Skip to main content
Solved

How do we see users access levels? (OAuth)

  • September 17, 2023
  • 1 reply
  • 298 views
T

How do we see a users permissions level who authenticated with OAuth on our site?

Best answer by Simon_Steer

As far as I understand, user access levels are determined on a per-file basis, so you can only know a user’s permissions level in relation to a file that they have requested the information of.

You can check the “role” property on the json of a successful response to an endpoint that requests a Figma file’s information.

For example, if an authenticated user makes a request to https://api.figma.com/v1/files/:file_key, a successful response might look something like this:

{
  document: ...
  components: ...
  componentSets: ...
  schemaVersion: ...
  styles: ...
  name: ...
  lastModified: ...
  thumbnailUrl: ...
  version: ...
  role: 'editor' <-- this property is what you're looking for
  editorType: ...
  linkAccess: ...
}

The role property can be one of “viewer”, “owner”, or “editor”. If you get a response with a 404 status you can assume the authenticated user has no associated permissions with the file they requested (or the file does not exist).

This topic has been closed for replies.

1 reply

Simon_Steer
  • Simon_Steer
  • 27 replies
  • Answer
  • September 17, 2023

As far as I understand, user access levels are determined on a per-file basis, so you can only know a user’s permissions level in relation to a file that they have requested the information of.

You can check the “role” property on the json of a successful response to an endpoint that requests a Figma file’s information.

For example, if an authenticated user makes a request to https://api.figma.com/v1/files/:file_key, a successful response might look something like this:

{
  document: ...
  components: ...
  componentSets: ...
  schemaVersion: ...
  styles: ...
  name: ...
  lastModified: ...
  thumbnailUrl: ...
  version: ...
  role: 'editor' <-- this property is what you're looking for
  editorType: ...
  linkAccess: ...
}

The role property can be one of “viewer”, “owner”, or “editor”. If you get a response with a 404 status you can assume the authenticated user has no associated permissions with the file they requested (or the file does not exist).

Terms & ConditionsCookie settingsAccessibility statement