Make API Calls with OAuth


New Release
Wix Headless is ready for your feedback! Please feel free to reach out to us with any comments, suggestions, or concerns. Join the Wix Headless Discord community to discuss features, ask questions, and share ideas with our growing community of developers.

After you set up an OAuth app for your site or app in your project dashboard, you can begin coding by getting OAuth tokens and using them to make API calls.


Generate tokens

There are several ways to get tokens. Which way you choose depends on the type of user you need tokens for and whether you use a Wix-managed login or a custom login for members.

When you retrieve tokens, you get two tokens.

  • Access token: Access tokens are used to authorize API calls. Every time you make an API call, you need to authorize the call using a valid access token. Access tokens are short-lived. They are valid for 4 hours from the time they are created.
  • Refresh token: Refresh tokens are used to get new access tokens after your access tokens have expired. Refresh tokens are long-lived.

Make an API call

Once you have your tokens, you can use them to make API calls. Use the access token in the authorization header when making an API call.

curl POST \
'' \
-H 'Content-Type: application/json' \
-H 'Authorization: <ACCESS_TOKEN>' \
-d '{
"includeVariants": true
Was this helpful?