How to set up plugin for OAuth using REST?

I want my plugin to retrieve remote data such as library styles and thumbnail previews from a user’s Figma file. So far, it seems like the only way to do so is through Figma’s REST api.

For starters, I’m trying to figure out how to prompt the user to give my plugin permission to access the contents of their Figma file. As someone with zero back-end knowledge, I’m completely stumped at Figma’s tutorial for authenticating users.

So the tutorial asks me to do this:

Screenshot 2023-11-07 at 11.20.21 AM1226×420 13.5 KB

I have so many questions:

1. Can I use javascript’s fetch api to make REST call like so? Would other libraries like Express and Axios be a better alternative?
   

   

   Screenshot 2023-11-07 at 11.12.27 AM1358×556 52.7 KB

2. The documentation says that the URl must be opened in the user’s browser:
   

   

   Screenshot 2023-11-07 at 11.27.15 AM1166×244 20.9 KB
   
   Does this mean that I need my plugin to open a new window for the permission prompt? If so, do I do so via something like window.open()?

3. The documentation says that I have to register my app in order to generate my client id like so:
   

   

   Screenshot 2023-11-07 at 11.41.14 AM1194×390 46.6 KB
   
   Can this work even when my plugin isn’t published yet?

4. It seems like I have to setup a callback for the redirect URI for my app. What should I even put here?
   

   

   Screenshot 2023-11-07 at 11.47.57 AM1650×620 29.2 KB

Hey @Zack_Hong, thanks for reaching out!

To call the REST API from a plugin, you’ll need to host a backend service somewhere that does the OAuth and the address of that service is what will go in the “Callbacks” section. It’s a bit complicated for anyone with zero back-end knowledge, so if you need more one on one guidance, please reach out to the support team directly via this form for help: https://help.figma.com/hc/en-us/requests/new