Sign In with an Identity Provider Using the REST API

Let members sign in with an identity provider such as Google or Facebook. You add a login interface, like a Sign in with Google button, to your own site whose handler starts the login flow with the provider you choose.

Wix runs the authentication flow, so you don't need to build a login page, manage the provider's OAuth flow, or use an API key. The member simply signs in with their existing account.

Before you begin

Before starting to code, make sure that you:

Send members straight to a provider

This is the recommended approach for most sites: the member clicks a provider button in your own UI and goes directly to that provider, with no Wix login page in between.

The flow is the same as a Wix login page, except that you add an idp field to the authorization request, set to the provider's connection ID. Use the following connection IDs:

ProviderConnection ID
Google0e6a50f5-b523-4e29-990d-f37fa2ffdd69
Facebook3ecad13f-52c3-483d-911f-31dbcf2a6d23

Note: Custom OpenID Connect (OIDC) connections, such as your own single sign-on (SSO) provider, are a premium feature and aren't available to all sites. If your site has it, you'll see SSO settings in your dashboard, where you can configure a connection and get its ID. To sign members in through such a connection, set idp to that connection's ID. Wix still runs the flow.

Step 1 | Prepare security data

Before starting the login, prepare the following:

Store the code verifier, code challenge, and state so they're available on your callback page.

Step 2 | Create a redirect session

In the handler for your Sign in with Google button, call Create Redirect Session with the security data, plus an idp field set to the provider's connection ID. Authorize the request with the current visitor's access token.

Copy

The response includes a fullUrl that sends the member to the provider.

Step 3 | Redirect the member to the provider

Redirect the member to the fullUrl from the response. Wix sends them straight to the provider's sign-in page. After they authenticate, Wix redirects them back to your redirect URI with code and state in the URL fragment.

Step 4 | Retrieve member tokens

On your callback page, confirm the returned state matches the value you stored, then exchange the code for member tokens by calling Retrieve Tokens:

Copy

The response includes an access_token, a refresh_token, and expires_in. Use the tokens to make authenticated API calls as the member. To refresh tokens or log the member out, see Handle Members with a Wix Login Page.

Note: You can also send members to the Wix login page, where each available provider appears as a button alongside email login and members choose how to sign in. To do so, follow the standard Wix login page flow without an idp field.

See also

Last updated: 15 July 2026

Did this help?