Skip to main content
Version: Latest

Figma

Proxy for the Figma REST API. Each managed resource exposes 10 MCP tools mapped onto api.figma.com routes, with per-route scopes (fig:user:read, fig:file:read, fig:comments:read, fig:comments:write, fig:projects:read).

Overview

Pick an auth mode at install time:

  • idp_passthrough (recommended) — each caller's own Figma OAuth token is forwarded upstream as Authorization: Bearer. The agent acts as the user; their Figma permissions apply on top of PBAC policy. Requires a Figma IdP registered on the AS.
  • static — a single personal access token is forwarded for every caller via the X-Figma-Token header (Figma PATs are not Bearer tokens). Use for unattended automations where the operator owns the Figma identity. The token is stored as a secret reference, not typed into a form field.

A managed resource is bound to one auth mode. To serve both shapes of caller, create two managed resources (e.g. figma-user and figma-bot). Policy can key off input.resource.name to apply different rules.

Setting up Figma as an IdP (passthrough mode)

Figma's OAuth is OAuth 2.0, not OpenID Connect (no id_token) — PolicyArc uses it as a login IdP the same way it uses GitHub, deriving the subject from the Bearer-authed userinfo endpoint GET /v1/me. Pick Figma in the IdP setup wizard; the bundled figma preset fills in the endpoints:

FieldValue
provider_keyfigma
authorization_endpointhttps://www.figma.com/oauth
token_endpointhttps://api.figma.com/v1/oauth/token
userinfo_endpointhttps://api.figma.com/v1/me

You supply the Client ID / secret from a Figma OAuth app whose redirect URL is the AS's /oauth2/callback. Figma refreshes tokens at a distinct URL (/v1/oauth/refresh); where that can't be targeted, users re-authenticate at expiry. Static mode is unaffected.

Policy

The connector ships one Rego rule (policy/figma.rego, package pbac.connectors.identos.figma): a require_authn_at subject obligation that fires only for idp_passthrough resources called without a Figma session. Figma enforces file/project permissions itself with the caller's own token; the connector does not reimplement that.

Reference

  • Manifest: connectors/identos.figma/connector.v1.json
  • IdP preset: src/main/resources/idp-presets/figma.json
  • Hand-written README: connectors/identos.figma/README.md
  • Upstream API docs: figma.com/developers/api