mcp-figma

Overview Schema Related Servers Score Discussions

check_api_key

Verify whether a Figma API key is already configured in the MCP server to enable access to Figma files, comments, and team resources.

Instructions

Check if a Figma API key is already configured

Input Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

src/index.ts:475-488 (handler)

The main handler for the 'check_api_key' tool. It attempts to retrieve the API key via authManager.getAccessToken(), masks it for display if successful, or returns a message indicating no key is configured.

case 'check_api_key': {
  try {
    const token = await this.authManager.getAccessToken();
    // 只显示部分API key作为安全措施
    const maskedToken = token.substring(0, 5) + '...' + token.substring(token.length - 5);
    return {
      content: [{ type: 'text', text: `API key is configured (${maskedToken})` }],
    };
  } catch (error) {
    return {
      content: [{ type: 'text', text: 'No API key is configured. Please use set_api_key to configure one.' }],
    };
  }
}

src/index.ts:105-112 (schema)

Tool schema definition for 'check_api_key', specifying name, description, and empty input schema (no arguments required).

{
  name: 'check_api_key',
  description: 'Check if a Figma API key is already configured',
  inputSchema: {
    type: 'object',
    properties: {},
    required: []
  },

src/utils/auth.ts:32-54 (helper)

Core logic for retrieving the configured Figma API key from AuthManager. Loads from config if needed and throws an error if no key is available.

async getAccessToken(): Promise<string> {
  // 检查我们是否有有效的令牌
  if (this.tokenInfo && Date.now() < this.tokenInfo.expiresAt) {
    return this.tokenInfo.accessToken;
  }

  // 如果没有设置API key，尝试从配置中重新加载
  if (!this.apiKey) {
    const savedApiKey = this.configManager.getApiKey();
    if (savedApiKey) {
      this.setApiKey(savedApiKey);
      return savedApiKey;
    }
    
    throw new McpError(
      ErrorCode.InvalidParams,
      'No Figma API key provided. Use the set_api_key tool first.'
    );
  }

  // 返回API key作为令牌
  return this.apiKey;
}

src/utils/auth.ts:10-18 (helper)

AuthManager constructor initializes by loading any saved API key from config.

constructor() {
  this.configManager = new ConfigManager();
  
  // 从配置中加载API key
  const savedApiKey = this.configManager.getApiKey();
  if (savedApiKey) {
    this.setApiKey(savedApiKey);
  }
}

src/utils/config.ts:49-56 (helper)

ConfigManager methods to get and set the API key, persisting to ~/.mcp-figma/config.json.

public getApiKey(): string | undefined {
  return this.config.apiKey;
}

public setApiKey(apiKey: string): void {
  this.config.apiKey = apiKey;
  this.saveConfig();
}

Tool Definition Quality

A4.1/5.0

Behavior3/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries the full burden of behavioral disclosure. It indicates a read-only check operation, but does not specify details like authentication needs, rate limits, or what the output returns (e.g., boolean status, error messages). It provides basic context but lacks rich behavioral traits.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence that directly states the tool's purpose without unnecessary words. It is appropriately sized and front-loaded, with every part contributing essential information.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's simplicity (0 parameters, no output schema, no annotations), the description is adequate but has gaps. It explains the purpose clearly but does not cover behavioral aspects like return values or error handling, which are important for a check operation. It meets minimum viability but lacks completeness for full contextual understanding.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters4/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The tool has 0 parameters with 100% schema description coverage, so the schema fully documents the inputs. The description does not add parameter details beyond the schema, but this is acceptable given no parameters exist. Baseline is 4 for zero parameters, as no compensation is needed.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the specific action ('Check') and resource ('Figma API key'), with the qualifier 'already configured' distinguishing it from sibling tools like 'set_api_key'. It precisely communicates what the tool does without being vague or tautological.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines4/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description implies usage context (e.g., verifying API key configuration status), but does not explicitly state when to use this tool versus alternatives like 'set_api_key' or provide exclusions. It offers clear context but lacks explicit guidance on alternatives or when-not scenarios.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/smithery-ai/mcp-figma'

If you have feedback or need assistance with the MCP directory API, please join our Discord server