All Products
Search

This Product

    Fraud Detection:Device fraud detection SDK for WeChat Mini Program

    Document Center

    Fraud Detection:Device fraud detection SDK for WeChat Mini Program

    Last Updated:Nov 05, 2025

    This document provides detailed instructions on integrating the device fraud detection SDK (WeChat Mini Program version), helping developers quickly incorporate the mini program SDK into pages that need protection to implement device risk detection capabilities.

    Background information

    The WeChat mini program SDK is a device risk detection tool specifically designed for the mini program environment. By embedding the SDK, developers can quickly integrate device fingerprinting capabilities, obtain device information in real-time, and connect with Fraud Detection services. This SDK supports various scenarios such as registration, logon, marketing campaigns, and more, effectively preventing malicious attacks and improving business security.

    SDK integration guide

    1. Download and import the mini program SDK

      Download the WeChat mini program SDK. We recommend importing the SDK in the first-screen loading index page of the mini program and mounting the AliyunFP object globally for easy access from other pages.

      import * as AliyunFP from './feilin.weixin.xxxx.js'; 
const app = getApp();
app.AliyunFP = AliyunFP;

    2. Add configuration information

      Before calling the mini program SDK operations, you need to add the feilin-view node in the corresponding axml:

      <view>
  <view> Business UI layout </view>
  
  <view id = "feilin-view" style="position:fixed;top:99999rpx;"> 
    <canvas id="feilin-canvas" type="2d" style="width:150px;height:150px;"></canvas> 
    <canvas id="feilin-webgl" type="webgl" style="width:150px;height:150px;"></canvas>
  </view>
</view>

    3. Initialization

      After importing the mini program SDK, initialize the SDK when the page loads in onReady.

      Page({
  onReady() {
    AliyunFP.init(
      {
        appKey: 'Fill in the AppKey requested from the Fraud Detection console',
        appName: 'Fill in the mini program application name, customized by the customer',
        openId: 'WeChat mini program user ID, optional but recommended',
        endpoints: [
          'https://cloudauth-device.aliyuncs.com',
          'https://cn-shanghai.device.saf.aliyuncs.com'
        ],
      },
      (initStatus, deviceToken) => {
        console.log("initStatus:" + initStatus + "  deviceToken:" + deviceToken);
      }
    );
  }
});
      Important

      If you do not specify the service endpoint, the endpoints will use the default configurations. Make sure to add the endpoint domains to the mini program backend whitelist to ensure the related features work properly.

      Default endpoint addresses:

      • The Chinese mainland (default) endpoints: https://cloudauth-device.aliyuncs.com, https://cn-shanghai.device.saf.aliyuncs.com

      • International/China (Hong Kong) endpoints: https://cloudauth-device.ap-southeast-1.aliyuncs.com, https://ap-southeast-1.device.saf.aliyuncs.com

    4. Obtain deviceToken

      To obtain the deviceToken, we recommend using the value returned by the AliyunFP.init callback, or actively calling AliyunFP.getToken when initiating business behaviors (such as registration, logon, ordering, etc.). Allow at least 1 second time difference between AliyunFP.getToken and AliyunFP.init.

      AliyunFP.getToken()

    Integration example

    Page structure (axml)

    <view>
  <view class="page-description">
    {{ message }}
  </view>
  
  <button type="primary" onTap="onLogin">
    Log on
  </button> 

  <view id="feilin-view" style="position: fixed; top: 99999rpx;">
    <canvas id="feilin-canvas" type="2d" style="width: 150px; height: 150px;"></canvas> 
    <canvas id="feilin-webgl" type="webgl" style="width: 150px; height: 150px;"></canvas>
  </view>
</view>

    Logic implementation (js)

    import * as AliyunFP from './feilin.weixin.xxxx.js'; 
const app = getApp();
app.AliyunFP = AliyunFP;

Page({
  onReady() {
    // Page loading complete
    console.info("onReady");
    AliyunFP.init({
      appKey: 'Fill in the AppKey requested from the Fraud Detection console',
      appName: 'Fill in the mini program application name, customized by the customer',
      openId: 'WeChat mini program user ID, optional but recommended',
      endpoints: ['https://cloudauth-device.aliyuncs.com', 'https://cn-shanghai.device.saf.aliyuncs.com'],
    }, (initStatus, deviceToken) => {
      console.log("initStatus:" + initStatus + "  deviceToken:" + deviceToken);
    });
  },

  onLogin() {
    // Behavior click, login as an example here.
    console.info("onLogin!");
    const deviceToken = AliyunFP.getToken();
    // Pass deviceToken to the customer's service backend
    const data = {
      "deviceToken": deviceToken,
      "Other business parameters": ""
    };
    // Send backend request... backend queries risk information through deviceToken
  }
});

    Call Fraud Detection API operations

    According to the event parameter documentation of the Fraud Detection service, combine the deviceToken with other necessary parameters to call the Fraud Detection API operations for device risk detection. For more information, see: