Privacy and security in organizations
Before you start
Who can use this feature
Applies to the Organization and Enterprise plans
Only organization admins can manage an organization's security settings.
Organizations give you greater control over what's shared within your business.
Privacy and security by design
Security is part of everything we do. It’s top of mind in how we work, treat customer data, and develop our product.
Figma has completed a SOC 2 Type II audit. SOC 2 is a security compliance standard for software companies in the United States. Its guidelines and policies help businesses, like Figma, protect customer data.
Learn more about Figma's Privacy and Security policies.
File and draft ownership
The organization has ownership over all the files created within the organization. This includes files within a member's drafts, or external teams. When you remove a member, all their teams, files and projects will stay in the organization.
Figma will also move files a deleted member's drafts to a shared folder in the organization. Organization admins can access these files and delete or redistribute them.
Control link sharing
There are a few ways members can get access to files in an organization:
- A member invites them to the file
- They are a member of the team or project
- They open a link to a Figma file (link sharing)
Use link sharing settings to define who can open the file, and whether they have view or edit access. This includes members of the organization and guests outside of the organization.
You can update the link sharing settings for each file. The default settings are Anyone at organization with link and can view.
Choose how members of your organization can share and access files via links. Guests of an organization can only access files and teams to which they have been invited.
- Choose Anyone with the link to allow people inside and outside the organization to access the file. This includes both members of the organization and Guests who have the link.
- Choose Anyone at organization with the link: organization members will need to have a link to the file to access it. When they open the link, they can view the file.
- Choose Anyone at organization to allow anyone in the organization to access the file. Use this setting for library files you want to share with the whole organization. Guests of the organization won't be able to access these files unless you invite them to the file or team.
- Choose Only people invited to this file if you only want team members or people you explicitly invite to the file to access it.
Interact with files
Choose what level of access other members of the organization have, once they open the file.
This setting applies to anyone who opens the file, unless they're a member of the team or have an explicit role on the file.
- Choose can edit to give anyone who opens the file the option to edit.
- Choose can view to allow people to view the file without being able to make any edits.
- Choose can view prototypes only to only allow them to access the prototype, and not the designs in the file itself.
It's possible to disable public link sharing in an organization. This prevents anyone outside the organization from accessing files via the file link.
Organization admins can turn link sharing off and on on the Settings tab of the organization's Admin settings. Learn more about organization admin →
In a team, permissions determine how members can interact with files and projects in the team.
In an organization, every member of an organization has a role and an account type. This controls what they can access, and how they interact with the organization.
- Register official company domains for email addresses
- Invite members to your organization as members or guests. Guests can only access resources you invite them to.
- Set and update permissions at any time. Downgrade members to Viewer restricted to restrict their access.
- Set different levels of organization access levels for teams.
Learn more about permissions in an organization →
Activity Logs provide a record of how users are interacting with files and resources. This allows you to track what's happening within your organization:
- See who is accessing, copying and sharing Files
- Track changes made to teams, projects and file permissions
- View activity for individual members
- Track changes made by organization admins
- Identify and prevent misuse of organization Resources
Learn more about activity logs →.
Organizations that need enhanced security requirements can configure SAML SSO.
Security Assertion Markup Language (SAML) is a security standard for logging into applications.
Single Sign On (SSO) allows users to log into many applications or websites via one set of login details.
Figma has integrations with the following providers:
You can also set up a custom SAML configuration with a provider that isn't on this list.
If you don't have SAML or Google SSO enabled, members of your organization can add extra security via two-factor authentication (2FA).
When enabled, members will need to confirm their identity every time they log in to Figma.
Members will need to set this up individually, in their account Settings. There isn't a way to enable 2FA or make it mandatory across an entire organization.
If you're using SAML SSO, you may be able to enable 2FA with your identity provider.
Learn more about two-factor authentication →
Enterprise organizations have several options to restrict access and prevent data loss.