Bind User with Username and Password
When a user enters the Mini Program and logs in with WeChat for the first time, they cannot log in through openid and unionid. The user must first bind an existing username and password. After binding is completed, the user can log in with WeChat in the Mini Program directly through openid and unionid subsequently. If the username and password entered by the user are incorrect, binding cannot be completed. If the enterprise expects that only users who have already registered in the system with a username and password can log in to the Mini Program, this API can be called. Before calling this API, you need to obtain a temporary token through the WeChat Mini Program Login API.
Request Description
POST https://{your_domain}/api/v2/sdk/social/username-password-bind
Request Headers
| Parameter Name | Name | Required | Type | Example |
|---|---|---|---|---|
| X-operating-sys-version | Caller client OS version | Yes | String | windows10.1.1 |
| X-device-fingerprint | Caller client device fingerprint | Yes | String | 156aysdna213sc50 |
| X-device-ip | Caller client IP | No | String | 192.168.1.2 |
| X-agent | User-Agent information | Yes | String | Mozilla/5.0 (iPhone; CPU iPhone OS 13_3 like Mac OS X) |
| X-L | Used for international language settings | No | String | zh |
| X-client-id | Application authorization ID | Yes | String | nTo1eRIub60vPb54WeE6aojPwYwImtl4 |
| X-state-token | Temporary token | Yes | String | eyJhbcOiJ……nEPRiIC4we0 |
| content-type | Content format type | Yes | String | application/json |
Request Example
{
"user_name":"zhangshan",
"password":"password"
}Request Parameters
| Parameter Name | Name | Required | Type | Description |
|---|---|---|---|---|
| user_name | Username | Yes | String | Username entered by the user |
| password | Password | Yes | String | Password entered by the user |
Response Examples
Success Example
HTTP/1.1 200 OK
{
"session_token": "btsiBjx85prcZu6I6Ki057Tmw3nSF2VO",
"expire": 432000,
"status": "SUCCESS",
"id_token": "eyJraWQn0.eyJpc3MiOiJodHR…g1A7jG8O0uw"
}Error Example
HTTP/1.1 400 Bad Request
{
"error_code": "IDAAS.SDK.COMMON.1007",
"error_msg": "state_token parameter error"
}Response Parameters
| Parameter Name | Name | Type | Description |
|---|---|---|---|
| status | Login flow status identifier | String | SUCCES: Login successful SOCIAL_BIND: Binding flow USER_REGISTER: Auto-registration and binding flow ACCESS_DENIED: Access denied MFA_AUTH: Secondary authentication |
| expire | session_token validity period | Number | session_token validity period |
| session_token | User session_token | String | User session_token |
| id_token | Identity token of logged-in user, short-term valid | String | This field is in JWT format and contains user identity information. You can refer to Get User Info from id_token to obtain user information. The token validity period defaults to 5 minutes. |