Note: This article is relevant for self-managed headless projects, and for Wix-managed headless projects built with a framework other than Astro. If you build with Wix's Astro integration, authentication is handled automatically.
After you set up an OAuth app for your site or app in your project dashboard, you can begin coding by getting OAuth tokens and using them to make API calls.
There are several ways to generate tokens. Which way you choose depends on the type of user you need tokens for and whether you use a Wix login page or a custom login for members.
When you generate tokens with any of the above methods, you get two tokens:
Once you have your tokens, you can use them to make API calls. Use the access token in the authorization header when making an API call.
Last updated: 25 June 2026