> Portal Navigation:
> 
> - Append `.md` to any URL under `https://dev.wix.com/docs/` to get its markdown version.
> - Pages are either content pages (article or reference text) or menu pages (a list of links to child pages).
> - To get a menu page, truncate any URL to a parent path and append `.md` (e.g. `https://dev.wix.com/docs/sdk.md`, `https://dev.wix.com/docs/sdk/core-modules.md`).
> - Top-level index of all portals: https://dev.wix.com/docs/llms.txt
> - Full concatenated docs: https://dev.wix.com/docs/llms-full.txt

## Resource: About Authentication

## Article: About Authentication

## Article Link: https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/about-authentication.md

## Article Content:

# About Authentication

In self-managed headless projects, you must handle authentication manually. This article explains the identities and authentication strategies you need to implement.

> **Note:** In [Wix-managed headless](https://dev.wix.com/docs/go-headless/develop-your-project/about-headless-development-paths.md), the CLI handles visitor and member [authentication](https://dev.wix.com/docs/go-headless/develop-your-project/wix-managed-headless/authentication/authentication-and-api-integration.md) automatically. You don't need to configure OAuth or manage tokens yourself.

## Identities
When you call a Wix API from your headless project, it's called by a specific [identity](https://dev.wix.com/docs/api-reference/articles/authentication/about-identities.md).

Wix restricts some methods based on which identities can call them. Authorization notes in the API reference indicate when an identity restricts a method.

A headless project can use the following identities:

- Visitor
- Member
- API key admin

## Visitor and member authentication

Operations that access or manage information relating to a current site visitor, such as adding items to the current visitor's cart, require OAuth. With OAuth, your site or app can recognize individual visitors and members using tokens to access their data.

- **Visitors**: Wix generates tokens automatically since visitors don't need personal authentication. You also have the option to manually generate tokens. Learn how to implement visitor authentication using [the JavaScript SDK](https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/visitors/handle-visitors-using-the-js-sdk.md) or [the REST API](https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/visitors/handle-visitors-using-the-rest-api.md).
- **Members**: Wix must verify their identity through a login process before generating member-specific tokens. Learn how to implement different [member login options](https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/members/about-member-login.md).

> **Note**: OAuth for Wix Headless only requires a client ID. It doesn't require a client secret.

## Admin authentication

For API calls that require administrative access, use an API key. With a Wix API key, you can grant a custom set of permissions to a site or app for accessing or managing business data, including members, orders, products, events, bookings, and more.

Learn more about [admin operations](https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/about-admin-operations.md).

## See also
- [Create an OAuth app](https://dev.wix.com/docs/go-headless/develop-your-project/self-managed-headless/authentication/about-authentication.md)
- [Generate an API key](https://dev.wix.com/docs/go-headless/get-started/setup/authentication/generate-an-api-key.md)