Prerequisites
Figma's SCIM API is available for customers on the Organization or Enterprise plan. The user needs to be an organization administrator.
Procedure
To get an API SCIM token:
-
Go to Figma and select Admin Settings in the sidebar, then select Settings.
-
Go to Login and provisioning section, and click SCIM provisioning.
-
And copy their API Token in Vanta's linking view.
To get your Tenant Id:
-
In the Login and provisioning section, click SAML SSO.
-
Copy the Tenant ID and paste it in Vanta's linking view.
The tenant URL is: https://www.figma.com/scim/v2/<tenant>
Keep in Mind
Unfortunately, if you have already set up an SSO (like Google SSO) that is not SAML SSO, the integration is not possible. According to Figma the integration only is possible by making a login with SAML SSO, such as:
You need to select SAML SSO on Login and provisioning section to get your Tenant ID. Once the SCIM provisioning is enabled, Figma takes a while to provision the users. Also, the token verification step fails if there are no users. So you will need to wait some time to let Figma provision the users before completing the linking flow in Vanta.