Skip to main content

Authorization

Follow this guide to create a new Webflow Data API credential that will allow Nexla to authenticate to and exchange data with your Webflow account.
webflow_api_auth.png

Webflow Data API

Prerequisites

To connect Nexla to the Webflow Data API, you need a registered Webflow application with OAuth 2.0 credentials. Webflow uses a 3-legged OAuth 2.0 flow, which requires a Client ID and Client Secret obtained from a Webflow app you create in your workspace.

Register a Webflow App

Webflow app registration is done through the Webflow Workspace settings. Only workspace administrators can create apps and view client secrets.

  1. Sign in to your Webflow account and open the workspace where you want to grant Nexla access.

  2. Click your workspace name in the top-left corner of the Webflow dashboard, then select Workspace Settings.

  3. In the left navigation panel, select Apps & Integrations, then click App Development.

  4. Click Create new app (or New App if apps already exist) to open the app creation form.

  5. Enter a descriptive name for the app (for example, Nexla Integration) and an optional description. These details are only visible to your workspace members.

  6. Under App capabilities, enable the Data Client capability. This is required to use the OAuth 2.0 Data API scopes.

  7. In the OAuth Redirect URIs field, enter the Nexla OAuth callback URL provided in the credential creation overlay. This must be an https:// URL. Webflow will send the authorization code to this URI after a user approves the connection.

  8. Under Scopes, select all permissions that Nexla requires. The default scope set for this connector is:

    • sites:read — Read site metadata and settings
    • sites:write — Update site settings
    • cms:read — Read CMS collections and items
    • cms:write — Create, update, and publish CMS items
    • pages:read — Read page metadata and DOM content
    • pages:write — Update page metadata and DOM content
    • forms:read — Read form submissions
    • ecommerce:read — Read products, SKUs, and orders
    • ecommerce:write — Create and update products, fulfill and refund orders

    Only request the scopes that your Nexla flows actually need. The default scope list above covers all endpoints supported by this connector. If you only use a subset of endpoints, you can reduce the requested scopes accordingly.

  9. Click Create app. Webflow will display your Client ID and Client Secret. Copy both values and store them securely—the Client Secret is shown only once. If you lose it, you must regenerate it from the app settings.

    Important

    Only workspace administrators can view the Client Secret. Store it in a secure secrets manager or password vault immediately after creation, as it cannot be retrieved again.

For complete details on app registration, see the Webflow OAuth documentation and the Register an App guide.

Create a Webflow Data API Credential

  • To create a new Webflow Data API credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.

Credential Name & Description

  1. Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.

    Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.

OAuth 2.0 Authentication

Nexla connects to the Webflow Data API using the 3-legged OAuth 2.0 authorization code flow. In this flow, you provide the Client ID and Client Secret from your registered Webflow app, and then Nexla redirects you to Webflow to authorize access on behalf of a specific Webflow user account. No access tokens are entered manually—Nexla handles the token exchange and refresh automatically.

  1. Enter the Client ID from your registered Webflow app in the Client ID field. The Client ID uniquely identifies your app in Webflow's OAuth system.

  2. In the Access Scope field, enter the space-separated list of OAuth scopes that this credential should request. The default value is:

    sites:read sites:write cms:read cms:write pages:read pages:write forms:read ecommerce:read ecommerce:write

    Adjust this list to match the scopes configured in your Webflow app. The scopes requested here must be equal to or a subset of the scopes configured on your app in Webflow—requesting additional scopes will result in an authorization error.

  3. Enter the Client Secret from your registered Webflow app in the Client Secret field. This secret is used by Nexla to exchange the authorization code for an access token and to refresh tokens when they expire.

    The Client Secret is a sensitive credential. Nexla stores it in encrypted form. Do not share it in plain text or commit it to source control.

  4. After entering the Client ID, Access Scope, and Client Secret, click the Authorize button (or equivalent OAuth initiation button) in the overlay. Nexla will redirect your browser to the Webflow authorization page, where you can sign in and approve the requested scopes for your workspace.

  5. After approving access in Webflow, you will be redirected back to Nexla. The credential will be updated with the access token and refresh token automatically.

Save the Credential

  1. Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.

  2. The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.