> ## Documentation Index
> Fetch the complete documentation index at: https://docs.kavachos.com/llms.txt
> Use this file to discover all available pages before exploring further.
# WeChat
> Authenticate users with WeChat via the `oauth` plugin. Covers Open Platform registration, callback domain config, and `snsapi_login` and `snsapi_userinfo` scopes.
## Setup
### Get credentials
Go to the [WeChat Open Platform](https://open.weixin.qq.com) and register a website app. Set the authorization callback domain (not a full URL, just the domain):
```
your-app.com
```
KavachOS will handle the path `/api/kavach/auth/oauth/callback/wechat`.
### Configure
```ts title="lib/kavach.ts" theme={"system"}
import { createKavach } from 'kavachos';
import { oauth } from 'kavachos/auth';
const kavach = await createKavach({
database: { provider: 'sqlite', url: 'kavach.db' },
plugins: [
oauth({
providers: [
{
id: 'wechat',
clientId: process.env.WECHAT_APP_ID!,
clientSecret: process.env.WECHAT_APP_SECRET!,
},
],
}),
],
});
```
```bash theme={"system"}
WECHAT_APP_ID=...
WECHAT_APP_SECRET=...
```
## Scopes
Default scopes: `snsapi_login`
| Scope | What it unlocks |
| ----------------- | ----------------------------------------- |
| `snsapi_login` | Web login, returns `openid` and `unionid` |
| `snsapi_userinfo` | Full profile (name, avatar, gender) |
WeChat uses `appid` and `secret` rather than the standard `client_id` / `client_secret` naming, but KavachOS maps these correctly. The WeChat Open Platform requires ICP filing for mainland China deployments.
## Endpoints
| Method | Path | Description |
| ------ | ------------------------------ | ------------------ |
| GET | `/auth/oauth/authorize/wechat` | Redirect to WeChat |
| GET | `/auth/oauth/callback/wechat` | Handle callback |