OAuthStrategy

Important: This strategy is intended for use with Wix Headless.

This authentication strategy is used with a Wix Client to authenticate API calls using OAuth tokens.

When using this authentication strategy for an API request, the requester's identity is that of the corresponding visitor or member, and permissions are determined by their assigned roles. For more information, see Handle Visitors, Handle Members with Wix-Managed Login, or Handle Members with Custom Login.

OAuthStrategy()

Creates an authentication strategy object that uses OAuth for visitor or member authentication.

Syntax

Copy

1OAuthStrategy({clientId: string, tokens: Tokens, siteId: string}): OAuthStrategy

Parameters

Name	Type	Description
`clientId`	string	The wix Headless client ID.
`tokens`	Tokens	Optional. The access and refresh tokens to use for authentication.

Returns

OAuthStrategy

Functions

generateOAuthData()

Generates an object with all the data needed for an OAuth flow.

The generateOAuthData() function creates OAuth data. You can use the generated data when sending visitors to a Wix-managed login page. Typically, you generate the OAuth data on the page that requests the login. The returned data is stored locally to be used later on the login callback page. To learn more, see Handle Members with Wix-Managed Login.

Syntax

Copy

1generateOAuthData(redirectUri: string, originalUrl?: string): OauthData

Parameters

Name	Type	Description
`redirectUri`	string	The URI to redirect to after authentication is complete.
`[originalUri]`	string	The URL of the page where the authentication request originated from. This can be used to redirect back from the callback page.

Returns

OauthData

Name	Type	Description
`state`	string	A randomized string to be used in the OAuth flow.
`redirectUri`	string	The URI to redirect to after authentication is complete.
`originalUrl`	string	The URL of the page where the authentication request originated from. This can be used to redirect back from the callback page if there is an authentication error.
`codeVerifier`	string	A randomized string to use for PKCE authentication.
`codeChallenge`	string	A SHA256 hash of `codeVerifier` to use for PKCE authentication.

generateVisitorTokens()

Generates visitor access and refresh tokens. Use this function when creating a session for visitors using the OAuth authentication strategy.

To generate an new tokens without checking whether the current access token is valid, use the renewToken() function instead.

Syntax

Copy

1generateVisitorTokens(): Promise<Tokens>

Returns

Tokens

getAuthHeaders()

Gets the client's authorization headers.

Syntax

Copy

1getAuthHeaders(): Promise< {headers: Record<string, string> }>

Returns

Authorization headers

getAuthUrl()

Gets a URL to use for Wix authentication.

Use this function when using Wix-managed login for members and the OAuth authentication strategy.

Call this function using the OAuthData returned from the generateOAuthData() function. The returned URL is used to redirect a visitor to Wix's authentication page. After authenticating, the visitor will be redirected to the redirectUri specified in the oauthData. After the redirect, the authorization code and the state parameter from the oauthData are available as fragments appended to the redirectUri and can be parsed using the parseFromUrl() function.

Syntax

Copy

1getAuthUrl(oauthData: OauthData): Promise<{ authUrl: string }>

Parameters

Name	Type	Description
`oAuthData`	OauthData	OAuth data generated by the `generateOAuthData()` function.

Returns

Name	Type	Description
`authUrl`	string	URL to redirect the browser to for Wix authentication.

getMemberTokens()

Retrieves and authenticates a site member's access and refresh tokens.

Use this function when using Wix-managed login for members and the OAuth authentication strategy.

Typically, you call the getMemberTokens() function on a login callback page after sending a visitor to authenticate on a Wix-managed login page. Use the OAuthData stored locally after calling the generateOAuthData() function and the information in the callback URL retrieved using the parseFromUrl() function as the function arguments. To learn more, see Handle Members with Wix-Managed Login.

Syntax

Copy

1getMemberTokens(code: string, state: string, oauthData: OauthData ): Tokens

Parameters

Name	Type	Description
`code`	string	The authorization code appended to the callback page URI by the Wix server. Can retrieved using the `parseFromUrl()` function.
`state`	string	The state parameter value appended to the callback page URI by the Wix server. Can retrieved using the `parseFromUrl()` function.
`oAuthData`	OauthData	OAuth data generated by the `generateOAuthData()` function.

Returns

Tokens

getMemberTokensForDirectLogin()

Retrieves and authenticates site member's access and refresh tokens from a session token.

Use this function when using a custom login for members and the OAuth authentication strategy.

The getMemberTokensForDirectLogin() function takes a session token returned from a successful call to the login(), register(), or processVerification() functions. Use the session token to retrieve access and refresh tokens for the logged-in member and then call the setTokens() function to set the tokens as the client's active tokens.

The getMemberTokensForDirectLogin() function is used to get member tokens when using a custom login flow. To learn more, see Handle Members with Custom Login.

Syntax

Copy

1getMemberTokensForDirectLogin( sessionToken: string ): Tokens

Parameters

Name	Type	Description
`sessionToken`	string	The session token returned by a successful call to `login()`, `register()`, or `processVerification()`.

Returns

Tokens

getTokens()

Gets the active tokens from the client.

Use this function when using the OAuth authentication strategy.

Syntax

Copy

1getTokens(): Tokens

Returns

Tokens

loggedIn()

Indicates whether the current visitor is a logged-in member.

Use this function when using the OAuth authentication strategy.

Syntax

Copy

1loggedIn(): boolean

Returns

Whether the current visitor is logged in.

Logs in a existing member using an email address and password.

Use this function when using a custom login for members and the OAuth authentication strategy.

The login() function is used to log members in when using a custom login flow. To learn more, see Handle Members with Custom Login.

Syntax

Copy

1login({email: string, password: string, captchaTokens?: { invisibleRecaptchaToken?: string; recaptchaToken?: string }}): Promise<StateMachine>

Parameters

LoginParams

Name	Type	Description
`email`	string	Member's email address
`password`	string	Member's password
[`captchaTokens`]	CaptchaTokens	reCAPTCHA tokens

Returns

StateMachine

logout()

Logs out the current logged-in site member.

Use this function when using the OAuth authentication strategy.

Syntax

Copy

1logout(originalUrl: string): Promise<{logoutUrl: string}>

Parameters

Name	Type	Description
`originalUrl`	string	The URL of the page where the logout request originated from. The browser is redirected to this page after logging out.

Returns

Name	Type	Description
`logoutUrl`	string	URL to redirect the browser to in order to initiate the logout.

parseFromUrl()

Parses the code and state fragments from the browser's current URL and returns them as an object.

Use this function when using Wix-managed login for members and the OAuth authentication strategy.

Typically, you call the parseFromUrl() function on a login callback page after sending a visitor to authenticate on a Wix-managed login page. Use the returned data to check that the authentication was successful and as arguments when calling the getMemberTokens() function. To learn more, see Handle Members with Wix-Managed Login.

Syntax

Copy

1parseFromUrl(): { code: string, state: string, error?: string, errorDescription?: string }

Returns

Name	Type	Description
`code`	string	The authorization code appended to the callback page URI by the Wix server.
`state`	string	The state parameter value appended to the callback page URI by the Wix server.
`[error]`	string	Error, if one occurs.
`[errorDescription]`	string	Error description, if one occurs.

processVerification()

Processes the verification code from a member.

Use this function when using a custom login for members and the OAuth authentication strategy.

The processVerification() function continues the custom member login process when a member is required to provide a verification code.

If the loginState property of the object returned by login() or register() is 'EMAIL_VERIFICATION_REQUIRED', an email containing a verification code is sent automatically to the member's email address. That verification code is used when calling processVerification() to complete the login or registration process. To learn more, see Handle Members with Custom Login.

Syntax

Copy

1processVerification({ verificationCode: string }): Promise<StateMachine>

Returns

StateMachine

register()

Registers a new member using an email address and password.

Use this function when using a custom login for members and the OAuth authentication strategy.

The register() function is used to register new members when using a custom registration flow. To learn more, see Handle Members with Custom Login.

Syntax

Copy

1register({email: string, password: string, profile?: authentication.IdentityProfile, captchaTokens?: { invisibleRecaptchaToken?: string; recaptchaToken?: string }}): Promise<StateMachine>

Parameters

RegisterParams

Name	Type	Description
`email`	string	Registering member's email address
`password`	string	Registering member's password
[`profile`]	IdentityProfile	Optional details about the registering member
[`captchaTokens`]	CaptchaTokens	reCAPTCHA tokens

Returns

StateMachine

renewToken()

Generate a new access token for an existing refresh token without checking whether the current access token is valid.

To generate a new access token only if the current access token is invalid, use the generateVisitorTokens() function instead.

Syntax

Copy

1setTokens(tokens: Tokens): void

Parameters

Tokens

sendPasswordResetEmail()

Sends a password reset email to a member.

The sendPasswordResetEmail() function sends a member an email containing a customized link to a Wix-managed page where the member can set a new password for their account when using a custom login flow. To learn more, see Handle Members with Custom Login.

Syntax

Copy

1sendPasswordResetEmail(email: string, redirectUri: string): void

Parameters

RegisterParams

Name	Type	Description
`email`	string	Member's email address.
`redirectUri`	string	The URI to redirect to after authentication/authorization.

Name	Type	Description
`invisibleRecaptchaToken`	string	Token for invisible reCAPTCHA
`recaptchaToken`	string	Token for visible reCAPTCHA

Tokens

Tokens.AccessToken

Name	Type	Description
`value`	string	Token string value.
`expiresAt`	number	When the token expires.

Tokens.RefreshToken

Name	Type	Description
`value`	string	Token string value.
`role`	string	Token role. One of `'visitor'`, `'member'`, or `'none'`

StateMachine

Name	Type	Description
`data`	object	Session token for logged in member as `{sessionToken: string}`.
`loginState`	string	One of: `'FAILURE'`, `'EMAIL_VERIFICATION_REQUIRED'`, `'OWNER_APPROVAL_REQUIRED'`, `'SUCCESS'`.
`errorCode`	string	One of: `'invalidEmail'`, `'invalidPassword'`, `'resetPassword'`, `'missingCaptchaToken'`, `'emailAlreadyExists'`, `'invalidCaptchaToken'.`
`error`	string	Error message.

IdentityProfile

Name	Type	Description
`firstName`	string	First name.
`lastName`	string	Last name.
`nickname`	string	Nickname.
`picture`	string	Picture.
`emails`	string[]	Email addresses.
`phones`	string[]	Phone numbers.
`labels`	string[]	Labels.
`language`	string	Language.
`privacyStatus`	string	One of: `'UNDEFINED'`, `'PUBLIC'`, `'PRIVATE'`
`customFields`	object	Custom fields as an object where the keys are the field name and the values are the field values.

Example

The following code creates a client that can make requests to the services module using the OAuth authentication strategy.

Copy

1import { createClient, OAuthStrategy } from '@wix/sdk';
2import { services } from "@wix/bookings";
3
4const myClient = createClient({
5  modules: { services },
6  auth: OAuthStrategy({
7    clientId: '<CLIENT_ID>',
8  })
9});
10
11const { items } = await myClient.services.queryServices().find();

Was this helpful?

Yes