受理管控
更新时间:2025.09.09针对微众台账发起管控。接口仅受理,管控成功或失败后,可以通知发起方(需发起方提供通知地址)。
接口支持重入,重入有效期1年。
限频:200/分钟
接口说明
支持商户:【普通商户】
请求方式:【POST】/v3/aggracct-bc/wb-channel/control-orders/punish
请求域名:【主域名】https://api.mch.weixin.qq.com 使用该域名将访问就近的接入点
【备域名】https://api2.mch.weixin.qq.com 使用该域名将访问异地的接入点 ,指引点击查看
请求参数
Header HTTP头参数
Authorization 必填 string
请参考签名认证生成认证信息
Accept 必填 string
请设置为application/json
Content-Type 必填 string
请设置为application/json
Wechatpay-Serial 必填 string
【微信支付公钥ID】或【微信支付平台证书序列号】 请求参数中的敏感字段,需要使用微信支付公钥加密(推荐),请参考获取微信支付公钥ID说明以及微信支付公钥加密敏感信息指引;也可以使用微信支付平台证书公钥加密,参考获取平台证书序列号、平台证书加密敏感信息指引
body 包体参数
out_request_no 必填 string(64)
【微众管控单号】 微众管控单号
mchid 必填 string
【目标下管商户号】 微信支付商户号
bal_account_no 必填 string
【目标下管台账ID】 【加密】台账ID,对应微众支用账号
punish_scene 必填 integer
【管控场景】 微众事先在管控系统登记好的场景ID
punish_reason 选填 string
【管控原因】 仅支持UTF8可见字符。微众管控原因的具体描述,用于后续产品分析对账。例如“xxx接口核验xxx字段不通过”。
punish_end_time 选填 string
【管控结束时间】 到管控时间后不支持自动解管。不填默认为长期。遵循rfc3339标准格式,格式为YYYY-MM-DDTHH:mm:ss+TIMEZONE,YYYY-MM-DD表示年月日,T出现在字符串中,表示time元素的开头,HH:mm:ss表示时分秒,TIMEZONE表示时区(+08:00表示东八区时间,领先UTC 8小时,即北京时间)。例如:2015-05-20T13:29:35+08:00表示,北京时间2015年5月20日 13点29分35秒。
请求示例
curl
Java
Go
POST
1curl -X POST \ 2 https://api.mch.weixin.qq.com/v3/aggracct-bc/wb-channel/control-orders/punish \ 3 -H "Authorization: WECHATPAY2-SHA256-RSA2048 mchid=\"1900000001\",..." \ 4 -H "Accept: application/json" \ 5 -H "Wechatpay-Serial: 5157F09EFDC096DE15EBE81A47057A7232F1B8E1" \ 6 -H "Content-Type: application/json" \ 7 -d '{ 8 "out_request_no" : "example_out_request_no", 9 "mchid" : "example_mchid", 10 "bal_account_no" : "example_bal_account_no", 11 "punish_scene" : 1, 12 "punish_reason" : "example_punish_reason", 13 "punish_end_time" : "2015-05-20T13:29:35+08:00" 14 }' 15
需配合微信支付工具库 WXPayUtility 使用,请参考Java
1package com.java.demo; 2 3import com.java.utils.WXPayUtility; // 引用微信支付工具库,参考:https://pay.weixin.qq.com/doc/v3/merchant/4014931831 4 5import com.google.gson.annotations.SerializedName; 6import com.google.gson.annotations.Expose; 7import okhttp3.MediaType; 8import okhttp3.OkHttpClient; 9import okhttp3.Request; 10import okhttp3.RequestBody; 11import okhttp3.Response; 12 13import java.io.IOException; 14import java.io.UncheckedIOException; 15import java.security.PrivateKey; 16import java.security.PublicKey; 17import java.util.ArrayList; 18import java.util.HashMap; 19import java.util.List; 20import java.util.Map; 21 22/** 23 * 受理管控 24 */ 25public class Punish { 26 private static String HOST = "https://api.mch.weixin.qq.com"; 27 private static String METHOD = "POST"; 28 private static String PATH = "/v3/aggracct-bc/wb-channel/control-orders/punish"; 29 30 public static void main(String[] args) { 31 // TODO: 请准备商户开发必要参数,参考:https://pay.weixin.qq.com/doc/v3/merchant/4013070756 32 Punish client = new Punish( 33 "19xxxxxxxx", // 商户号,是由微信支付系统生成并分配给每个商户的唯一标识符,商户号获取方式参考 https://pay.weixin.qq.com/doc/v3/merchant/4013070756 34 "1DDE55AD98Exxxxxxxxxx", // 商户API证书序列号,如何获取请参考 https://pay.weixin.qq.com/doc/v3/merchant/4013053053 35 "/path/to/apiclient_key.pem", // 商户API证书私钥文件路径,本地文件路径 36 "PUB_KEY_ID_xxxxxxxxxxxxx", // 微信支付公钥ID,如何获取请参考 https://pay.weixin.qq.com/doc/v3/merchant/4013038816 37 "/path/to/wxp_pub.pem" // 微信支付公钥文件路径,本地文件路径 38 ); 39 40 PunishRequest request = new PunishRequest(); 41 request.outRequestNo = "example_out_request_no"; 42 request.mchid = "example_mchid"; 43 request.balAccountNo = client.encrypt("bal_account_no"); 44 request.punishScene = 1L; 45 request.punishReason = "example_punish_reason"; 46 request.punishEndTime = "2015-05-20T13:29:35+08:00"; 47 try { 48 PunishResponse response = client.run(request); 49 // TODO: 请求成功,继续业务逻辑 50 System.out.println(response); 51 } catch (WXPayUtility.ApiException e) { 52 // TODO: 请求失败,根据状态码执行不同的逻辑 53 e.printStackTrace(); 54 } 55 } 56 57 public PunishResponse run(PunishRequest request) { 58 String uri = PATH; 59 String reqBody = WXPayUtility.toJson(request); 60 61 Request.Builder reqBuilder = new Request.Builder().url(HOST + uri); 62 reqBuilder.addHeader("Accept", "application/json"); 63 reqBuilder.addHeader("Wechatpay-Serial", wechatPayPublicKeyId); 64 reqBuilder.addHeader("Authorization", WXPayUtility.buildAuthorization(mchid, certificateSerialNo,privateKey, METHOD, uri, reqBody)); 65 reqBuilder.addHeader("Content-Type", "application/json"); 66 RequestBody requestBody = RequestBody.create(MediaType.parse("application/json; charset=utf-8"), reqBody); 67 reqBuilder.method(METHOD, requestBody); 68 Request httpRequest = reqBuilder.build(); 69 70 // 发送HTTP请求 71 OkHttpClient client = new OkHttpClient.Builder().build(); 72 try (Response httpResponse = client.newCall(httpRequest).execute()) { 73 String respBody = WXPayUtility.extractBody(httpResponse); 74 if (httpResponse.code() >= 200 && httpResponse.code() < 300) { 75 // 2XX 成功,验证应答签名 76 WXPayUtility.validateResponse(this.wechatPayPublicKeyId, this.wechatPayPublicKey, 77 httpResponse.headers(), respBody); 78 79 // 从HTTP应答报文构建返回数据 80 return WXPayUtility.fromJson(respBody, PunishResponse.class); 81 } else { 82 throw new WXPayUtility.ApiException(httpResponse.code(), respBody, httpResponse.headers()); 83 } 84 } catch (IOException e) { 85 throw new UncheckedIOException("Sending request to " + uri + " failed.", e); 86 } 87 } 88 89 private final String mchid; 90 private final String certificateSerialNo; 91 private final PrivateKey privateKey; 92 private final String wechatPayPublicKeyId; 93 private final PublicKey wechatPayPublicKey; 94 95 public Punish(String mchid, String certificateSerialNo, String privateKeyFilePath, String wechatPayPublicKeyId, String wechatPayPublicKeyFilePath) { 96 this.mchid = mchid; 97 this.certificateSerialNo = certificateSerialNo; 98 this.privateKey = WXPayUtility.loadPrivateKeyFromPath(privateKeyFilePath); 99 this.wechatPayPublicKeyId = wechatPayPublicKeyId; 100 this.wechatPayPublicKey = WXPayUtility.loadPublicKeyFromPath(wechatPayPublicKeyFilePath); 101 } 102 103 public String encrypt(String plainText) { 104 return WXPayUtility.encrypt(this.wechatPayPublicKey, plainText); 105 } 106 107 public static class PunishRequest { 108 @SerializedName("out_request_no") 109 public String outRequestNo; 110 111 @SerializedName("mchid") 112 public String mchid; 113 114 @SerializedName("bal_account_no") 115 public String balAccountNo; 116 117 @SerializedName("punish_scene") 118 public Long punishScene; 119 120 @SerializedName("punish_reason") 121 public String punishReason; 122 123 @SerializedName("punish_end_time") 124 public String punishEndTime; 125 } 126 127 public static class PunishResponse { 128 @SerializedName("wxpay_punish_no") 129 public String wxpayPunishNo; 130 131 @SerializedName("out_request_no") 132 public String outRequestNo; 133 } 134 135} 136
需配合微信支付工具库 wxpay_utility 使用,请参考Go
1package main 2 3import ( 4 "bytes" 5 "demo/wxpay_utility" // 引用微信支付工具库,参考 https://pay.weixin.qq.com/doc/v3/merchant/4015119334 6 "encoding/json" 7 "fmt" 8 "net/http" 9 "net/url" 10) 11 12func main() { 13 // TODO: 请准备商户开发必要参数,参考:https://pay.weixin.qq.com/doc/v3/merchant/4013070756 14 config, err := wxpay_utility.CreateMchConfig( 15 "19xxxxxxxx", // 商户号,是由微信支付系统生成并分配给每个商户的唯一标识符,商户号获取方式参考 https://pay.weixin.qq.com/doc/v3/merchant/4013070756 16 "1DDE55AD98Exxxxxxxxxx", // 商户API证书序列号,如何获取请参考 https://pay.weixin.qq.com/doc/v3/merchant/4013053053 17 "/path/to/apiclient_key.pem", // 商户API证书私钥文件路径,本地文件路径 18 "PUB_KEY_ID_xxxxxxxxxxxxx", // 微信支付公钥ID,如何获取请参考 https://pay.weixin.qq.com/doc/v3/merchant/4013038816 19 "/path/to/wxp_pub.pem", // 微信支付公钥文件路径,本地文件路径 20 ) 21 if err != nil { 22 fmt.Println(err) 23 return 24 } 25 26 request := &PunishRequest{ 27 OutRequestNo: wxpay_utility.String("example_out_request_no"), 28 Mchid: wxpay_utility.String("example_mchid"), 29 BalAccountNo: wxpay_utility.String("example_bal_account_no"), /*请传入wxpay_utility.EncryptOAEPWithPublicKey 加密结果*/ 30 PunishScene: wxpay_utility.Int64(1), 31 PunishReason: wxpay_utility.String("example_punish_reason"), 32 PunishEndTime: wxpay_utility.String("2015-05-20T13:29:35+08:00"), 33 } 34 35 response, err := Punish(config, request) 36 if err != nil { 37 fmt.Printf("请求失败: %+v\n", err) 38 // TODO: 请求失败,根据状态码执行不同的处理 39 return 40 } 41 42 // TODO: 请求成功,继续业务逻辑 43 fmt.Printf("请求成功: %+v\n", response) 44} 45 46func Punish(config *wxpay_utility.MchConfig, request *PunishRequest) (response *PunishResponse, err error) { 47 const ( 48 host = "https://api.mch.weixin.qq.com" 49 method = "POST" 50 path = "/v3/aggracct-bc/wb-channel/control-orders/punish" 51 ) 52 53 reqUrl, err := url.Parse(fmt.Sprintf("%s%s", host, path)) 54 if err != nil { 55 return nil, err 56 } 57 reqBody, err := json.Marshal(request) 58 if err != nil { 59 return nil, err 60 } 61 httpRequest, err := http.NewRequest(method, reqUrl.String(), bytes.NewReader(reqBody)) 62 if err != nil { 63 return nil, err 64 } 65 httpRequest.Header.Set("Accept", "application/json") 66 httpRequest.Header.Set("Wechatpay-Serial", config.WechatPayPublicKeyId()) 67 httpRequest.Header.Set("Content-Type", "application/json") 68 authorization, err := wxpay_utility.BuildAuthorization(config.MchId(), config.CertificateSerialNo(), config.PrivateKey(), method, reqUrl.RequestURI(), reqBody) 69 if err != nil { 70 return nil, err 71 } 72 httpRequest.Header.Set("Authorization", authorization) 73 74 client := &http.Client{} 75 httpResponse, err := client.Do(httpRequest) 76 if err != nil { 77 return nil, err 78 } 79 respBody, err := wxpay_utility.ExtractResponseBody(httpResponse) 80 if err != nil { 81 return nil, err 82 } 83 if httpResponse.StatusCode >= 200 && httpResponse.StatusCode < 300 { 84 // 2XX 成功,验证应答签名 85 err = wxpay_utility.ValidateResponse( 86 config.WechatPayPublicKeyId(), 87 config.WechatPayPublicKey(), 88 &httpResponse.Header, 89 respBody, 90 ) 91 if err != nil { 92 return nil, err 93 } 94 response := &PunishResponse{} 95 if err := json.Unmarshal(respBody, response); err != nil { 96 return nil, err 97 } 98 99 return response, nil 100 } else { 101 return nil, wxpay_utility.NewApiException( 102 httpResponse.StatusCode, 103 httpResponse.Header, 104 respBody, 105 ) 106 } 107} 108 109type PunishRequest struct { 110 OutRequestNo *string `json:"out_request_no,omitempty"` 111 Mchid *string `json:"mchid,omitempty"` 112 BalAccountNo *string `json:"bal_account_no,omitempty"` 113 PunishScene *int64 `json:"punish_scene,omitempty"` 114 PunishReason *string `json:"punish_reason,omitempty"` 115 PunishEndTime *string `json:"punish_end_time,omitempty"` 116} 117 118type PunishResponse struct { 119 WxpayPunishNo *string `json:"wxpay_punish_no,omitempty"` 120 OutRequestNo *string `json:"out_request_no,omitempty"` 121} 122
应答参数
200 OK
wxpay_punish_no 必填 string
【微信支付管控单号】 微信支付管控单号
out_request_no 必填 string
【微众管控单号】 微众管控单号
应答示例
200 OK
1{ 2 "wxpay_punish_no" : "example_wxpay_punish_no", 3 "out_request_no" : "example_out_request_no" 4} 5
错误码
公共错误码
状态码 | 错误码 | 描述 | 解决方案 |
|---|---|---|---|
400 | PARAM_ERROR | 参数错误 | 请根据错误提示正确传入参数 |
400 | INVALID_REQUEST | HTTP 请求不符合微信支付 APIv3 接口规则 | 请参阅 接口规则 |
401 | SIGN_ERROR | 验证不通过 | 请参阅 签名常见问题 |
500 | SYSTEM_ERROR | 系统异常,请稍后重试 | 请稍后重试 |
业务错误码
状态码 | 错误码 | 描述 | 解决方案 |
|---|---|---|---|
400 | INVALID_REQUEST | 请求参数符合参数格式,但不符合业务规则 | 此状态代表管控申请失败,请根据具体的错误提示做相应的处理。 |
400 | NOT_FOUND | 目标下管商户号不存在 | 目标下管商户号不存在,请检查后重试 |
400 | ALREADY_EXISTS | 商户已被管控 | 商户已被管控,无需再管控 |
文档是否有帮助
