Bring Your Own Identity Provider Using the JS SDK

Let members sign in with an identity provider that you run yourself, such as GitHub. You run the provider's OAuth flow, then sync the result with Wix authentication to log the member in.

Use this approach for a provider Wix doesn't support directly. For Google, Facebook, or a custom OpenID Connect (OIDC) connection, see Sign in with an Identity Provider, where Wix runs the flow instead.

Complete the following steps:

  1. Authenticate the member with your identity provider and collect their email address.
  2. Collect the relevant Wix member ID. To do so, check whether this email address has a Wix member ID, and if not, create one.
  3. Request and store access and refresh tokens for the Wix member ID.

Once the member is logged in, you can redirect them to your home page.

Note: Use this flow only for a provider you run yourself. If Wix can run the provider for you, including Google and Facebook, it's simpler to add a provider button and let Wix run the sign-in.

Before you begin

Make sure you have the following:

  • An account with an identity provider.
  • A self-managed Wix headless project with a JavaScript environment.
  • A Wix API key with Members & Contacts permissions.
  • A headless client for visitors and members.

Step 1 | Authenticate with the external provider and collect the member’s email address

  1. When a visitor first lands on your login interface, follow the steps in handle visitors to create a client and generate new visitor tokens.
  2. When a member logs in using their external provider credentials, follow the external provider’s OAuth flow to authenticate users.
  3. Once the member has been authenticated, collect their email address.

Step 2 | Collect a Wix member ID

Once you have the member’s email address, you can check if any of them are associated with a Wix member ID using the Members API.

Copy
  • If an associated Wix member ID exists, collect it to pass in the next step.
  • If no associated Wix member ID exists, create a member for them and collect the returned ID.

Note that creating members without explicit registration is an admin function. Make sure to use a WixClient with an API key that has permission to create members.

Step 3 | Request and store Wix access and refresh tokens

Now that you have the Wix member ID, request access and refresh tokens for the member with the getMemberTokensForExternalLogin() function.

Important: Before requesting member tokens, ensure visitor tokens are set on the client. You can either provide active tokens when creating the client or call wixClient.auth.generateVisitorTokens().

Copy

Important: Your API key grants admin access to your site. Use it only in backend code that runs on your server. Never include it in frontend code that runs in the browser, where visitors could read it.

Note that getting access and refresh tokens is an admin function. Make sure to use the WixClient with your OAuth app that created this visitor, along with an API key that has permission to create member access tokens, to save the visitor’s activity from before they logged in.

Now all that’s left is to store the tokens for later.

See also

Last updated: 15 July 2026

Did this help?