Skip to main content
Solved

How do we see users access levels? (OAuth)

  • September 17, 2023
  • 1 reply
  • 269 views
T

How do we see a users permissions level who authenticated with OAuth on our site?

Best answer by Simon_Steer

As far as I understand, user access levels are determined on a per-file basis, so you can only know a user’s permissions level in relation to a file that they have requested the information of.

You can check the “role” property on the json of a successful response to an endpoint that requests a Figma file’s information.

For example, if an authenticated user makes a request to https://api.figma.com/v1/files/:file_key, a successful response might look something like this:

{
  document: ...
  components: ...
  componentSets: ...
  schemaVersion: ...
  styles: ...
  name: ...
  lastModified: ...
  thumbnailUrl: ...
  version: ...
  role: 'editor' <-- this property is what you're looking for
  editorType: ...
  linkAccess: ...
}

The role property can be one of “viewer”, “owner”, or “editor”. If you get a response with a 404 status you can assume the authenticated user has no associated permissions with the file they requested (or the file does not exist).

View original
This topic has been closed for replies.

1 reply

Simon_Steer
  • Simon_Steer
  • 28 replies
  • Answer
  • September 17, 2023

As far as I understand, user access levels are determined on a per-file basis, so you can only know a user’s permissions level in relation to a file that they have requested the information of.

You can check the “role” property on the json of a successful response to an endpoint that requests a Figma file’s information.

For example, if an authenticated user makes a request to https://api.figma.com/v1/files/:file_key, a successful response might look something like this:

{
  document: ...
  components: ...
  componentSets: ...
  schemaVersion: ...
  styles: ...
  name: ...
  lastModified: ...
  thumbnailUrl: ...
  version: ...
  role: 'editor' <-- this property is what you're looking for
  editorType: ...
  linkAccess: ...
}

The role property can be one of “viewer”, “owner”, or “editor”. If you get a response with a 404 status you can assume the authenticated user has no associated permissions with the file they requested (or the file does not exist).

Terms & ConditionsCookie settings

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

 
Cookie settings