wechatpay-medical-insurance-payment

Compare original and translation side by side

🇺🇸

Original

English

🇨🇳

Translation

Chinese

微信支付医保支付接入指引

WeChat Pay Medical Insurance Payment Access Guide

全局交互规范

Global Interaction Specifications

‼️ 以下规则适用于本技能所有能力、所有对话轮次，优先级高于各能力的局部规则。

所有问题必须得到用户明确回答后才能继续。 一次提出多个问题时，逐一检查是否都已获得明确答复，未答复的必须再次追问，严禁自行假设、推断或使用默认值。
接入模式前置确认：任何能力使用前须先确认 商户模式 或 服务商模式，已明确则无需重复。两种模式的核心差异（参数命名、API 路径、签名工具类）见各角色
```
接入指南/签名与验签规则.md
```
。
分步确认协议（简单知识问答除外）：
- ① 明确需求：先理解问题给出初步判断，不要堆参数清单。
- ② 征得同意：主动提出下一步能做什么，等用户明确同意后才继续。
- ③ 收集信息：用户同意后再告知所需信息并逐项收集，收齐才执行。
- ④ 执行前确认：操作前简要说明即将做什么，确认同意后再执行；线上环境额外提示风险。

‼️ The following rules apply to all capabilities and conversation rounds of this skill, with higher priority than the local rules of each capability.

All questions must receive clear answers from users before proceeding. When multiple questions are raised at once, check one by one whether all have received clear replies. Unanswered questions must be followed up again. Do NOT make assumptions, inferences or use default values without permission.
Pre-confirmation of access mode: Before using any capability, confirm the Merchant Mode or Service Provider Mode first. No need to repeat if it has been clarified. The core differences between the two modes (parameter naming, API path, signature utility class) can be found in
```
Access Guide/Signature and Verification Rules.md
```
for each role.
Step-by-step agreement confirmation (except for simple knowledge Q&A):
- ① Clarify requirements: First understand the question and give a preliminary judgment, do not pile up parameter lists.
- ② Obtain consent: Proactively propose what can be done next, and proceed only after the user gives clear consent.
- ③ Collect information: After user consent, inform the required information and collect item by item, proceed only after all information is collected.
- ④ Confirm before execution: Briefly explain what will be done before operation, and execute only after confirming consent; additionally prompt risks for online environment.

能力概览

Capability Overview

产品选型 — 了解移动医保支付2.0的功能定位、混合支付类型（纯自费 / 纯医保 / 医保自费混合）、订单类型（挂号 / 诊间 / 住院 / 药店 / 互联网医院等）与接入前提
示例代码 — 医保自费混合下单、订单查询（混合订单号 / 商户订单号 / 从业机构订单号）、医保退款通知、JSAPI / 小程序调起医保自费混合支付、收款成功回调全套接口
业务知识速查 — 开发参数与业务规则（含医保城市 ID、医疗机构编码、医保电子凭证授权信息、敏感字段加密）、混合支付类型判定、金额公式、订单状态流转、签名验签、回调处理
接入质量评估 — 通用安全雷达 + 医保支付专属雷达：金额公式合法性、敏感字段（姓名 / 身份证摘要）公钥加密、医保下单字段三选一约束、医保退款通知幂等、（服务商）
```
sub_mchid
```
路由防串单
问题排查 — 错误码 TOP 20 + 常见问题，覆盖 HTTP 错误 / 回调收不到 / 签名失败 / 金额校验失败 / 医保局业务错误 / 角色特有问题 / 通用接入配置

路由说明：能力 1 用于产品概念性问题与接入前提确认，已明确接入医保支付的可直接跳到能力 2/3。能力 2 与 3 可独立调用，但首次必须先完成"接入模式前置确认"。能力 5 命中错误码或常见问题后，必须在末尾推荐能力 4 做一次性自查。

Product Selection — Understand the functional positioning of Mobile Medical Insurance Payment 2.0, mixed payment types (pure self-payment / pure medical insurance / medical insurance and self-payment mixed), order types (registration / in-clinic / inpatient / pharmacy / internet hospital, etc.) and access prerequisites
Sample Code — Full set of interfaces for medical insurance and self-payment mixed order placement, order query (mixed order number / merchant order number / institution order number), medical insurance refund notification, JSAPI / Mini Program-initiated medical insurance and self-payment mixed payment, and successful payment callback
Business Knowledge Quick Reference — Development parameters and business rules (including medical insurance city ID, medical institution code, medical insurance electronic certificate authorization information, sensitive field encryption), mixed payment type determination, amount formula, order status flow, signature verification, callback processing
Access Quality Assessment — General security radar + medical insurance payment exclusive radar: amount formula validity, public key encryption of sensitive fields (name / ID card digest), three-in-one constraint for medical insurance order placement fields, idempotency of medical insurance refund notification,
```
sub_mchid
```
routing anti-cross-order (for service providers)
Troubleshooting — Top 20 error codes + common issues, covering HTTP errors / unreceived callbacks / signature failures / amount verification failures / medical insurance bureau business errors / role-specific issues / general access configuration

Routing Instructions: Capability 1 is used for product conceptual questions and access prerequisite confirmation. Users who have confirmed to access medical insurance payment can directly jump to Capability 2/3. Capability 2 and 3 can be called independently, but the "pre-confirmation of access mode" must be completed for the first time. After hitting error codes or common issues in Capability 5, must recommend Capability 4 for one-time self-check at the end.

能力1：产品选型

Capability 1: Product Selection

用户问「这个产品是什么 / 能做什么 / 适合什么场景 / 接入需要什么前提 / 商户和服务商怎么选 / 直连和间连什么区别」时 → 加载产品介绍文档作答。已明确接入医保支付的可直接跳到能力 2/3。

产品介绍（产品概览 + 使用场景 + 接入前提）：
- 商户模式 → 📄 商户模式产品介绍
- 服务商模式 → 📄 服务商模式产品介绍

When users ask questions like "What is this product / what can it do / what scenarios is it suitable for / what prerequisites are needed for access / how to choose between merchant and service provider / what's the difference between direct and indirect connection" → Load the product introduction document to answer. Users who have confirmed to access medical insurance payment can directly jump to Capability 2/3.

Product Introduction (product overview + usage scenarios + access prerequisites):
- Merchant Mode → 📄 Merchant Mode Product Introduction
- Service Provider Mode → 📄 Service Provider Mode Product Introduction

能力2：示例代码

Capability 2: Sample Code

用户要某个接口的示例代码时 → 确认接入模式和语言，加载对应模式的
接口索引.md
定位代码文件。
‼️ 只检索、不生成。 严禁从零编写任何代码，必须从示例代码文件中检索获取。

‼️ 只展示、不写入。 示例代码仅用于讲解 API 调用结构和签名流程，严禁直接写入用户项目（禁止调用 write_to_file、replace_in_file 等工具创建或修改项目文件），让用户自行复制适配。

‼️ 先交互、后输出。 提供代码前必须先确认接入模式、开发语言和具体接口，每次只输出一个接口；提供完代码后主动推荐接入质量评估。

‼️ 用户语言非 Java/Go 时（本 skill 仅维护 Java/Go 示例）：禁止直接生成跨语言代码。流程：
用
AskQuestion
获明确同意（文案需明示「参考实现 / 非官方维护 / 须自行 review 与测试」），未同意只发官方 Java/Go 原文。
同意后以官方 Java 示例为基准翻译生成业务代码「参考实现」；再用纯文字问是否翻 Java 公库（SDK 工具类 + HTTP 客户端），未明确要不贴。每段代码前附下方免责块。
⚠️ 以下代码为跨语言参考实现，由 AI 参考官方 Java 示例翻译生成，并非微信支付官方维护。

请逐行 review 签名构造、HTTP 调用、字段命名、回调解密等关键逻辑。

上线前必须在测试环境完整验证，建议先以官方 Java/Go 示例打通主链路作为对照。

出现接入问题时以官方 Java/Go 示例为准。

‼️ 拉起端类型确认规则：「调起医保自费混合支付」必须先确认拉起端类型（JSAPI 公众号 H5 / 小程序），不同端的报文与签名规则不同；其余通用接口（下单 / 查单 / 医保退款通知 / 收款成功回调）无需询问拉起端。

涉及提供示例代码时，按接入模式查阅对应接口索引：
- 商户模式 → 📄 商户模式接口索引
- 服务商模式 → 📄 服务商模式接口索引

加载策略：先确认接入模式，读对应的
接口索引.md
定位接口文件路径，再按需加载具体文件。不要一次性加载所有文件。

When users request sample code for a certain interface → Confirm the access mode and language, load the corresponding mode's
Interface Index.md
to locate the code file.
‼️ Only retrieve, do NOT generate. Strictly prohibit writing any code from scratch, must retrieve from sample code files.

‼️ Only display, do NOT write. Sample code is only used to explain API call structure and signature process, strictly prohibit directly writing into user projects (prohibit using tools like write_to_file, replace_in_file to create or modify project files), let users copy and adapt on their own.

‼️ Interact first, then output. Must confirm access mode, development language and specific interface before providing code, output only one interface each time; proactively recommend access quality assessment after providing code.

‼️ When user's language is not Java/Go (this skill only maintains Java/Go samples): Prohibit directly generating cross-language code. Process:
Use
AskQuestion
to obtain clear consent (the copy must clearly state "reference implementation / not officially maintained / must self-review and test"), if not consented, only send official Java/Go original text.
After consent, generate business code "reference implementation" by translating based on official Java samples; then ask in plain text whether to translate Java public libraries (SDK utility classes + HTTP client), do not paste without clear consent. Attach the following disclaimer block before each code segment.
⚠️ The following code is a cross-language reference implementation, generated by AI based on official Java samples, and is not maintained by WeChat Pay official.

Please review line by line key logics such as signature construction, HTTP call, field naming, callback decryption.

Must fully verify in the test environment before going online, it is recommended to first connect the main link with official Java/Go samples as a reference.

In case of access issues, take official Java/Go samples as the standard.

‼️ Initiation terminal type confirmation rule: For "initiate medical insurance and self-payment mixed payment", must first confirm the initiation terminal type (JSAPI Official Account H5 / Mini Program), as the message and signature rules are different for different terminals; no need to ask about the initiation terminal for other general interfaces (order placement / order query / medical insurance refund notification / successful payment callback).

When providing sample code, refer to the corresponding interface index according to the access mode:
- Merchant Mode → 📄 Merchant Mode Interface Index
- Service Provider Mode → 📄 Service Provider Mode Interface Index

Loading Strategy: First confirm the access mode, read the corresponding
Interface Index.md
to locate the interface file path, then load specific files as needed. Do NOT load all files at once.

能力3：业务知识速查

Capability 3: Business Knowledge Quick Reference

用户问开发参数与业务规则（mchid / sub_mchid / appid / sub_appid / APIv3 密钥 / 商户 API 证书 / 微信支付公钥 / 城市 ID / 医疗机构编码 / 医保电子凭证授权信息）、混合支付类型判定、金额公式、订单状态流转、敏感字段加密、签名规则、回调机制等业务知识时 → 按接入模式加载对应文档。

开发参数与业务规则（参数清单 + 获取步骤 + 混合支付类型与金额公式 + 订单状态流转 + 敏感字段加密规范 + 城市 ID 与医疗机构编码获取）：
- 商户模式 → 📄 商户模式开发参数与业务规则
- 服务商模式 → 📄 服务商模式开发参数与业务规则
签名与验签规则（请求签名 / 响应验签 / 回调验签 / 调起支付签名）：
- 商户模式 → 📄 商户模式签名与验签规则
- 服务商模式 → 📄 服务商模式签名与验签规则
回调处理（回调解密 / 验签 / 幂等 / 并发控制）：
- 商户模式 → 📄 商户模式回调处理
- 服务商模式 → 📄 服务商模式回调处理

When users ask about development parameters and business rules (mchid / sub_mchid / appid / sub_appid / APIv3 key / merchant API certificate / WeChat Pay public key / city ID / medical institution code / medical insurance electronic certificate authorization information), mixed payment type determination, amount formula, order status flow, sensitive field encryption, signature rules, callback mechanism and other business knowledge → Load the corresponding document according to the access mode.

Development Parameters and Business Rules (parameter list + acquisition steps + mixed payment types and amount formulas + order status flow + sensitive field encryption specifications + acquisition of city ID and medical institution code):
- Merchant Mode → 📄 Merchant Mode Development Parameters and Business Rules
- Service Provider Mode → 📄 Service Provider Mode Development Parameters and Business Rules
Signature and Verification Rules (request signature / response verification / callback verification / payment initiation signature):
- Merchant Mode → 📄 Merchant Mode Signature and Verification Rules
- Service Provider Mode → 📄 Service Provider Mode Signature and Verification Rules
Callback Processing (callback decryption / verification / idempotency / concurrency control):
- Merchant Mode → 📄 Merchant Mode Callback Processing
- Service Provider Mode → 📄 Service Provider Mode Callback Processing

能力4：接入质量评估

Capability 4: Access Quality Assessment

用户准备上线或想检查代码隐患时 → 加载以下文档。

‼️ 只检查用户实际使用的功能模块。 代亲属支付、JSAPI 拉起、小程序拉起、医保退款通知等模块须先确认用户是否涉及，未使用的不检查、不提及。

接入质量检查（含质检人设 + 检查清单）：
- 商户模式 → 📄 商户模式接入质量检查
- 服务商模式 → 📄 服务商模式接入质量检查

When users are ready to go online or want to check code hidden dangers → Load the following documents.

‼️ Only check functional modules actually used by users. Must first confirm whether users are involved in modules such as proxy payment for relatives, JSAPI initiation, Mini Program initiation, medical insurance refund notification, do NOT check or mention unused modules.

Access Quality Check (including quality inspection persona + check list):
- Merchant Mode → 📄 Merchant Mode Access Quality Check
- Service Provider Mode → 📄 Service Provider Mode Access Quality Check

能力5：问题排查

Capability 5: Troubleshooting

‼️ 唯一入口：用户报告任何问题（报错 / 接口异常 / 回调收不到 / 签名失败 / 金额校验失败 / 医保局业务错误 / 业务规则疑问等），都先按接入模式加载下方排障手册，严格按手册内「排障流程」执行，禁止自行猜测原因或直接分析代码。

‼️ 排障完成后必须在回复末尾主动推荐接入质量评估（趁排障契机一次性排查其他潜在问题）；如需推荐示例代码，先确认开发语言再推，用户语言非 Java/Go 时按能力 2 的跨语言确认流程处理（弹框确认 → 参考生成 + 免责块 + 公库分步）。

排障手册（一、错误码 TOP 20 + 二、常见问题，覆盖 HTTP / 回调 / 签名 / 退款 / 业务规则 / 通用配置）：
- 商户模式 → 📄 商户模式排障手册
- 服务商模式 → 📄 服务商模式排障手册

以下信息与技能能力无关，仅供查阅。

‼️ Only Entry: When users report any issues (errors / interface exceptions / unreceived callbacks / signature failures / amount verification failures / medical insurance bureau business errors / business rule questions, etc.), first load the troubleshooting manual below according to the access mode, strictly follow the "troubleshooting process" in the manual, prohibit guessing causes or directly analyzing code on your own.

‼️ After troubleshooting, must proactively recommend access quality assessment at the end of the reply (take the opportunity of troubleshooting to check other potential issues at once); if need to recommend sample code, confirm the development language first, when user's language is not Java/Go, follow the cross-language confirmation process in Capability 2 (popup confirmation → reference generation + disclaimer block + public library step-by-step).

Troubleshooting Manual (1. Top 20 Error Codes + 2. Common Issues, covering HTTP / callback / signature / refund / business rules / general configuration):
- Merchant Mode → 📄 Merchant Mode Troubleshooting Manual
- Service Provider Mode → 📄 Service Provider Mode Troubleshooting Manual

The following information is irrelevant to skill capabilities, for reference only.

💬 社区与反馈

💬 Community and Feedback

在使用过程中遇到问题、有改进建议，或者想和其他开发者交流接入经验，欢迎扫码添加企业微信进群，与官方团队和社区开发者一起讨论：

If you encounter problems during use, have improvement suggestions, or want to communicate access experience with other developers, welcome to scan the QR code to add the enterprise WeChat and join the group to discuss with the official team and community developers:

WeChat Pay Skills Communication Group QR Code