OAuth providers
Figma
Set up Figma OAuth for collaborative design and prototyping
Overview
Section titled “Overview”Connect your users to Figma for accessing design files, variables, comments, and developer resources.
| Property | Value |
|---|---|
| Provider ID | figma |
| Category | Design |
| PKCE | Supported |
| Token refresh | Automatic |
| Redirect URI | Shown in Developer Portal |
Step 1: Create a Figma OAuth App
Section titled “Step 1: Create a Figma OAuth App”Go to the Figma My apps page
Navigate to figma.com/developers/apps (or click My Apps in the Figma top toolbar) and sign in.
Create a new app
Click Create a new app in the upper-right corner. Enter a name for the app, select the team or organization it belongs to, and click Create.
Get credentials
Copy the Client ID and Client Secret immediately and store them securely — this is the only time Figma shows the Client Secret.
Configure the redirect URL
In the configuration flow, open the OAuth credentials page, click Add a redirect URL, and add the Alter callback URL from the Developer Portal.
Select OAuth scopes
On the OAuth scopes page, select every scope the integration will request — only a subset of the scopes selected here can be requested at authorization time.
Publish the app
Publish the app: private apps (the default) publish immediately for the selected team or organization; public apps are reviewed by Figma before they can authorize users.
Step 2: Add to Alter Vault
Section titled “Step 2: Add to Alter Vault”Open the Developer Portal
Go to portal.alterauth.com and navigate to the application.
Add Figma provider
Go to OAuth Providers > Add Provider > Figma.
Enter credentials
- Client ID: Paste your Figma Client ID
- Client Secret: Paste your Figma Client Secret
Select scopes
Choose the scopes the application needs.
Save
Click Save. The provider is now active.
Available Scopes
Section titled “Available Scopes”| Scope | Description |
|---|---|
current_user:read | Read the authenticated user’s name, email, and profile image (included by default) |
file_content:read | Read the contents of files — nodes, layers, editor type (included by default) |
file_metadata:read | Read metadata of files (name, last modified, project, team) |
file_comments:read | Read comments and comment reactions in files |
file_comments:write | Post and delete comments and reactions in files |
file_versions:read | Read the version history for accessible files |
file_dev_resources:read | Read developer resources linked to Figma files |
file_dev_resources:write | Create and modify developer resources in Figma files |
file_variables:read | Read variables in Figma files (Enterprise plan only) |
file_variables:write | Create and modify variables in Figma files (Enterprise plan only) |
selections:read | Read the most recent selection in accessible files |
library_analytics:read | Read design system analytics (Enterprise plan only) |
library_assets:read | Read data of individual published components and styles |
library_content:read | Read published components and styles of files |
project_metadata:read | Read metadata of projects |
projects:read | List projects and the files in them |
team_library_content:read | Read published components and styles of teams |
webhooks:read | Read metadata of webhooks |
webhooks:write | Create and manage Figma webhooks |
- Figma deprecated the legacy
files:read/file_readscopes in favor of the granular scopes above. For most read-only integrations,file_content:readplusfile_metadata:readis sufficient. - A newly created app starts in a draft state: only the creator and plan admins can test it. It must be published (privately or publicly) before other users can authorize it; only public apps go through Figma’s review.
- See the Figma OAuth apps documentation for more details.