About API Keys

API keys are authentication tools that account owners and co-owners can create and provide to external developers, enabling them to make API calls at the account and site level while bypassing OAuth authentication.

Note: Currently only account owners and co-owners can create API keys.

API keys are created and managed in the API Keys Manager where you can assign a set of permissions that determine the types of APIs the key can access.

API Keys Manager

Create and use API keys

  1. Create or request an API key.
  • If you have direct access to the account, create a key with the relevant permissions in the API Keys Manager. Collect the key and the account ID.
  • If you don't have direct access to the account, request the key and the account ID from the account owner.
  1. Call the Site API's Query Sites endpoint to collect all the account's associated site IDs.

Note: The site ID for a current site can be obtained from the site URL in your browser. For example, the site ID appears after the '/dashboard/' part of this URL:

site Id in URL

  1. When making API calls, enter the API key in the authorization header. Note that the API key does not need to be refreshed.

    Calls may require either the account ID header or the site ID header (but not both). Refer to the documentation for each specific call to know which one to use.

    A complete header for an account-level API request looks like this:

    Copy

    A complete header for a site-level API request looks like this:

    Copy

Keep in mind that site-level calls only work with API keys from the site's owner account. If you work with multiple API keys, make sure you're using the correct key that matches your target site's ownership.

Account-level and site-level API requests

Depending on the call, either an account ID or a site ID must be included in the header of the API request.

For requests made exclusively at the account level, you must include the account ID in the header along with the API key for authentication. Requests made at the site level require the site ID instead. This is indicated in the documentation for each API.

Sample request: Site Folders API - Create Folder

This API creates a new folder that can hold Wix sites.

Request:

Copy

Response:

Copy

Sample Request: Stores API - Query Products

This API retrieves a list of products from one of the account's sites. To make this call, you'll need an API key and the ID of the site you want to query.

Request:

Copy

Response:

Copy
Did this help?