80+ Mini Program Review Lessons: Common Pitfalls and How to Fix Them

After more than 80 WeChat Mini Program submissions, this guide compiles the most frequent review rejections—privacy agreement gaps, content‑security failures, forced login, brand misuse, and missing test accounts—and provides concrete checklists and step‑by‑step solutions to help developers pass audits quickly and reliably.

Eric Tech Circle
Eric Tech Circle
Eric Tech Circle
80+ Mini Program Review Lessons: Common Pitfalls and How to Fix Them

Self‑Check Checklist

Initial reviews focus on whether the Mini Program can be launched; subsequent reviews assess whether the new changes introduce new risks.

Change Details – Identify what features were added, optimized, or fixed.

Review Risks – Check for forced login, forced sharing or payment, prohibited content (e.g., pornographic or politically sensitive material), and multimedia uploads.

Service Category – Ensure new capabilities still match the declared service category.

User Privacy – Verify that no personal data (phone number, nickname, avatar, location, etc.) is collected without explicit user consent.

Completeness – Confirm that all functions are operational, edge cases are handled, the app works without a logged‑in user, and a test account is provided if needed.

Standard Submission Template

本次版本变更:
1. 新增:
2. 优化:
3. 修复:

测试账号(非必需):
账号:
密码:

补充说明(非必需,以下只是举例):
1. 本次是否涉及新增用户隐私信息收集?
2. 本次是否涉及支付、内容发布或外链?
3. 本次是否涉及服务类目或资质变化?

Typical Rejection Scenarios and Solutions

01 Privacy Agreement Not Updated

If the Mini Program has not integrated the official privacy agreement after the first successful launch, the reviewer will reject the submission. The fix is to update the privacy agreement in the backend under Account Settings → Service Content Declaration → User Privacy Protection Guidelines → Complete .

02 Content Security

When the app allows users to upload media, reviewers may test the upload endpoint with prohibited images. If the server cannot block these images, the review is rejected.

Short‑term fix: Submit an appeal explaining that the admin console can handle illegal images and that accounts can be disabled. This only works occasionally.

Long‑term fix: Integrate WeChat’s asynchronous multimedia content‑security API. The flow is: user uploads avatar → avatar is temporarily stored in the cloud → async request to WeChat for content check → server receives callback → if approved, the avatar is finally applied.

Official API documentation: https://developers.weixin.qq.com/miniprogram/dev/server/API/sec-center/sec-check/api_mediacheckasync.html

03 Avoid Mixing Official Branding

Do not embed WeChat’s logo or brand wording in the Mini Program’s UI, as it may confuse users about the source of the content. Remove such elements and resubmit.

04 Force Login on First Open

WeChat now forbids forcing a login before the user experiences any functionality. Reviewers reject submissions that immediately request phone number, avatar, or nickname.

Guest mode: Users enter the Mini Program, receive a silent login token, and the server enforces content access based on guest permissions.

Implementation details are described in earlier articles on dual‑token login and silent login designs (URLs: https://mp.weixin.qq.com/s?__biz=Mzk0NDI1NzI2Mw==∣=2247488057&idx=1&sn=3a34435cdd758445d20ca231b9d20a8d&scene=21, https://mp.weixin.qq.com/s?__biz=Mzk0NDI1NzI2Mw==∣=2247487658&idx=1&sn=0813592e7e7d2c52f09128b5b50199b0&scene=21).

Final Advice

Do not treat the review as the final step. Stable practice is to consider review requirements throughout development, testing, material preparation, and release planning.

Official rejection guidelines are available at https://developers.weixin.qq.com/minigame/product/reject.html.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

WeChat Mini Programcontent securityprivacy complianceguest modereview checklist
Eric Tech Circle
Written by

Eric Tech Circle

Backend team lead & architect with 10+ years experience, full‑stack engineer, sharing insights and solo development practice.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.