Each Wix API method call has a specific identity type that determines access permissions. An identity defines who is calling a method and what actions they're authorized to take.
By default, you can call methods using any identity. However, some methods restrict which identities can call them. For example, Create Checkout can be called by visitors and members, while Bulk Update Products requires a Wix user or app identity. The API reference for each method notes these restrictions.
The identities available to you also depend on your development context, such as whether you're building Wix sites, Wix apps, or headless projects. Each identity section below describes which contexts support that identity and how to authenticate.
Wix APIs support the following identity types:
Methods this identity can call usually involve visitor-specific operations, such as listing products, managing a cart, and opening a login page to authenticate as a member.
Contexts: Wix sites, apps, and headless projects can make calls as a visitor.
A member is a visitor who has logged in. Members can call all the methods that visitors can call, plus additional methods that usually involve operations for a registered member, such as viewing or managing personal data.
Contexts: Wix sites, apps, and headless projects can make calls as a member.
This identity is only available when calling methods from a site dashboard.
Wix users include account owners and collaborators on managed accounts, as well as app developers working on their development and test sites. Wix automatically designates a Wix user who creates a site as the owner of that site.
Methods this identity can call usually perform site maintenance tasks, such as managing products, media, and marketing campaigns.
Wix users can invite collaborators and assign them specific user roles to control permissions. When a collaborator makes calls, their user roles limit which methods they can access.
Contexts: Wix sites and apps can make calls as a Wix user from a site dashboard.
Wix apps are packages of reusable functionality that Wix users can add to their sites. When a Wix user installs or updates an app on a Wix site, Wix generates an app instance with a unique ID. This ID represents the installed version of the app on that particular site. A method call authenticated with the Wix app identity is a call made by an app for a specific app instance.
Methods this identity can call usually involve site-level operations, such as managing the site's data collections, contacts, or products.
Each method requires specific permissions for Wix apps. To check a method's required permissions, see its API reference.
Learn more about configuring app permissions.
Contexts:
An API key admin is an admin with customized administrative access to sites and projects in a Wix account. Wix users and co-owners create and manage API keys in the API Keys Manager, where they can assign a set of permissions that determine the types of APIs each key can access.
Methods this identity can call usually involve administrative operations at the site or account level, such as managing members or business data. You can also use API keys to call many of the same methods that a Wix user or Wix app can call.
Contexts: Although API keys can be used in any context, they're intended for admin calls only in headless projects or in Channel and Enterprise contexts.
Learn how to generate an API key in the API Keys Manager.
See also: About API Keys.
Elevation is a mechanism that allows you to call some restricted methods even when the calling identity lacks the necessary authorization. This process creates a temporary elevated version of a method by calling Elevate, enabling you to bypass the usual authentication checks that might otherwise restrict access. Elevation is only available when using the SDK.
Learn more about elevated permissions.