Webflow Meta API
The Webflow Meta API provides endpoints for retrieving information about the authorized user and introspecting API tokens, including scopes and permissions.
OpenAPI Specification
openapi: 3.1.0
info:
title: Webflow Meta API
description: Webflow Data API v2 - Meta endpoints.
version: 2.0.0
contact:
name: Webflow Developer Relations
email: [email protected]
url: https://developers.webflow.com
termsOfService: https://webflow.com/legal/terms
license:
name: MIT
url: https://opensource.org/licenses/MIT
servers:
- url: https://api.webflow.com/v2
description: Webflow API v2
x-fern-server-name: Data API
security:
- OAuth2: []
- ApiKey: []
tags:
- name: Meta
description: Meta is the metadata for your Webflow API token.
paths:
/token/authorized_by:
get:
x-fern-sdk-group-name: token
x-fern-sdk-method-name: authorized-by
security:
- OAuth2:
- authorized_user:read
operationId: authorized_by
summary: Webflow Get Authorization User Info
description: 'Information about the Authorized User
Required Scope | `authorized_user:read`
'
tags:
- Meta
responses:
'200':
description: Request was successful
content:
application/json:
schema:
example:
id: 545bbecb7bdd6769632504a7
email: [email protected]
firstName: Some
lastName: One
properties:
id:
type: string
format: objectid
description: The unique ID of the user
example: 545bbecb7bdd6769632504a7
email:
type: string
format: email
description: The user's email address
example: [email protected]
firstName:
type: string
description: The user's first name
example: Some
lastName:
type: string
description: The user's last name
example: One
'401':
description: Provided access token is invalid or does not have access to requested resource
x-logErrorCode: 401
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
'403':
description: Provided access token is valid, but is missing the required scopes.
x-logErrorCode: 403
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: missing_scopes
message: 'OAuthForbidden: You are missing the following scopes - components:write'
externalReference:
details: []
4XX:
description: Request body was incorrectly formatted.
x-logErrorCode: 400
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: bad_request
message: 'Bad Request: Request is malformed'
externalReference:
details: []
5XX:
description: We had a problem with our server. Try again later.
content:
application/json:
x-logErrorCode: 500
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: internal_error
message: An Internal Error occurred
externalReference:
details: []
/token/introspect:
get:
x-fern-sdk-group-name: token
x-fern-sdk-method-name: introspect
operationId: introspect
summary: Webflow Get Authorization Info
description: 'Information about the authorization token
<Note>Access to this endpoint requires a bearer token from a [Data Client App](/data/docs/getting-started-data-clients).</Note>
'
tags:
- Meta
responses:
'200':
description: Request was successful
content:
application/json:
schema:
example:
authorization:
id: 55818d58616600637b9a5786
createdOn: '2016-10-03T23:12:00.755Z'
lastUsed: '2016-10-10T21:41:12.736Z'
grantType: authorization_code
rateLimit: 60
scope: assets:read,assets:write
authorizedTo:
siteIds:
- 62f3b1f7eafac55d0c64ef91
workspaceIds:
- 52f3b1f7eafac55d0c64ef91
userIds:
- 545bbecb7bdd6769632504a7
application:
id: 55131cd036c09f7d07883dfc
description: My Amazing App
homepage: https://webflow.com
displayName: My Amazing App
properties:
authorization:
type: object
description: The Authorization object
properties:
id:
type: string
format: objectid
example: 55818d58616600637b9a5786
description: The unique ID of the Authorization instance
createdOn:
type: string
format: date-time
example: '2016-10-03T23:12:00.755Z'
description: The date the Authorization was created
lastUsed:
type: string
format: date-time
example: '2016-10-10T21:41:12.736Z'
description: The date the Authorization was last used
grantType:
type: string
example: authorization_code
description: The grant type of the Authorization
rateLimit:
type: integer
format: int32
example: 60
description: The default rate limit for the Authorization (requests/min)
scope:
type: string
example: custom_code:read sites:read
description: Comma separted list of OAuth scopes corresponding to the Authorization
authorizedTo:
type: object
example:
siteIds:
- 62f3b1f7eafac55d0c64ef91
workspaceIds:
- ' 72f3b1f7eafac55d0c64ef91'
userIds:
- 545bbecb7bdd6769632504a7
properties:
siteIds:
type: array
description: Array of Sites this app is authorized to
example:
- 62f3b1f7eafac55d0c64ef91
workspaceIds:
type: array
description: Array of Workspaces this app is authorized to
example:
- 72f3b1f7eafac55d0c64ef91
userIds:
type: array
description: Array of Users this app is authorized to
example:
- 545bbecb7bdd6769632504a7
application:
type: object
properties:
id:
type: string
format: objectid
example: 55131cd036c09f7d07883dfc
description: Unique identifier for the Application
description:
type: string
example: OAuth Testing Application
description: Application description provided by the developer
homepage:
type: string
format: uri
example: https://webflow.com
description: Application homepage URL provided by the developer
displayName:
type: string
example: Test App
description: Application name provided by the developer
'401':
description: Provided access token is invalid or does not have access to requested resource
x-logErrorCode: 401
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
4XX:
description: Request body was incorrectly formatted.
x-logErrorCode: 400
content:
application/json:
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: bad_request
message: 'Bad Request: Request is malformed'
externalReference:
details: []
5XX:
description: We had a problem with our server. Try again later.
content:
application/json:
x-logErrorCode: 500
schema:
type: object
example:
code: not_authorized
message: Request not authorized
externalReference:
details: []
properties:
code:
type: string
description: Error code
example: not_authorized
enum:
- bad_request
- collection_not_found
- conflict
- duplicate_collection
- duplicate_user_email
- ecommerce_not_enabled
- forbidden
- forms_require_republish
- incompatible_webhook_filter
- internal_error
- invalid_auth_version
- invalid_credentials
- invalid_domain
- invalid_user_email
- item_not_found
- missing_scopes
- no_domains
- not_authorized
- not_enterprise_plan_site
- not_enterprise_plan_workspace
- order_not_found
- resource_not_found
- too_many_requests
- unsupported_version
- unsupported_webhook_trigger_type
- user_limit_reached
- user_not_found
- users_not_enabled
- validation_error
message:
type: string
description: Error message
example: Request not authorized
externalReference:
type: string
description: Link to more information
example: ''
details:
type: array
description: Array of errors
items:
- type: string
example: Invalid email address
description: Error message
- type: object
example:
field: email
message: Invalid email address
description: Error message
example: []
example:
code: internal_error
message: An Internal Error occurred
externalReference:
details: []
components:
securitySchemes:
OAuth2:
type: oauth2
flows:
authorizationCode:
scopes:
authorized_user:read: read details about the authorized user
assets:read: read assets on the site
assets:write: write assets on a site
cms:read: read collections and items for a site
cms:write: write to collections and items for a site
comments:read: read comments on the site
comments:write: write comments on the site
custom_code:read: read custom code on the site
custom_code:write: modify custom code on the site
ecommerce:read: read ecommerce data
ecommerce:write: edit ecommerce data
forms:read: read form data
forms:write: write form data
pages:read: read pages on the site
pages:write: write to pages on the site
components:read: read component data
components:write: write component data
sites:read: read sites on the site
sites:write: modify pages on the site
users:read: read users on the site
site_activity:read: read site activity logs
users:write: modify users on the site
workspace:read: read workspace resource data
workspace:write: write workspace resource data
site_config:read: read site configuration data
site_config:write: write site configuration data
authorizationUrl: https://webflow.com/oauth/authorize
tokenUrl: https://api.webflow.com/oauth/token
ApiKey:
type: http
scheme: bearer
x-fern-token-variable-name: access_token