Domain Modification Result Notification
Update Time:2025.01.07
|
Domain Modification Result Notification
Latest update time:2023.12.05 Release notes
|
1. API Intro
Applicable object: Institutional mode Service Provider Mode
API rules:The URL is set by the notify_url parameter of the Create Domain Modification Application. The HTTPS protocol is required. If the URL cannot be accessed, the merchant will not receive any WeChat notifications. The notification URL must be directly accessible without any parameters. Example: success_notify_url: "https://pay.weixin.qq.com/wxpay/pay.action"
Request method:POST
2. Notification Rules
After a web payment domain modification request is reviewed, WeChat sends the review result and the request information to the merchant. The merchant needs to process the received notification data and return a response according to the document specifications. For security concern, the notification data is encrypted, so the merchant needs to decrypt it first.
If the response received by WeChat is not success or the response from the merchant times out, WeChat considers the notification a failure and will send the notification again based on certain policies to maximize the success rate. However, WeChat does not guarantee a successful notification. The callback is performed at a tiered frequency of 15s/15s/30s/3m/10m/20m/30m/30m/30m/60m/3h/3h/3h/6h/6h with a total of 24h4m.
3. Notification Messages
The review result notification is sent to the notification URL set by the merchant with the POST method and transmitted in the request body in JSON format. The notification data contains encrypted payment result details.
The following describes how to decrypt the certificate:
(1) Obtain the merchant's key from the merchant platform and record it as "key".
(2) Obtain the parameters nonce and associated_data based on the algorithm described in resource.algorithm (which is AEAD_AES_256_GCM).
(3) Decrypt the resource.ciphertext with key, nonce, and associated_data to get the resource object in JSON format.
Note: For the API information of the AEAD_AES_256_GCM algorithm, see rfc5116. The length of the key used for WeChat Pay is 32 bytes, the length of the random string nonce is 12 bytes, and the length of the associated_data value is less than 16 bytes or may be zero.
4. Request Parameters
Name | Variable Name | Type | Required | Description |
---|---|---|---|---|
Notification ID | id | string[1,36] | Yes | Unique ID of the notification. |
Notification creation time | create_time | string[1,64] | Yes | The time when the notification was created. It is in rfc3339 format. For example, 2018-06-08T10:34:56+08:00 indicates 10:34:56 Beijing time on June 8, 2018. |
Notification type | event_type | string[1,32] | Yes | Notification type. |
Notification data type | resource_type | string[1,32] | Yes | he type of the notification resource data. The type of resource data for an approval notification is applyment. |
Callback summary | summary | string[1,64] | Yes | Callback summary. |
Notification data | resource | object | Yes | Resource data of the notification. |
5. Notification Signature
Even if a notification is encrypted, it cannot be confirmed that the notification comes from WeChat. WeChat will sign the notification sent to the merchant and place the signature value in the HTTP header Wechatpay-Signature of the notification. The merchant should verify the signature to make sure that the request comes from WeChat rather than a third party. For information on the signature verification algorithm, see 《WeChat Pay API V3 Signature Verification》.
Contract signing and termination result notification
A resource object obtained after the merchant decrypts the "resource" object
JSON
6. Review Result Notification Parameters
Name | Variable Name | Type | Required | Description |
---|---|---|---|---|
Sub-merchant ID | sub_mchid | string[1, 32] | Yes | ID of the sub-merchant under the current institution/service provider. |
Sub-merchant's website status | website_state | string | Yes | The status of the sub-merchant's website. Valid values: |
Web payment domain | domains | array | Yes | The domain that pulls web payment. |
Sub-merchant's website URL | webiste_url | string[1, 128] | Yes | The URL of the website on which the sub-merchant's business categories, products/services and prices are displayed and users can place orders. |
Website business page screenshot | website_business_page_pics | array | No | This field is required when the website is not launched. The value is a media ID, which can be obtained via the image upload API |
Website homepage screenshot | website_homepage_pics | array | No | This field is required when the website is not launched. The value is a media ID, which can be obtained via the image upload API |
Application ID | applyment_id | int | Yes | Unique ID of the H5 authorization application. |
Rejection reason | audit_reject_detail | string[1, 500] | No | The reason why the request is rejected. |
Request status | applyment_state | string | No | The status of the web payment domain modification request. Valid values: |
Callback API provided by merchants to receive review results | notify_url | string[1, 128] | No | The HTTPS protocol is required. If the URL cannot be accessed, the merchant will not receive any WeChat notifications. The notification URL must be directly accessible without any parameters. |
Merchant request ID | out_applyment_id | string[6, 32] | Yes | Internal request ID in the merchant system. The request ID can only contain numbers, letters, underscores (_), hyphens (-), and asterisks (*), and is unique under the same merchant ID. |
7. Notification Response
Name | Variable Name | Type | Required | Description |
---|---|---|---|---|
Returned status code | code | string[1,32] | Yes | For more information, see the returned status code description below. |
Returned message | message | string[1,256] | No | Returned message, which presents the cause of the error. |
Scenario 1: Success example
Scenario 2: Failure example 200