HTTP functions define custom site APIs, which allow you to expose your site's functionality externally. This means that you, or other people, can access your site's functionality by calling your custom site APIs.
HTTP functions determine the custom site API's HTTP method, endpoint, parameters, functionality, and response.
Calling a custom site API triggers your HTTP function to run.
Create a file called http-functions.js
in your site's backend folder:
Start coding:
Navigate to Backend & Public > Backend, and then create a file called http-functions.js
.
You can also create the file with the following shortcut:
Your function's name must include the following parts joined by an underscore:
functionName
that should be used in your custom site API's URL.In your HTTP function, add the code you want to run when your custom site API is called. You can access the full range of functionality that you normally can when coding on a Wix site, including Wix's Velo APIs.
As with all API calls, you can interact with a custom site API call in the following ways:
Use the request
parameter to provide your HTTP function with information from your custom site API call, including the body
, headers
, and url
. For all supported properties, see WixHttpFunctionRequest
.
You can then access the request
object in the function in the same way as you'd access a parameter in any JavaScript function.
Your HTTP Function should return a response object. This is the response sent when the custom site API is called.
There are several functions you can use to create a response object. Find them in the wix-http-functions
module.
The response object supports the following properties:
body
: Defined by you in the response function.headers
: Defined by you in the response function.status
: Defined by the response function.HTTP functions expose your site's data and functionality to anyone who calls your custom site API, so it's recommended to authenticate who is calling your custom site API.
One way to do so is by retrieving a secret key from the authentication header in the API request. This uses the Secrets Manager and wix-secrets-backend
.
For example:
Note: If another Wix site is sending requests to your endpoints, you can use the HMAC Authentication Velo package for even more security.
Debug HTTP functions by adding console.log()
calls to your function's code.
The information you log appears in the function output when using Functional Testing and in your site's Logs.
The information logged by code that runs on the backend can also be viewed as Wix Logs. Wix Logs are accessible via Developer Tools > Logging Tools on your site's dashboard.