General Data Protection Regulations (GDPR)

    What is it?

    The  General Data Protection Regulation (GDPR), is a European privacy law approved by the European Commission in 2016 that will go into effect May 25th 2018.

    The GDPR will replace a prior European Union (EU) privacy directive known as Directive 95/46/EC which has been the basis of European data protection law since 1995.

    In a nutshell, GDPR gives EU citizens and residents control over their personal data while simplifying the regulatory environment for international business that takes place in the EU.

    Why is it important?

    GDPR adds some new requirements regarding how companies should protect individuals' personal data that they collect and process. It also raises the stakes for compliance by increasing enforcement and imposing greater fines for breach. Beyond these facts, it's simply the right thing to do. 

    Figma’s commitment to data privacy and GDPR compliance 

    At Figma, we strongly believe your data privacy is very important, and we already have solid security and privacy practices in place. Please refer to our  Terms of Service and Privacy Policy.

    We are working with our customers to answer any questions and address any concerns regarding how we protect their personal data. Please don’t hesitate to reach out via  support@figma.com with any questions.

    Deleting your Figma Account

    If you would like to permanently delete your Figma account, please follow these steps:

    1. Log in to Figma
    2. Click on the Menu in the top left corner
    3. Select Account Settings
    4. Scroll to the Account section at the bottom
    5. Click Delete Account
    6. Complete the on-screen prompts

    Check out our Delete your Figma account article for more information.

    Related Videos

    • Getting Started with SAML SSO

      Organizations that need enhanced security requirements can configure SAML SSO.

      Security Assertion Markup Language (SAML) is a security standard for logging into applications.

      Single Sign On (SSO) allows users to log into many applications or websites via one set of login details.

      How SAML SSO Works

      The Identity Provider (IdP) manages the Organization's user accounts and credentials.

      The Service Provider (SP) is the app or website that provides services to the User or Organization. That's Figma.

      1. The User attempts to log in to Figma via SAML SSO
      2. Figma creates a SAML request and sends this to the IdP
      3. The IdP checks this user's credentials to confirm they are correct
      4. The IdP sends a response to Figma to verify the user's identity
      5. Figma accepts the response and logs the user into their Figma account

      Set up SAML for an Organization

      The process for configuring SAML will depend on your specific IdP. Figma has dedicated integrations with the following providers:

      Note: You can also set up a custom SAML configuration with a provider that isn't on this list. Learn more in our Set up a Custom SAML Configuration article.

      We've outlined the general process for implementing SAML SSO in your Organization:

      1. Confirm your Company Domain(s)
      2. Add the Figma app to your IdP
      3. Configure SAML SSO in Figma
      4. Add your SAML details to your IdP
      5. Set up SCIM Provisioning
      6. Users Log In to Figma via SAML
      7. Manage Member Permissions in Figma

      Confirm your Company Domain(s)

      Domain Capture allows you to define any email domains associated with your Organization. This allows anyone with a company email address to log in to your Organization e.g. name@figma.com.

      You can define more than one domain for your Organization. For this to work with SAML, you will also need to register those domains with your Identity Provider.

      Current Figma users will want to be able to access Files and Projects from their existing login.

      Make sure everyone is using Figma with their correct company email, before you set up SAML. This includes people using email aliases.

      Add the Figma app to your IdP

      If you're using a Supported Identity Provider, you will need to add the Figma app to your IdP.

      During this process your Identity Provider will provide you with a Metadata URL.

      This is an XML link that we'll use to connect the two applications. We also use this link to authenticate your users when they log in to Figma.

      Configure SAML SSO in Figma

      Next, you'll need to set up SAML SSO in Figma. This does two things:

      • Enables SAML SSO in your Organization
      • Connects your IdP to your Figma account

      At this point, you can choose if users may or must log in via SAML.

      At the end of the configuration process, Figma will provide you with a Tenant ID. You will need this to complete the configuration process with your IdP.

      Note: If you want to set up Google SSO, all users will need to login via Google SSO. There is no way to make this optional or enable this for only some users.

      Add your SAML details to your IdP

      You will need to complete the rest of the set up process with your IdP.

      • Supported Identity Providers: you'll only need the Tenant ID Figma created.
      • Custom SAML configurations: you'll need the SP Entity ID and SP ACS URL Figma generated.

      Set up SCIM Provisioning

      All SAML configurations support "Just In Time" (JIT) or Manual provisioning.

      JIT provisioning allows Figma to create and update users in Figma. JIT provisioning allows Figma to create and update users in Figma. JIT only apples changes when a user logs in to their account, not when an Admin makes the changes.

      If you're using a supported Identity Provider, you can enable provisioning via SCIM. We don't support SCIM provisioning for custom SAML configurations.

      SCIM gives you greater control as it allows you to import and deactivate users. SCIM pushes any changes you make with the IdP to the SP as soon as they happen.

      It's not possible to define a user's permissions via your Identity Provider. You can only manage a user's permissions in Figma.

      For every user that you provision in your IdP, we will add them to Figma as a Viewer. Learn more about Permissions in an Organization.

      Users Log in to Figma via SAML

      Users can now access Figma using their company email address and password.

      Manage Member Permissions in Figma

      It's not possible to define a user's permissions via your Identity Provider. You can only manage a user's permissions in Figma.

      By default, we give every user that you add to your IdP Viewer permissions. This is a provisional Role, which means there are no restrictions around upgrading.

      You can update a user's permissions at any time:

    • Privacy and Security in an Organization

      Before you start

      Who can use this feature

      Users on Figma Organization Plan

      Users with Admin access can manage an Organization's settings.

      Figma Organization gives you greater control over what's shared within your business.

      Privacy and Security by Design

      Security is part of everything we do. It’s top of mind in how we work, treat customer data, and develop our product.

      • Figma has completed a SOC 2 Type II audit. SOC 2 is a security compliance standard for software companies in the United States. Its guidelines and policies help businesses, like Figma, protect customer data.
      • Figma is also certified under the EU-US and Swiss-US Privacy Shield Frameworks. Privacy Shield protects the transfer of customer data between the United States and European Union (EU).

      Check out Figma's Privacy and Security policies.

      Intellectual Property

      The Organization has ownership over all the Files created within the Organization. This includes Files within a member's Drafts, or Personal Space.

      When you remove a member, all their Teams, Files and Projects will stay in the Organization.

      Figma will also move Files a deleted member's Drafts to a shared folder in the Organization. Organization Admins can access these Files and delete or redistribute them.

      Link Access Controls

      You can choose which Files you want to share with your Organization. You can control how to share a File is via the File's Link Sharing settings.

      Link Sharing Discovery defines how members of your Organization can find Files.

      • Anyone with the link (including outside the Organization)
      • Anyone at <Organization> with the link
      • Anyone at <Organization> [Default]
      • Only people invited to the File

      Link Sharing Permissions setting determines what permissions they have on those Files.

      • Can View (Viewer) [Default]
      • Can Edit (Editor)

      In an Organization you can also choose to completely disable Link Sharing. This will prevent anyone from outside your Organization from viewing your Files.

      This is different from Link Sharing that is available on each File. To disable Link Sharing in your Organization, contact the Figma Support team.

      Permissions

      In a Team, Permissions determine how members can interact with Files and Projects in the Team.

      In an Organization, every member of an Organization has a Role and an Account Type. This controls what they can access, and how they interact with the Organization.

      • Register official company domains for email addresses
      • Invite members to your Organization as Members or Guests. Guests can only access resources you invite them to.
      • Set and update Permissions at any time. Downgrade members to Viewer [Restricted] to restrict their access.
      • Set different levels of Organization Access for Teams

      Learn more about Roles and Account Types in our Permissions in an Organization article.

      Activity Logs

      Activity Logs provide a record of how users are interacting with Files and resources. This allows you to track what's happening within your Organization:

      • See who is accessing, copying and sharing Files
      • Track changes made to Teams, Projects and File Permissions
      • View Activity for individual members
      • Track changes made by Organization Admins
      • Identify and prevent misuse of Organization Resources

      Learn more about viewing activity logs in an Organization.

      SAML SSO

      Organizations that need enhanced security requirements can configure SAML SSO.

      Security Assertion Markup Language (SAML) is a security standard for logging into applications.

      Single Sign On (SSO) allows users to log into many applications or websites via one set of login details.

      Figma has integrations with the following providers:

      You can also Set up a Custom SAML Configuration with a provider that isn't on this list.

      Learn more about getting started with SAML SSO.

      Two-Factor Authentication

      If you don't have SAML or Google SSO enabled, members of your Organization can add extra security via two-factor authentication (2FA).

      When enabled, members will need to confirm their identity every time they log in to Figma.

      Members will need to set this up individually, in their Account Settings. There isn't a way to enable 2FA or make it mandatory across an entire Organization.

      If you're using SAML SSO, you may be able to enable 2FA with your Identity Provider.

      Learn more about adding two-factor authentication to your account.

    • Configure and Provision SAML SSO with Okta

      Before you Start

      Who can use this feature

      Users on the Figma Organization Plan

      Only Organization Admins can configure SAML SSO.

      You will need to have an existing Okta account

      Learn more about SAML SSO in our Getting Started with SAML SSO article.

      Figma supports both Identity Provider and Service Provider initiated SAML. Our integration with Okta supports both Authentication and Provisioning for SAML.

      To configure SAML SSO with Okta:

      1. Add Figma to Okta
      2. Configure SAML SSO in Figma
      3. Configure SAML SSO in Okta
      4. Set up Automatic Provisioning via SCIM

      Add Figma to Okta

      First, you will need to add the Figma Okta app to your Okta account. This will allow you to generate a IdP Metadata URL, which you'll need to connect Okta to Figma.

      1. Log in to your Okta account and head to the Applications page.
      2. Select Add Application from the options.
      3. Search for Figma and click the Add button to add Figma to your account:
      4. Once installed, you can go to the Sign On page.
      5. Right click on the Identity Provider Metadata link and choose Copy link address. The link should look like this: https://example.okta.com/app/abc123/sso/saml/metadata

      Configure SAML SSO in Figma

      Next you'll need to set up SAML SSO in Figma.

      1. Open the Admin Console:

        Click on the Organization’s name in the File Browser and go to the Settings tab.

      2. In the General tab, find the Log in and Provisioning section.
      3. Click the Update Log In Settings link.
      4. Click the Configure SAML button at the bottom of the SAML SSO section.
      5. Select Okta from the options.
      6. Enter the IdP Metadata IRL you got from Okta. Click Review.
      7. Check the box to confirm This information is correct... and click Configure SAML SSO.
      8. Click the Copy link next to your Tenant ID. You'll need this to complete the set up process in Okta.

      Configure SAML SSO in Okta

      Now you have your Tenant ID, you can complete the configuration process in Okta. You can also map User Attributes between applications.

      Configure SAML SSO

      1. Open the Figma app in Okta.
      2. Go to Sign On tab and click Edit.
      3. Scroll down to the Advanced Sign-On Settings section.
      4. Enter your Tenant ID in the field provided.
      5. In the Application username format field, select Email from the options.
      6. Click Save to complete the process.

      Log in via Figma (SP initiated SSO) To start the SAML SSO process from Figma's end, you can head to the following URL:  https://www.figma.com/saml/[TenantID]/start

      Assign Users to the Application

      Now that everything is set up, you can start assigning users to the application. As part of this process, you may be asked to provide additional information about each user.

      Figma supports some basic attributes, as well as Attributes only available tom SCIM Enterprise users.

      Head to the  Assignments tab (on the far right) to start adding users to the application.

      Supported Basic Attributes

      Variable Name External Name External Namespace Suggested Mapping
      givenName givenName urn:ietf:params:scim:schemas:core:2.0:User user.firstName
      familyName  familyName urn:ietf:params:scim:schemas:core:2.0:User user.lastName
      displayName  displayName urn:ietf:params:scim:schemas:core:2.0:User user.displayName
      title  title urn:ietf:params:scim:schemas:core:2.0:User user.title

       Supported SCIM Enterprise User Attributes 

      Variable Name External Name External Namespace Suggested Mapping  
      employeeNumber employeeNumber urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.employeeNumber
      costCenter costCenter urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.costCenter
      organization organization urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.organization
      division division urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.division
      department department urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.department
      managerValue manager.value urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.managerId
      managerDisplayName manager.displayName urn:ietf:params:scim:schemas:extension:enterprise:2.0:User user.manager

       

      Note: Missing the SCIM Enterprise User attributes? Figma applications added in Okta prior to June 2019 may need to be upgraded. Please contact support@figma.com for assistance.

      Set up Automatic Provisioning via SCIM

      To set up Automatic Provisioning you will need to:

      1. Generate an API Token in Figma
      2. Configure Automatic Provisioning in Okta

      We recommend having both of these windows open at the same time, to make that process easier.

      Generate an API Token in Figma

      1. In Figma, click on your Organization and go to the Settings tab.
      2. On the General page click the Update Log in Settings link.
      3. In the SAML SSO section, copy the Tenant ID.
      4. In the SCIM Provisioning section, click Generate API Token.
      5. Copy the API Token value.

      Configure Automatic Provisioning in Okta

      Note: You'll need your API Token from Figma

      1. Open the Figma app in Okta.
      2. Go to the Provisioning tab in the Figma app.
      3. Click the Configure API Integration button.
      4. Check the box next to Enable API Integration.
      5. Enter the API Token in the field provided.
      6. Click Test API Credentials to ensure it's set up correctly.
      7. When you see the success message, click Save to apply:
      8. A few more options will now appear under the Provisioning section. Click on the To App option in the left-hand menu.

        Important! Ensure all the following functions are enabled

        • Create Users
        • Update User Attributes
        • Deactivate Users

      9. Click Save to apply.
    • Configure and Provision SAML SSO with Azure Active Directory

      Before you Start

      Who can use this feature

      Users on the Figma Organization Plan

      Only Organization Admins can configure SAML SSO.

      You will need to have an existing Microsoft Azure Active Directory account

      Learn more about SAML SSO in our Getting Started with SAML SSO article.

      Figma supports both IdP and SP initiated SAML. Our integration with Azure Active Directory supports both Authentication and Provisioning for SAML.

      To configure SAML SSO with Azure:

      1. Add Figma to your Azure Portal
      2. Configure SAML SSO in Figma
      3. Configure SAML SSO in Azure
      4. Set up Automatic Provisioning via SCIM

      Note: Microsoft recommends testing your SAML Configuration in a sandbox environment. You can do this before you configure Automatic Provisioning via SCIM. Find detailed instructions in Microsoft's Azure Active Directory SSO Integration with Figma article.

      Add Figma to Azure AD

      You will need to add Figma to your Azure Portal and enable SAML SSO. This will generate an App Federation Metadata URL, which connects the two applications.

      1. Log in to your Azure Portal and using the left navigation menu open Azure Active Directory.
      2. Select Enterprise Applications and then All Applications.
      3. Click on the Enterprise Applications setting.
      4. In the Manage section, select All Applications.
      5. Click the + New application button.
      6. Search for Figma in the field provided and click Add to add the application to your portal.
      7. Go to the Single Sign-On configuration page.
      8. Set the Mode as SAML-based Sign-On.
      9. Copy the App Federation Metadata URL.

      Configure SAML SSO in Figma

      Next you will need to set up the Azure Active Directory integration in Figma.

      1. Click on the Organization’s name in the File Browser and go to the Settings tab.
      2. In the General tab, find the Log in and Provisioning section.
      3. Click the Update Log In Settings link.
      4. Click the Configure SAML button at the bottom of the SAML SSO section:
      5. Select Microsoft Azure Active Directory from the options
      6. Enter the IdP Metadata IRL (App Federation Metadata URL) you got from Microsoft Azure. Click Review.
      7. Check the box to confirm This information is correct... and click Configure SAML SSO.
      8. Figma will show your configuration in the SAML SSO section.
      9. Click the Copy link next to your Tenant ID. Your Tenant ID will form the Tenant URL, which you'll need during the set up process in Azure: https://www.figma.com/saml/<<strong>TENANT ID</strong>>

      Configure SAML SSO in Azure

      Complete these steps to configure SAML SSO in Azure Active Directory. You can choose to initiate SAML from the IdP (Azure Active Directory) or SP (Figma).

      Configure SAML SSO

      1. In your Azure Portal open the Figma app.
      2. In the Manage section, select Single Sign-On
      3. On the Select a single sign-on method page, select SAML.
      4. Click the pen icon next to Basic SAML Configuration
      5. To configure in in IDP initiated mode:

        a. In the  Identifier field enter the URL: https://www.figma.com/saml/<TENANT ID><br> b. In the Reply URL field enter the URL: https://www.figma.com/saml/<TENANT ID>/consume 
        Swap the <TENANT ID> placeholder with the Tenant ID generated by Figma.

      6. To configure in SP initiated mode:
        • Click Set additional URLs
        • In the Sign-on URL field enter the URL: https://www.figma.com/saml/<TENANT ID>/start

        Swap the <TENANT ID> placeholder with the Tenant ID generated by Figma.

      Map User Attributes

      You can also map your User attributes in Azure Active Directory.

      Required

      There are some Required attributes that you will need to keep.

      GivenName user.givenname
      Surname user.surname
      Emailaddress user.mail
      Name user.userprincipalname
      Unique User Identifier user.userprincipalname
         

      Pre-Populated

      Figma will pre-populate some other attributes. You can review and adjust these as required.

      externalId user.mailnickname
      displayName user.displayname
      title user.jobtitle
      emailaddress user.mail
      familyName user.surname
      givenName givenName
      userName user.userprincipalname

      Test your SAML Configuration

      Microsoft recommends testing your SAML configuration before adding or importing your accounts.

      1. Create a Test User in Azure AD
      2. Assign the Test User to Figma in Azure AD
      3. Figma Creates a Corresponding Test User in Figma
      4. Test the SSO Process

      Find detailed instructions in  Microsoft Azure's Tutorial: Azure Active Directory single sign-on (SSO) integration with Figma.

      Set up Automatic Provisioning via SCIM

      To set up Automatic Provisioning you will need to:

      1. Generate an API Token in Figma
      2. Configure Automatic Provisioning in Azure AD

      We recommend having both of these windows open at the same time, to make that process easier.

      Generate an API Token in Figma

      1. In Figma, click on your Organization and go to the Settings tab.
      2. On the General page click the Update Log in Settings link.
      3. In the SAML SSO section, copy the Tenant ID.
      4. In the SCIM Provisioning section, click Generate API Token.
      5. Copy the API Token value.

      Configure Automatic Provisioning in Azure AD

      Note: You'll need your Tenant ID and API Token from Figma

      1. In your Azure Portal go to Enterprise Applications > All Applications
      2. Select the Figma app.
      3. In the Manage section select Provisioning
      4. Set the Provisioning Mode to Automatic
      5. In Admin Credentials section:
        a. Enter the following in the Tenant URL: https://www.figma.com/scim/v2/<TenantID>  Swap the <TENANT ID> placeholder with the Tenant ID generated by Figma.
        b. Enter the API Token in the Secret Token field.
        c. Click Test Connection to make sure that Azure AD can connect to Figma.
      6. Next you will need to set up a notification for any failures:
        a. Enter the desired email address in the Notification Email field.
        b. Check the box next to Send an email notification when a failure occurs.
        c. Click Save to apply.
      7. Next you can review your User Attribute Mappings:
        a. In the Mappings section, select Synchronize Azure Active Directory Users to Figma.
        b. In the Attribute Mappings section, review the Azure Active Directory Attribute and the corresponding Figma Attribute.
        c. Click the Save button to apply any changes.
      8. In the Settings section you can:
        a. Toggle the Provisioning Status > On.
        b. Define which users and/or groups you would like to provision to Figma. Choose from:
        - Sync all users and groups
        - Sync only assigned users and groups
      9. Click Save to apply your provisioning settings.

      Note: These instructions are modified from Microsoft Azure's Tutorial. Check out Configure Figma for automatic user provisioning for screenshots and detailed explanations.

    • Configure and Provision SAML SSO with OneLogin

      Before you Start

      Who can use this feature

      Users on the Figma Organization Plan

      Only Organization Admins can configure SAML SSO.

      You will need to have an existing OneLogin account

      Learn more about SAML SSO in our Getting Started with SAML SSO article.

      Figma supports both Identity Provider and Service Provider initiated SAML. Our integration with OneLogin supports both Authentication and Provisioning for SAML.

      To configure SAML SSO with OneLogin:

      1. Add Figma to OneLogin
      2. Configure SAML SSO in Figma
      3. Configure SAML SSO in OneLogin
      4. Set up Automatic Provisioning via SCIM

      Add Figma to OneLogin

      First, you'll need to add the Figma App to your OneLogin account.

      1. Log in to your OneLogin account and go the Administration section.
      2. Head over to the Apps page and select Add Apps.
      3. Search for "Figma" in the Find apps field.
      4. On the Info tab, click Save to add the app to your Company Apps.
      5. You will then be able to access the additional configuration settings. Click on the SSO tab:
      6. Copy the contents of the Issuer URL field:

      Configure SAML SSO in Figma

      Next you'll need to set up SAML SSO in Figma.

      1. Open the Admin Console: Click on the Organization’s name in the File Browser and go to the Settings tab.
      2. In the General tab, find the Log in and Provisioning section.
      3. Click the Update Log In Settings link.
      4. Click the Configure SAML button at the bottom of the SAML SSO section.
      5. Select Okta from the options.
      6. Enter the IdP Metadata IRL you got from Okta. Click Review.
      7. Check the box to confirm This information is correct... and click Configure SAML SSO.
      8. Click the Copy link next to your Tenant ID. You'll need this to complete the set up process in Okta.

      Configure SAML SSO in OneLogin

      Once you've received your confirmation and  Tenant ID, you can complete the configuration process in OneLogin.

      1. Go back to the Figma App in OneLogin (Administration > Apps > Figma)
      2. Go to the Configuration Tab for the Figma app:

      3. Enter the Tenant ID that you copied from Figma.
      4. Click SAVE to complete the process.

      Set up Automatic Provisioning via SCIM

      To set up Automatic Provisioning you will need to:

      1. Generate an API Token in Figma
      2. Configure Automatic Provisioning in OneLogin
      3. Map Custom Attributes

      Tip! We recommend having both of these windows open at the same time, to make that process easier.

      Generate an API Token in Figma

      1. In Figma, click on your Organization and go to the Settings tab.
      2. On the General page click the Update Log in Settings link.
      3. In the SCIM Provisioning section, click Generate API Token.
      4. Copy the API Token value.

      Configure Automatic Provisioning in OneLogin

      You'll need your API Token from Figma

      1. Open the Figma app in OneLogin.
      2. Go to the Configuration Tab for the Figma app.
      3. Under API connection, enter your API token in the SCIM Bearer Token field.
      4. Click ENABLE.
      5. Go to the Provisioning tab and check the box next to Enable Provisioning.
      6. Select which provisioning actions you want to require administrator approval for. You can choose to enable this for:
        • Create User
        • Delete User
        • Update User
      7. Decide the appropriate action for When user accounts are suspended in OneLogin..

      Add Custom Attributes

      Some Figma attributes are mapped to OneLogin attributes by default:

      Email First Name Last Name NameID SCIM Username Title Manager Department

      Other SCIM Enterprise User attributes are optional. You will need to add these as custom user fields if you want to include them in your provisioning:

      employeeNumber costCenter organization division

      To create a custom field in OneLogin:

      1. Login to your OneLogin account.
      2. Go to Users > Custom User Fields in the main menu:
      3. Complete the New User Field inputs.
      4. Click SAVE to apply your changes.
    • Make Logging in via Google SSO Mandatory

      If you are using G Suite to manage your company email, then you can enable Google SSO in your Figma Organization.

      This requires members of your Organization to login using their Google managed email address. 

      An Organization Admin can enable this from the Admin Console:

      1.  Open the Admin Console in your Figma Organization:
        a. Click on the Organization’s name in the sidebar to open the Organization Page.
        b. Navigate to the Settings tab.
      1. In the General tab, find the Log in and Provisioning section. Click the Update Log In Settings link:
      2. Click the radio button next to Members must sign in with a Google Account
      3. A window will pop up which requires you to confirm the request. Check the box and click Change Sign In to proceed: 
      4. All members of your Organization will now be required to login using their Google-managed email address.

      Note: You can disable this requirement at any time, if required. To do so, you can return to this page and select the radio box next to Members may sign in with any available method, including email and password

    • Set up a Custom SAML Configuration

       

      You'll also need some additional information from your Identity Provider (idP).

      If you do not use one of our supported Identity Providers, you can set up a custom SAML configuration.

      Note: you will need the following information from your Identity Provider:

      • IdP Entity Id: This lets us know which Identity Provider you are using.
      • IdP SSO Target URL: We will use this link to connect to the Identity Provider when someone from your Organization attempts to login via SAML SSO.
      • Signing Certificate: Usually called the X509 certificate. We use this to verify your Organization via your Identity Provider.
      1. Open the Admin Console in your Figma Organization:
      2. In the General tab, find the Log in and Provisioning section. Click the Update Log In Settings link.
      3. At the bottom of the SAML SSO section click Configure SAML
      4. In the Identity Provider section, select Other.
      5. Enter the details from your Identity Provider:
        • IdP Entity ID
        • IdP SSO Target URL
      6. Upload your Signing Certificate.
      7. Click Review. Figma will prompt you to review and confirm the details are correct.
      8. Check the box to confirm This information is correct... and click Configure SAML SSO

        You will be able to address any typos, or update your settings. Return to the Log in and Provisioning page and click the Edit Configuration button.

      9. In the SAML SSO section, you can view the details of your configuration. You'll need these to complete the configuration process with your Identity Provider:
        • The SP Entity ID
        • The SP ACS URL

      Note: To complete the configuration with your Identity Provider, you will need to make sure you have configured the NameId correctly. The format you need to use is: Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"