Each function in the SDK can only be called by clients authorized with specific access types.
The following access types indicate which clients can call a function:
An anonymous site visitor who hasn't logged in. Functions requiring this access type typically involve operations specific to a particular visitor but not requiring authentication, such as accessing a list of products, creating and managing a cart, or accessing a login page to authenticate as a member.
A site member who has logged in. Functions requiring this access type typically involve operations specific to a registered member, such as accessing or managing personal data.
An admin with customized administrative access to a Wix account's sites and projects. API keys are created and managed in the API Keys Manager where you can assign a set of permissions that determine the types of APIs each key can access. Functions requiring this access type may involve administrative operations at the site or account level, such as managing members or business data. The API key access type can also be used to call many of the same functions a client with visitor or member tokens can call.
An app that can be installed on Wix sites. Functions requiring this access type can be called by an app if the required permissions are granted by the owner of a Wix site when installing the app.
When a Wix App is installed on a Wix site, the app may need to access and manage some of the site's data. To enable this, the site owner must grant the required permissions scopes to the app when installing it.
In the Wix Dev Center, select the particular permissions your app needs. Whenever your app is installed, the site owner is prompted to authorize each of the permissions you select.
Note: It's important to only request the permissions that are necessary for your app's functionality.
For a step-by-step guide on how to select permissions for your Wix App in the Wix Dev Center, see How to Add Permissions.