Configure Azure Active Directory SAML SSO
IMPORTANT You can only use SAML SSO if you are on Figma’s Organizations plan(Currently in Beta) and have an Azure Subscription. Learn more about Figma's plans here: https://www.figma.com/pricing
If you're using Microsoft Azure, then you can configure your Figma Organization to allows users to login to their account using their Azure AD credentials.
This also allows you to control who has access to your Figma account, and manage your user accounts in one place, directly in Azure AD.
In this article, we'll take you through the steps required to get SAML SSO set up with Azure AD:
- Get your Configuration details from Figma.
- Enable Single Sign-On in Azure Active Directory.
- Complete Figma's Configuration Form.
- Test SSO with a Test User.
Learn more about SAML SSO in our Getting Started with SAML SSO article.
1 | Get your Configuration details from Figma
Before you can get started with SAML SSO and Azure, you'll need to get your Organizations Azure AD configuration details from the Figma Support team( firstname.lastname@example.org).
They will provide you with the following:
- Identifier(Entity ID).
- Reply URL(ACS URL).
- Sign on URL.
2 | Enable Single Sign-On(SSO) in Azure
Once you have your configuration details, you can start the setup process in your Azure account. You will need to create a new Non-Gallery application for Figma in your Azure portal.
- Login to your Azure Portal and go to Azure Active Directory in the left-hand navigation menu.
- Select Enterprise Applications and then All Applications.
- Click the New Application button.
- Search for Figma in the field provided and click Add to add the application to your portal.
- Once it's added, you can go to the Single Sign-On configuration page.
- Set the Mode as SAML-based Sign-On to enable.
- Copy the App Federation Metadata URL and fill this form: https://goo.gl/forms/qScpnT0m4IUk6W2g2
3 | Complete Figma's Configuration
Once you have shared your App Federation Metadata URL in Step 2.7, follow the configuration instructions provided by Microsoft: https://go.microsoft.com/fwlink/?linkid=2010098
4 | Test the SSO process with a User
Microsoft Azure recommend testing this with some test user accounts, before adding or importing all of your accounts.
- Creating a test user in Azure AD.
- Creating a test user in Figma(with the same credentials as in Azure AD).
- Assign the Azure AD user to the corresponding Figma account.
- Test the SSO process.
You can find detailed step-by-step instructions on how to do this in Microsoft Azure's article here: https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/figma-tutorial#configure-and-test-azure-ad-single-sign-on(Start from the"Create an Azure AD test user" section!)