provide a comprehensive set of OpenAPIs enabling developers to integrate various capabilities including payments, user authorization, and messaging. Communication occurs via HTTPS POST requests with structured request/response patterns.

API Version

Current Version: v2
URL Format: https://{domainName}/api/open/v2/{endpoint}

Different API versions represent distinct interfaces. Ensure you use the correct version for your integration.

Message Structure

Request Components

All API requests follow this structure:

Component	Description
URL	`https://{domainName}/api/open/{restfulPath}`
Method	POST (HTTPS)
Authentication	RSA256 digital signature required

Required Headers

Signature

string

required

Digital signature in format: algorithm=RSA256, keyVersion=1, signature=****

Client-Id

string

required

Your assigned client identifier, used to identify your application and associated keys

Request-Time

string

required

ISO 8601 timestamp with minimum second accuracy (e.g., 2024-01-10T12:00:00+01:00)

Content-Type

string

application/json; charset=UTF-8

Response Structure

All responses include a standardized result object:

{
  "result": {
    "resultStatus": "S",
    "resultCode": "SUCCESS",
    "resultMessage": "Success"
  },
  // ... additional response fields
}

result.resultStatus

string

required

Status indicator:

S - Success
F - Failed
U - Unknown
A - Accepted (processing)

result.resultCode

string

Error or success code (max 64 characters)

result.resultMessage

string

Detailed description of the result (max 256 characters)

Developer Workflow

Understand Requirements

Review API idempotency requirements and authentication specifications

Generate Keys

Create a 2048-bit RSA key pair for signing requests

Construct Request

Build signed, encoded requests per the message structure specification

Send Request

Submit HTTPS POST requests to the appropriate endpoint

Validate Response

Verify the response signature using the platform’s public key

Handle Result

Process result codes and implement appropriate error handling

Security Requirements

Request Signing

All requests must be digitally signed using RSA-SHA256

Response Validation

Always verify response signatures before processing data

Key Management

Use 2048-bit RSA keys exclusively for the RSA256 algorithm

Message Encoding

Proper encoding prevents character ambiguities during transmission

Next Steps

Idempotency

Learn how to handle retries safely

Message Encoding

Understand encoding requirements

API Signing

Step-by-step signing guide

Data Dictionary

Common data types and models

OpenAPIs

Message Transmission Security

OpenAPIs for Merchants

Reference

API Version

Message Structure

Request Components

Required Headers

Response Structure

Developer Workflow

Security Requirements

Request Signing

Response Validation

Key Management

Message Encoding

Next Steps

Idempotency

Message Encoding

API Signing

Data Dictionary

OpenAPIs

Message Transmission Security

OpenAPIs for Merchants

Reference

​API Version

​Message Structure

​Request Components

​Required Headers

​Response Structure

​Developer Workflow

​Security Requirements

Request Signing

Response Validation

Key Management

Message Encoding

​Next Steps

Idempotency

Message Encoding

API Signing

Data Dictionary

API Version

Message Structure

Request Components

Required Headers

Response Structure

Developer Workflow

Security Requirements

Next Steps