REST API Overview

The Figma REST API lets you build server-side integrations that read and write Figma data. All endpoints return JSON and use standard HTTP methods.

Authentication

Learn how to generate personal access tokens and set up OAuth 2.0 for your application.

Try the API

Copy-paste curl, JavaScript, and Python examples to test every endpoint from your terminal.

Authentication

The API supports two authentication methods:

Method	Header	Use case
Personal access token	`X-Figma-Token: <token>`	Scripts, CI/CD, internal tools
OAuth 2.0 bearer token	`Authorization: Bearer <token>`	Third-party apps acting on behalf of users

See the full Authentication guide for setup instructions, scope reference, and token security best practices.

API Groups

Files

Read file data, inspect the node tree, and export rendered images.

| Endpoint | Method | Description | |----------|--------|-------------| | /v1/files/:key | GET | Get a file's document tree | | /v1/files/:key/nodes | GET | Get specific nodes by ID | | /v1/images/:key | GET | Export node images | | /v1/files/:key/images | GET | Get image fill URLs |

Comments

Read and write comments on Figma files.

| Endpoint | Method | Description | |----------|--------|-------------| | /v1/files/:key/comments | GET | List all comments | | /v1/files/:key/comments | POST | Create a comment | | /v1/files/:key/comments/:id | DELETE | Delete a comment |

Components & Styles

Access published components and styles from team libraries.

| Endpoint | Method | Description | |----------|--------|-------------| | /v1/files/:key/components | GET | List components | | /v1/files/:key/component_sets | GET | List component sets | | /v1/files/:key/styles | GET | List styles | | /v1/styles/:key | GET | Get a single style |

Users

Get information about the authenticated user.

| Endpoint | Method | Description | |----------|--------|-------------| | /v1/me | GET | Get current user info |

Webhooks

Subscribe to real-time events from Figma files and projects.

| Endpoint | Method | Description | |----------|--------|-------------| | /v2/webhooks | POST | Create a webhook | | /v2/webhooks/:id | GET | Get webhook details | | /v2/webhooks/:id | DELETE | Delete a webhook |

Variables

Read and manage design variables and collections.

| Endpoint | Method | Description | |----------|--------|-------------| | /v1/files/:key/variables/local | GET | Get local variables | | /v1/files/:key/variables | POST | Create variables | | /v1/files/:key/variables | PUT | Update variables |

Making Your First Request

Follow these steps to make your first successful API call.

Get a personal access token

Go to your Figma account settings and generate a personal access token. Copy it somewhere safe -- you will not be able to see it again.

See the Authentication guide for detailed instructions on token creation and scope selection.

Make a test request

Use the /v1/me endpoint to verify your token works. This returns information about the authenticated user.

curl -H "X-Figma-Token: YOUR_TOKEN" \
  "https://api.figma.com/v1/me"

Inspect the response

A successful request returns your user profile:

{
  "id": "12345",
  "handle": "designer",
  "email": "designer@example.com",
  "img_url": "https://s3-alpha.figma.com/img/..."
}

Rate Limits

The API enforces rate limits per access token:

Tier	Limit
Standard	30 requests/minute
Increased	120 requests/minute (enterprise)

When you hit a rate limit, the API returns 429 Too Many Requests with a Retry-After header. Implement exponential backoff in your integration.

Error Handling

All errors follow a consistent format:

{
  "status": 403,
  "err": "Forbidden: insufficient permissions"
}

Status	Meaning
`200`	Success
`400`	Bad request — check your parameters
`403`	Forbidden — invalid token or insufficient scope
`404`	Not found — wrong file key or node ID
`429`	Rate limited — back off and retry
`500`	Server error — retry after a delay

Use the Pagination guide to handle large responses efficiently. Many endpoints support cursor-based pagination.