Hi,
We recently migrated our integration from a personal access token (figd_...) to a plan access token (figp_...), and the image render endpoint started failing — but only when the version query parameter is included.
Request:
GET https://api.figma.com/v1/images/:file_key?ids=9544:3051&format=svg&scale=1&version=<version_id>
X-FIGMA-TOKEN: figp_...Response:
{
"status": 400,
"err": "Missing required parameter: must provide either user_id or plan_key"
}What we've verified:
- The same request without the version parameter returns 200 and renders the image correctly, so the token, file, and node are all fine.
- It fails with any version ID, including the file's latest version, and with any format (svg, png).
- GET /v1/files/:file_key?version=<version_id> works fine with the same token, so the version ID is valid and accessible.
- We tried adding user_id as a query parameter and the error persists. Neither user_id nor plan_key is documented for this endpoint in the REST API reference, and the plan access tokens page doesn't list this endpoint as restricted.
- The exact same request (including version) worked correctly before migrating from a personal access token.
The error message looks like an internal attribution requirement leaking through the public API: version-pinned renders seem to require a user/plan context that plan access tokens don't carry, and there's no documented way to provide it from the client side.
Questions:
1. Is this a known limitation of plan access tokens, or a bug?
2. If it's expected behavior, how should we pass plan_key (or equivalent) so that version-pinned renders work with a plan access token?
Our use case: we render and cache node images per file version, so dropping the version parameter means we can no longer guarantee the rendered image matches the pinned version.
Thanks!
