Each Wix API method call is associated with a specific identity type, which determines access permissions. An identity defines who is calling a method and what actions they're authorized to take.
By default, methods can be called using any identity. However, some methods are restricted to specific identities, as indicated in the documentation for each method. The part of the Wix development platform you're working in and you're building can affect which identities are allowed to make a given call.
Wix APIs support the following identity types:
An anonymous site visitor who hasn't logged in. Methods that can be called by this identity usually involve operations specific to a particular visitor, such as accessing a list of products, creating and managing a cart, or accessing a login page to authenticate as a member.
Contexts: Wix sites, apps, and headless projects can make calls as a site visitor.
A site member who has logged in. Methods that can be called by this identity usually involve operations specific to a registered member, such as accessing or managing personal data.
Contexts: Wix sites, apps, and headless projects can make calls as a site member.
A Wix user is someone who is logged into their account on wix.com. Wix users can be site owners or site collaborators. App owners and collaborators are Wix users on their development and test sites. A Wix user who creates a site is automatically designated as the owner of that site.
Methods that can be called by this identity usually involve site maintenance operations, such as managing site products, media, and marketing campaigns.
Site owners can invite collaborators and assign them specific user roles to control permissions. When making calls as a collaborator, the methods that can be accessed are limited by the collaborator's user roles.
Contexts: Wix sites and apps can make calls as Wix users from a site's dashboard.
Wix apps are packages of reusable functionality that users can add to their sites. When an app is installed or updated on a Wix site, Wix generates an app instance with a unique ID. This ID represents the installed version of the app on that particular site. A method call authenticated with the Wix app identity is a call made by an app for a specific app instance.
Methods that can be called by this identity usually involve site-level operations, such as managing the site's data collections, contacts, or products.
Each method requires certain permissions when called by a Wix app. To check which permissions a method requires, refer to its API reference.
Learn more about configuring app permissions.
Contexts: Wix apps can make calls as apps.
An admin with customized administrative access to a Wix account's sites and projects. API keys are created and managed in the API Keys Manager, where site owners and co-owners can assign a set of permissions that determine the types of APIs each key can access.
Methods that can be called by this identity usually involve administrative operations at the site or account level, such as managing members or business data. API keys can also be used to call many of the same methods a Wix user or Wix app can call.
Contexts: You can make calls as an admin using an API key in all contexts, but it's only recommended to do so in headless projects or Channel and Enterprise contexts.
By default, methods can be called using any identity. In cases when there are restrictions on which identities can call a method, it's noted in the API reference.
Elevation is a mechanism that allows you to call some restricted methods even when the calling identity lacks the necessary authorization. This process creates a temporary elevated version of a method by calling the elevate() method, enabling you to bypass the usual authentication checks that might otherwise restrict access. Elevation is only available when using the SDK.
Learn more about elevated permissions.