Make API Calls with OAuth
Share your feedback
Reach out to us with feedback and suggestions to improve the Wix Headless experience, and join the Headless channel of the Devs on Wix Discord community to discuss features and connect with our growing community of developers.
After you set up an OAuth app for your site or app in your project dashboard, you can begin coding by getting OAuth tokens and using them to make API calls.
Prerequisites
Generate tokens
There are several ways to get tokens. Which way you choose depends on the type of user you need tokens for and whether you use a Wix-managed login or a custom login for members.
- Visitors: To get tokens for visitors who are not logged into your site or app, see Handle Visitors.
- Members with managed login: To get tokens for logged in members using a Wix-managed login page, see Handle Members with Managed Login.
- Members with custom login: To get tokens for logged in members using a custom login page, see Handle Members with Custom Login.
When you retrieve tokens, you get two tokens.
- Access token: Access tokens are used to authorize API calls. Every time you make an API call, you need to authorize the call using a valid access token. Access tokens are short-lived. They are valid for 4 hours from the time they are created.
- Refresh token: Refresh tokens are used to get new access tokens after your access tokens have expired. Refresh tokens are long-lived.
Make an API call
Once you have your tokens, you can use them to make API calls. Use the access token in the authorization header when making an API call.
1curl POST \2'https://www.wixapis.com/stores/v1/products/query' \3-H 'Content-Type: application/json' \4-H 'Authorization: <ACCESS_TOKEN>' \5-d '{6 "includeVariants": true7 }'