This article provides common use cases and sample flows for redirecting site visitors to different pages on your Wix Headless site or app. Redirects are often relevant when integrating with the various Wix business solutions.
Decide which page you want visitors to see after they finish the Wix-managed checkout. This is called the post flow URL. For example, you might show an order confirmation page at https://your-site.com/order-confirmation.
Add the domain of your post flow URL as an allowed redirect domain in your Headless settings. Wix will only redirect to URLs under authorized domains for security reasons.
Call Create Checkout. The response contains the checkoutId, which you'll need in the next steps.
Call the Redirects API and include the ecomCheckout and callbacks properties in the request body. Pass in the checkoutId from the previous step as ecomCheckout.checkoutId, and your post flow URL as callbacks.postFlowUrl. The response contains a single-use redirect session URL in redirectSession.fullURL.
Here's an example minimal request body:
Redirect your site visitor to the redirect session URL. The URL contains the information needed for Wix to process the checkout. After checkout, Wix sends the visitor back to your post flow URL.
Choose a page that you want your site visitor to be redirected to after login and authorize it as an allowed authorization redirect URI.
Create a PKCE code verifier and code challenge. These are used to prevent CSRF attacks and authorization code injection attacks.
Create a OAuth2 state parameter used to mitigate CSRF attacks.
Store the code verifier, code challenge, and state parameter in local storage or a cookie. When a site visitor is redirected back to your site, you'll need this data to verify a successful login.
Get the Client ID of your OAuth app, which can be found in your Headless Settings.
Call the Redirects API and include the auth property in the request body. Pass in the values from the previous steps into the relevant fields of auth.authRequest.redirectUri, auth.authRequest.clientId, auth.authRequest.codeChallenge, auth.authRequest.codeChallengeMethod, and auth.authRequest.state. Use "fragment" for auth.authRequest.responseMode, "code" for auth.authRequest.responseType, and "offline_access" for auth.authRequest.scope. The response will contain a full redirect URL in redirectSession.fullURL.
fullUrl.Create a thank you page on your website that you want visitors to see after they finish the Wix-managed events checkout. This page is your thankYouPageUrl. Also, define a postFlowUrl, which the site visitors will be redirected to if the checkout flow is abandoned or interrupted.
Add the full URL's for your thankYouPageUrl and postFlowUrl as allowed redirect domains in your Wix Headless settings. Wix only redirects to URLs under authorized domains for security reasons.
Call Create Reservation and save the returned reservationId.
Call Get Event with the eventId and save the returned eventSlug. To get your eventId, click CMS in your dashboard menu, select Wix App Collections, then Events, and open your events collection. Then, copy the relevant event ID.
Call the Redirects API and include the eventsCheckout and callbacks properties in the request body. Pass in the values from the previous steps into the relevant fields of eventsCheckout.reservationId, eventsCheckout.eventSlug, callbacks.postFlowUrl, and your callbacks.thankYouPageUrl. The response will contain a single-use redirect session URL in redirectSession.fullURL.
Example minimal request body:
Redirect your site visitor to the redirect session URL. The URL contains the information needed for Wix to process the checkout. After checkout, Wix sends the visitor back to your thankYouPageUrl. If the process is abandoned or interrupted, the visitor is redirected to the URL specified in postFlowUrl instead.