Hi community,
I’m building a third-party backend that integrates with merchants’ Wix stores. The integration imports orders from Wix into our accounting system. I have a Custom App and I’m using the modern OAuth flow (grant_type=client_credentials + instance_id), since per the docs custom authentication (refresh_token flow) is no longer available for new apps.
I’ve thoroughly reviewed the docs and the community forum and can’t find an answer to a specific design question. Before posting in the forum, I’d like to confirm directly with you.
The scenario
A user logged into my app clicks “Connect my Wix store”. We want, by the end of the install flow, to have an instance_id persisted in our database bound to the correct user account (e.g. account_id=42). All subsequent
API calls then use client_credentials + instance_id and run for that account.
What I’ve confirmed from the docs
- App Instance Installed webhook payload schema contains only two fields: appId and originInstanceId. There’s no state, token,
metadata, or custom field allowing the install initiator to pass arbitrary context through. - The deprecated /installer/install?appId=…&redirectUrl=…&token=… flow (custom authentication) used to allow this via the token parameter, but per the docs it’s no longer available for new apps.
- The Redirect URL configured in the dev portal is app-level (single value), not per-install, it can’t carry per-user state by itself.
- “Share install link” generates a single shared link without a per-recipient state parameter (or at least none documented).
What I’ve searched on the forum
I went through the forum and the closest threads are:
- How to Dynamically Set Webhook URLs for a Wix App During Installation ( How to Dynamically Set Webhook URLs for a Wix App During Installation ): confirms there are no per-install dynamic URLs;
recommendation is to use instanceId for server-side routing, but doesn’t address external account binding. - How to use OAuth to authenticate Wix App within website ( How to use OAuth to authenticate Wix App within website ): community recommends avoiding OAuth in favour of Admin API Keys, which
sidesteps the problem rather than solving it.
None directly answer the question.
My concrete questions
- Is there an officially supported mechanism for an external SaaS to bind a new install to a known external user account at install time? If yes, where is it documented?
- Can the Share Install Link be parameterised per recipient (so each user gets a unique link encoding their account id) — and if so, does Wix echo that parameter back in any webhook payload?
- If neither is possible, what is Wix’s recommended pattern for this use case?
Thanks!