WeCom App
WeCom App (自建应用) offers more features than WeCom Bot: private chat, proactive messaging, and more.
For the simpler group chat bot, see WeCom Bot.
Features
| Feature | Supported |
|---|---|
| Receive messages | ✅ |
| Send proactive messages | ✅ |
| Private chat | ✅ |
| Group chat | ❌ |
Setup
1. WeCom Admin Console
- Log in to the WeCom Admin Console
- Go to App Management → select your self-built app
- Note down:
- AgentId — shown on the app details page
- Secret — click "View" to get it
- Go to "My Company" → copy the CorpID
2. Configure Message Receiving
- In the app details page, click "Receive Message" → "Set API"
- Fill in:
- URL:
http://your-server:18792/webhook/wecom-app - Token: Generate or set a custom value
- EncodingAESKey: Click "Random Generate" to get a 43-character key
- URL:
- Click "Save" — WeCom will send a verification request to your server
3. Configure PicoClaw
{
"channels": {
"wecom_app": {
"enabled": true,
"corp_id": "wwxxxxxxxxxxxxxxxx",
"corp_secret": "YOUR_CORP_SECRET",
"agent_id": 1000002,
"token": "YOUR_TOKEN",
"encoding_aes_key": "YOUR_43_CHAR_ENCODING_AES_KEY",
"webhook_host": "0.0.0.0",
"webhook_port": 18792,
"webhook_path": "/webhook/wecom-app",
"allow_from": [],
"reply_timeout": 5
}
}
}
4. Run
picoclaw gateway
Port Requirement
WeCom App requires port 18792 to be accessible from the internet. Use a reverse proxy for HTTPS if required.
Troubleshooting
Callback URL Verification Failed
- Confirm port 18792 is open in your firewall
- Verify
corp_id,token, andencoding_aes_keyare correct - Check PicoClaw logs to confirm requests are reaching the server
Chinese Message Decryption Error (invalid padding size)
WeCom uses non-standard PKCS7 padding (32-byte block size instead of 16-byte). This is fixed in the latest version of PicoClaw.
Port Conflict
Change webhook_port to another port (e.g., 18794).
Technical Details
- Encryption: AES-256-CBC
- Key: 32 bytes decoded from EncodingAESKey (Base64)
- IV: First 16 bytes of AES key
- Padding: PKCS7 (non-standard 32-byte block size)
- Message format: XML
Message structure after decryption:
random(16B) + msg_len(4B) + msg + receiveid