Webflow Custom Code API
The Webflow Custom Code API provides endpoints for adding, updating, and deleting custom JavaScript code on sites and pages, as well as registering and managing hosted or inline scripts.
OpenAPI Specification
openapi: 3.1.0
info:
title: Webflow Custom Code API
description: Webflow Data API v2 - Custom Code endpoints.
version: 2.0.0
contact:
name: Webflow Developer Relations
email: [email protected]
url: https://developers.webflow.com
termsOfService: https://webflow.com/legal/terms
license:
name: MIT
url: https://opensource.org/licenses/MIT
servers:
- url: https://api.webflow.com/v2
description: Webflow API v2
x-fern-server-name: Data API
security:
- OAuth2: []
- ApiKey: []
tags:
- name: Custom Code
description: Custom code is JavaScript that is added to your Webflow site.
- name: Custom Code - Pages
description: Custom code for pages.
- name: Custom Code - Sites
description: Custom code for sites.
- name: Registered Scripts
- name: Sites
description: Sites are the sites in your Webflow workspace.
paths:
/pages/{page_id}/custom_code:
get:
x-fern-sdk-group-name:
- pages
- scripts
x-fern-sdk-method-name: get-custom-code
security:
- OAuth2:
- custom_code:read
operationId: get-page-custom-code
summary: Webflow Get Custom Code
description: 'Get all scripts applied to a page.
Required scope | `custom_code:read`
'
tags:
- Custom Code
- Custom Code - Pages
- Sites
parameters:
- name: page_id
in: path
description: Unique identifier for a Page
example: 63c720f9347c2139b248e552
required: true
schema:
type: string
format: objectid
default:
responses:
'200':
description: Request was successful
content:
application/json:
schema:
type: object
properties:
scripts:
type: array
description: A list of scripts applied to a Site or a Page
items:
type: object
required:
- id
- version
- location
properties:
id:
description: ID of the registered custom code script
type: string
format: objectId
location:
description: Location of the script, either in the header or footer of the published site
type: string
default: header
enum:
- header
- footer
version:
type: string
description: Semantic Version String for the registered script *e.g. 0.0.1*
attributes:
type: object
description: Developer-specified key/value pairs to be applied as attributes to the script
example:
- id: cms_slider
- location: header
- version: 1.0.0
lastUpdated:
type: string
format: date-string
readOnly: true
description: Date when the Site's scripts were last updated
createdOn:
type: string
format: date-string
readOnly: true
description: Date when the Site's scripts were created
example:
scripts:
- id: cms_slider
location: header
version: 1.0.0
attributes:
my-attribute: some-value
- id: alert
location: header
version: 0.0.1
example:
value:
scripts:
- id: cms_slider
location: header
version: 1.0.0
attributes:
my-attribute: some-value
- id: alert
location: header
version: 0.0.1
attributes: {}
lastUpdated: '2022-10-26T00:28:54.191Z'
createdOn: '2022-10-26T00:28:54.191Z'
'400':
description: Request body was incorrectly formatted.
x-logErrorCode: 400
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: bad_request
message: 'Bad Request: Request is malformed'
externalReference:
details: []
'401':
description: Provided access token is invalid or does not have access to requested resource
x-logErrorCode: 401
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
'404':
description: Requested resource not found
x-logErrorCode: 404
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: resource_not_found
message: 'Requested resource not found: The site cannot be found'
externalReference:
details: []
'429':
description: The rate limit of the provided access_token has been reached. Please have your application respect the X-RateLimit-Remaining header we include on API responses.
x-logErrorCode: 429
headers:
X-RateLimit-Remaining:
description: Contains the number of available requests remaining in the current minute
schema:
type: number
X-RateLimit-Limit:
description: Contains your current overall rate limit per minute
schema:
type: number
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: too_many_requests
message: Too many requests
externalReference:
details: []
'500':
description: We had a problem with our server. Try again later.
content:
application/json:
x-logErrorCode: 500
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: internal_error
message: An Internal Error occurred
externalReference:
details: []
delete:
x-fern-sdk-group-name:
- pages
- scripts
x-fern-sdk-method-name: delete-custom-code
security:
- OAuth2:
- custom_code:write
operationId: delete-page-custom-code
summary: Webflow Delete Custom Code
description: 'Remove all scripts from a page applied by the App. This endpoint will not remove scripts from the site''s registered scripts.
To remove individual scripts applied by the App, use the [Add/Update Custom Code](/data/reference/custom-code/custom-code-pages/upsert-custom-code) endpoint.
<Note>Access to this endpoint requires a bearer token obtained from an [OAuth Code Grant Flow](/data/reference/oauth-app).</Note>
Required scope | `custom_code:write`
'
tags:
- Custom Code
- Custom Code - Pages
- Sites
parameters:
- name: page_id
in: path
description: Unique identifier for a Page
example: 63c720f9347c2139b248e552
required: true
schema:
type: string
format: objectid
default:
responses:
'204':
description: Request was successful. No Content is returned.
'400':
description: Request body was incorrectly formatted.
x-logErrorCode: 400
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: bad_request
message: 'Bad Request: Request is malformed'
externalReference:
details: []
'401':
description: Provided access token is invalid or does not have access to requested resource
x-logErrorCode: 401
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
'404':
description: Requested resource not found
x-logErrorCode: 404
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: resource_not_found
message: 'Requested resource not found: The site cannot be found'
externalReference:
details: []
'429':
description: The rate limit of the provided access_token has been reached. Please have your application respect the X-RateLimit-Remaining header we include on API responses.
x-logErrorCode: 429
headers:
X-RateLimit-Remaining:
description: Contains the number of available requests remaining in the current minute
schema:
type: number
X-RateLimit-Limit:
description: Contains your current overall rate limit per minute
schema:
type: number
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: too_many_requests
message: Too many requests
externalReference:
details: []
'500':
description: We had a problem with our server. Try again later.
content:
application/json:
x-logErrorCode: 500
schema:
# --- truncated at 32 KB (195 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/webflow/refs/heads/main/openapi/webflow-custom-code-openapi.yml