About API Keys

API keys are authentication tools that account owners and co-owners can create and provide to external developers, enabling them to make API calls at the account and site level while bypassing OAuth authentication.

API keys are created and managed in the API Keys Manager where you can assign a set of permissions that determine the types of APIs the key can access.

Create and use API keys

1. Create or request an API key.

• If you have direct access to the site, create a key with the relevant permissions in the API Keys Manager. Collect the key and the account ID.
• If you don't have direct access to the site, request the key and the account ID from the site owner.

2. Call the Site API's Query Sites endpoint to collect all the account's associated site IDs.

3. Enter the API key in the authorization header. Note that the API key does not need to be refreshed.

   Calls may require either the account ID header or the site ID header. Refer to the documentation for each specific call to know which one to use.

   A complete header for an account-level API request looks like this:

   Copy

   A complete header for a site-level API request looks like this:

   Copy

Account-level and site-level API requests

Depending on the call, either an account ID or a site ID must be included in the header of the API request.

For requests made exclusively at the account level, you must include the account ID in the header along with the API key for authentication. Requests made at the site level require the site ID instead. This is indicated in the documentation for each API.

Sample request: Site Folders API - Create Folder

This API creates a new folder that can hold Wix sites.

Request:

Response:

Sample Request: Stores API - Query Products

This API retrieves a list of products from one of the account's sites. To make this call, you'll need an API key and the ID of the site you want to query.

Request:

Response: