Before you start
Who can use this feature
Supported on the Figma Organization plan
Only organization admins can adjust the organization's log in and authentication settings.
SAML SSO only applies to members of an organization. Guests can always log in to an organization via Google SSO or using their email and a unique password.
Organization admins can choose what method members can use to log in to the organization. These settings will apply to any member that has an email address that matches your organization's domain(s).update the
You can update these settings at any time. If you want to make change to your SAML SSO configuration, you will need to temporarily update these settings to allow members to log in via any methods.
Adjust authentication method
Adjust the authentication method in the organization's Admin settings.
- Open Figma in the file browser.
- Select Admin Settings in the sidebar.
- Select the Settings tab at the top of the screen.
- In the Login and provisioning section, click the Authentication setting.
The authenticated methods you can choose from in an Organization are:
- Members may log in with any method, including email and password (default)
- Members must log in with a Google account
- Members must log in with SAML SSO
Note: These settings only apply to members of your organization. Guests can still log in to Figma with an email address and password, even if SAML SSO or Google SSO is mandatory in your organization.
Make SAML SSO mandatory
Organizations with enhanced security requirements can configure SAML SSO.
SAML SSO lets you connect your external identity provider to Figma, like Okta or Azure AD. Members of the organization can then log in to Figma using their company email.
You can choose whether users must log in via SAML SSO, or if they can login with another authentication method.
- Select Members must log in with SAML SSO to make logging in via SAML SSO mandatory for members.
- Select Members may log in with any method, including email and password to make SAML SSO optional.
When you make SAML SSO mandatory, Figma will require members to use SAML SSO when they next log in. Guests can still use their company email address and password to access Figma.
Make Google SSO mandatory
If you are using G Suite to manage your company email, then you have two approaches available for authentication.
You can enable Google SSO in your Figma Organization. Members must use the Log in with Google option to log in using their Google-managed company email and password.
- Select Members must sign in with a Google Account to make Google SSO mandatory.
- Select Members may log in with any method, including email and password to make Google SSO optional.
Note: You can disable this requirement at any time, if required. Return to this page and select Members may sign in with any available method, including email and password instead. You will need to update your authentication method to this setting, if you want make changes to your SAML SSO or SCIM settings.
Google SAML SSO
Google also supports both SAML SSO and SCIM configurations. If you want to use Google SAML SSO and SCIM with Figma, you will need to:
- Set up a custom app for Figma in GSuite (Opens Google Support article)
- Decide if you want to make SAML SSO mandatory
- Set up a custom SAML configuration in Figma
Note: We've heard that there can be delays when setting up a custom SAML SSO app with Google. If you see a "Not a SAML app" error, or similar, we recommend trying again in a few hours. Google has some recommendations for common errors: Troubleshoot single sign-on (SSO).