Permissions in an Organization

Who can use this feature?

✅ Users on the  Figma Organization plan.

In a Team, your Permissions will determine what Files and Projects you can access and how you can interact with them.

You can be a member of multiple Teams in an Organization, each with its own Permissions. To account for this, we give every member of an Organization a  Role and an Account Type.

Your Role determines:

  • How you can interact Teams, Files and Projects within an Organization
  • If we include you in your Organization's billing

Your Account Type determines what parts of the Organization you can access.

I want to learn more about:

  1. Roles
  2. Account Types

Roles

A member's Permissions - on any Teams, Files or Projects - will dictate their Role in the Organization. The Role also determines if we include that Member in your billing.

There are three Roles in an Organization:

  1. Viewer (previously Starter)
  2. Editor (previously Full)
  3. Viewer [Restricted] (Previously Restricted)

You can find a member's Role in the Members tab of the Admin Console.

Note: If you are using SAML SSO in your Organization, you may also see a Provisional Role. We display this when you have added someone to your SAML SSO provider, but they have not signed up for a Figma account yet.

Viewer

When you first add a new  Member to your account, we will assign them the Viewer role. We don't include Viewer members in the Organization's billing.

A Viewer can:

View any Projects and Files in Teams they are a member
View a Library or Font shared across the Organization
Comment on any Files or Prototypes
✅ Create and edit Files within their Drafts
✅ Use any Fonts shared across the Organization in their Drafts

We treat Viewer as a provisional Role, which means there are no restrictions around upgrading.

Organization Admins can upgrade members to Editors, or Viewers can upgrade themselves.

This is intended to remove any initial barriers to collaboration.

We will automatically upgrade a Viewer to an Editor if:

  • You invite them to a Team in the Organization as an Editor
  • You give them Can Edit access to a File or Project
  • They share a File from their Drafts

You can downgrade a member's Role to restrict their access. Learn more in our Downgrade a Member's Access in an Organization article.

Note: You can't change a member's role back to Viewer. However, you can restrict their access by downgrading them to a Viewer [Restricted] Role.

Editor

Editors are Organization members that have Can Edit access to at least one Team, Project or File. This doesn't apply to Files within a member's Drafts.

We include Editors in your Organization's billing.

In addition to everything Viewers can do, Editors can also:

✅ Edit Files and Projects in any Teams they are an Editor on
✅ Edit Files or Projects they have Can Edit access to
✅ Use Styles and Components from shared Libraries in any Files
✅ Use Fonts shared across the Organization in any Files
Share Files from their Drafts with other members in the Organization

Viewer [Restricted]

Members with a Viewer [Restricted] Role can perform limited actions within an Organization. We don't include Viewer [Restricted] members in an Organization's billing.

A Restricted member can:

✅ View any Projects and Files in Teams they are a part of.
✅ View a Library or Font shared across the Organization.
✅ Comment on any Files or Prototypes shared across the Organization.
✅ Create and edit Files within their Drafts.
✅ Use Styles and Components from shared Libraries in their Drafts
✅ Use any Fonts shared across the Organization in their Drafts

A Restricted member cannot:

❌ Edit Files or Projects in any Teams they are a part of.
❌ Use Styles and Components from shared Libraries in Team Files.
❌ Edit any shared Libraries within the Organization.
❌ Use Fonts shared across the Organization, in any Team Files.
❌ Share Files from their Drafts with other members in the Organization.
❌ Enable Libraries within a Team or across the Organization.
❌ Create Libraries and share them with the Organization.

A Member can request an upgrade from their Account Settings by clicking the Request Upgrade link next to their current Role.

This will send a notification to all Organization Admins, who can then approve or reject the Member's request.


Account Types

A member's Account Type determines what resources and settings they have access to.

We generally refer to everyone in an Organization as a Member. However, there are three Types of Accounts in an Organization.

You can think of Admins and Guests as a subset of Member.

<Image: Account Type Illustration>

Members

Members are users you have added to the Organization via Domain Capture. They have an email address with a domain registered to the Organization e.g. name@organization.com.

Members can:

✅ View a list of all Teams within the Organization
Join or Request to Join any Team within the Organization
✅ Create new Teams within the Organization
✅ Access Secret Teams that they are a member of
✅ View a list of all members of the Organization - this includes Members and Guests
✅ Find and use any Libraries shared across the Organization. This includes Libraries outside of the Teams they are a member of
✅ Find and use Fonts shared across the Organization
✅ Invite other Organization Members to Teams, Files and Projects within the Organization

Admins

Admins are Members that have extra administrative rights within the Organization.

As well as everything Members can do, Admins can also:

✅ Access the entire Admin Console
✅ Change the Organization's Logo
✅ Change the Role and Account Type of any Organization members
✅ Request a list of all members in the Organization 
✅ Upload Fonts to the Organization
✅ View and explore detailed Activity Logs. These record events and actions taken within the Organization
✅ View a detailed billing history
✅ View and manage an Organization's Quarterly True Up
✅ Make payments against an Organization's invoices
✅ Enable default Libraries in the Assets Panel ( Editors only)

There are some things that Admins can't do within an Organization. 

Admins cannot:

❌ Access every Team within your Organization. Admins will need to join a Team to be able to access any Projects, Files and Shared Resources within it.
❌ View Secret Teams in the Organization
❌ Perform Administrative functions on a Team (unless they are an Admin of that team)
❌ Enable default Libraries in the Assets Panel ( Viewers only)

Guests

Guests are users that you have invited to specific Resources within an Organization. This could be a specific Team, File or Project.

Guests are collaborators that haven't been added to your Organization via Domain Capture. These could be external contractors, clients or other collaborators.

Guests can:

✅ Have an email address that isn't registered to the Organization's domain
✅ Access Teams, Projects or Files you have invited them to
✅ Be added to a Team, File or Project within an Organization
✅ Invite other collaborators to Teams, Files and Projects they have access to. They can invite users at or below their access level.

Guests cannot:

❌ View a list of all Teams within the Organization.
Join or Request to Join any Teams within the Organization
❌ Find or use any Libraries shared across the Organization (unless invited)
❌ Find or use any Fonts shared across the Organization

Note: To allow Guests to use Components from a Shared Library, you will need to give them access to the Library’s File.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.