How to Configure and Authorize User Privacy in WeChat Mini Programs (2023 Update)

Background

From September 15, 2023, WeChat Mini Programs automatically enable privacy‑related functions. Without an approved privacy agreement, the mini program cannot call user‑information APIs, and any attempt to bypass the review will likely be reported and removed.

Official Interfaces

The following interfaces are now usable for debugging and production:

getPrivacySetting

onNeedPrivacyAuthorization

requirePrivacyAuthorize

Configuration Changes

Before September 15, 2023 you could control the feature with __usePrivacyCheck__: true in app.json. After that date the privacy feature is always enabled, regardless of the flag.

Setting Up the Privacy Agreement

Developers must fill out the "Mini Program User Privacy Protection Guidelines" in the Mini Program management console. The guideline explains how to describe each data type and the reason for collection.

Selecting User‑Info Types

Choose the data types you need and provide a clear justification for each.

Omitting required types (e.g., selecting only photo or video but not camera or microphone) will block related APIs such as wx.chooseMedia.

Each modification triggers a review that lasts from about one hour to several hours, and the result is notified to the user.

Privacy Authorization UI Options

Option 1: Show a custom popup on a page for the user to grant permission.

Option 2 (recommended): Use the official components (e.g., input, button) that automatically integrate the privacy dialog, offering a better user experience.

Implementation Example

TypeScript (or JavaScript) page handling the authorization:

Page({
  data: {
    focus: false,
    newNickname: ''
  },
  handleAgreePrivacy() {
    if (wx.requirePrivacyAuthorize) {
      wx.requirePrivacyAuthorize({
        success: () => {
          console.log('User agreed to privacy agreement or no consent needed');
          this.setData({ focus: true });
        },
        fail: () => {
          console.log('User refused the privacy agreement');
        }
      });
    } else {
      this.setData({ focus: true });
    }
  }
});

Corresponding WXML markup:

<view class="nickname-wrapper" catch:touchstart="handleAgreePrivacy">
  <text class="nickname-label">Nickname</text>
  <input type="nickname" focus="{{focus}}" model:value="{{newNickname}}" class="nickname-input" placeholder="Enter nickname" />
</view>

Clearing Authorization Data

Users can delete the mini program from "WeChat → Recent → Recently Used Mini Programs" to clear stored authorization data, or developers can use the developer tool’s "Clear Simulator Cache → Clear Authorization Data" option.

Common Failure Scenarios

No approved privacy‑protection guideline.

The mini program does not prompt the user for authorization.

Insufficient permissions were requested.

Personal mini programs cannot collect user phone numbers without proper consent.

Audit Tips

If your app does not collect any user data, select the "No user privacy data collected" option during review and remove pages that store such data. Reviewers may inspect app.json to directly access pages that handle privacy data.

References

User Privacy Protection Guideline: https://developers.weixin.qq.com/miniprogram/dev/framework/user-privacy/

Mini Program Privacy Authorization Guide: https://developers.weixin.qq.com/miniprogram/dev/framework/user-privacy/PrivacyAuthorize.html#%E5%85%AD%E3%80%81%E5%AE%98%E6%96%B9%E9%9A%90%E7%A7%81%E5%BC%B9%E7%AA%97%E5%8A%9F%E8%83%BD%E8%AF%B4%E6%98%8E