How to Build a WeChat Enterprise App: From Account Setup to JS SDK Integration

WeChat development is similar to web development, but runs inside the WeChat client, offering additional features such as location, avatar, photo upload, and message sending via WeChat APIs. To host a web project on the WeChat public platform you need an account, which can be a Service, Subscription, or Enterprise account. The development process is largely the same across these types.

1. Apply for an Enterprise Experience Account

Visit the WeChat Enterprise site https://qy.weixin.qq.com/ and click “Developer Center”. On the welcome page, click “Apply for Experience Account”, fill in the required information, verify your email, and bind a WeChat ID. After approval, scan the QR code on the login page to access the Enterprise homepage.

2. Configure the Enterprise Account

2.1 Add Sub‑Departments – Click the sub‑department button, fill in the information, save and refresh.

2.2 Add Members – Use the address book to add members to the newly created department.

2.3 Member Subscription – Send an invitation email with the QR code or share the QR code directly; note the CorpID (e.g., wx7099477f2de8aded) for later API calls.

2.4 Create Management Groups – In Settings → Permission Management, create a group (e.g., “Test”). Record the Secret, which is required for JS‑SDK signature generation.

2.5 Application Management – In the Application Center, enable the default “Enterprise Assistant” app, switch it to “Normal Mode”, and enable a custom menu.

Configure a trusted domain (e.g., yo.bbdfun.com) under the app’s details; the domain must be ICP‑registered and at least second‑level.

3. Call WeChat JS‑SDK Interfaces

The WeChat JS‑SDK provides many convenient APIs. Documentation: http://qydev.weixin.qq.com/wiki/index.php?title=微信JS‑SDK接口

To use the SDK you must configure signature verification with the following parameters:

debug: true, // enable debug mode, alerts all API return values
appId: "", // required, the unique CorpID of the enterprise
timestamp: , // required, timestamp for signature
nonceStr: "", // required, random string for signature
signature: "", // required, generated signature (see Appendix 1)
jsApiList: [] // required, list of JS APIs to use (see Appendix 2)

The crucial fields are timestamp, nonceStr, and signature. Generate timestamp and nonceStr with Date.parse(new Date()). The signature is created in three steps:

Obtain access_token via

https://qyapi.weixin.qq.com/cgi-bin/gettoken?corpid=YOUR_CORPID&corpsecret=YOUR_SECRET

Use the access_token to get jsapi_ticket via

https://qyapi.weixin.qq.com/cgi-bin/get_jsapi_ticket?access_token=ACCESS_TOKEN

Combine jsapi_ticket, nonceStr, timestamp, and the current URL into a string (order matters) and compute its SHA‑1 hash to produce signature.

Example of the concatenated string:

jsapi_ticket=YOUR_TICKET&noncestr=1414587457&timestamp=1414587457&url=http://yourdomain.com

Use an online SHA‑1 tool or implement the hash in code (Java example available at the original blog). After obtaining the signature, you can call the desired JS‑SDK methods.