Webflow CMS API: What Trellis Uses Under the Hood
Every operation Trellis performs is a documented Webflow Data API v2 call — not browser automation or screen scraping. Here is what Trellis calls, how rate limits work, and why this matters.
Webflow Data API v2 overview
Webflow provides a REST-based Data API (version 2) that allows external tools to read and write CMS content programmatically. Authentication uses OAuth 2.0 — when you connect your Webflow site in Trellis, you authorize Trellis to make API calls on your behalf with specific scopes (sites:read, collections:read, collections:write, items:read, items:write).
Every action Trellis takes on your Webflow site is a documented API call. Trellis does not use browser automation, screen scraping, or undocumented endpoints. This means:
- Transparency — you can see exactly what Trellis is doing by reading the Webflow API documentation.
- Stability — documented API endpoints have deprecation policies and versioning, so changes do not break integrations overnight.
- Security — OAuth scopes limit what Trellis can access. It cannot modify your site design, DNS settings, or billing.
What Trellis calls
Site and collection discovery
| Endpoint | Purpose |
|---|---|
GET /sites | List all sites in the authorized workspace to let you choose which site to sync to. |
GET /sites/{site_id}/collections | List all CMS collections in a site — used to show existing collections during mapping. |
GET /collections/{collection_id}/fields | Retrieve the field schema of a collection — used to build the field mapping UI. |
Collection and field management
| Endpoint | Purpose |
|---|---|
POST /sites/{site_id}/collections | Create a new CMS collection when Trellis Architect builds your content structure. |
POST /collections/{collection_id}/fields | Add fields to a collection during schema build. |
Item CRUD
| Endpoint | Purpose |
|---|---|
GET /collections/{collection_id}/items | List existing items — used during sync to detect what already exists. |
POST /collections/{collection_id}/items | Create new CMS items (supports bulk: up to 100 items per request). |
PATCH /collections/{collection_id}/items/{item_id} | Update an existing item when the source data has changed. |
DELETE /collections/{collection_id}/items/{item_id} | Remove an item that was deleted in the source. |
Publishing
| Endpoint | Purpose |
|---|---|
POST /sites/{site_id}/publish | Publish the site after CMS changes, if auto-publish is enabled in your Trellis settings. |
Rate limits
Webflow enforces a rate limit of 120 requests per minute across all integrations sharing the same OAuth token. This is a hard limit — exceeding it returns a 429 status code and Trellis must wait before retrying.
How Trellis handles rate limits:
- Request queuing — API calls are queued and dispatched at a controlled rate to stay under the limit.
- Exponential backoff — if a 429 response is received, Trellis waits progressively longer before retrying (1s, 2s, 4s, etc.).
- Batch operations — bulk create and update endpoints accept up to 100 items per request, dramatically reducing the number of API calls needed for large syncs.
Practical impact:
- A sync of 500 items using bulk operations requires as few as 5 API calls (500 / 100 per batch).
- A sync of 500 items without batching would require 500+ calls, taking over 4 minutes just for rate-limit compliance.
Trellis always uses bulk operations when available.
Field creation order
When Trellis Architect builds a new collection schema, it creates fields in a specific order to handle dependencies:
- Non-reference fields first — plain text, rich text, image, number, date, color, switch, option, link, video, email, phone, and slug fields.
- Reference and multi-reference fields second — these fields point to other collections, which must already exist before the reference can be created.
This dependency resolution ensures that collection creation never fails due to a missing reference target. If Collection A references Collection B, Trellis creates Collection B (and its non-reference fields) before creating the reference field on Collection A.
Why the API matters to you
Understanding that Trellis uses the official API is important for several reasons:
- No lock-in — if you stop using Trellis, your Webflow CMS data remains exactly as it is. Nothing is stored in a proprietary format.
- Debugging — if a sync fails, the error comes directly from Webflow's API with a documented error code. Trellis surfaces these in plain English in the sync log.
- Compliance — for enterprise teams, knowing that all operations go through OAuth-scoped, documented API endpoints simplifies security reviews.
- Limits are Webflow's limits — the 120 req/min rate limit, 4 MB image size, and collection item caps are Webflow platform constraints, not Trellis limitations.
Further reading
- Webflow Data API v2 Documentation — the official API reference.
- Webflow Connector — how to connect your Webflow site to Trellis.