Skip to content

Figma Personal Access Token

Service Name: Figma

Service Description: Figma is a collaborative web application for interface design, with additional offline features enabled by desktop applications for macOS and Windows. It provides a cloud-based design tool that allows teams to collaborate on user interface and user experience design projects in real-time.

Service Address: https://www.figma.com/

Validation Type: API Auth

IP Allow list: Does not exist at the token level, but organization admins can restrict access to specific IP addresses at the organization level.

Secret Access Scope: Grants programmatic access to Figma resources including files, projects, and user information. Allows API operations based on the user's permissions in Figma.

Secret Revokement URL: https://www.figma.com/settings/user-profile/personal-access-tokens

Secret Example: figd_1AbCdEfGhIjKlMnOpQrStUvWxYz12345678901234567890

Suspicious Activity Investigation Instructions:

  • Review Figma account activity logs for unusual file access or modifications.
  • Check for unauthorized file exports or downloads.
  • Monitor for unexpected API calls or integrations using the token.
  • Verify if the token has been used from unusual locations or devices.
  • Review file version history for unauthorized changes.

Mitigation Instructions:

  • Log in to your Figma account at Figma.
  • Navigate to your user profile settings by selecting your avatar in the top-right corner.
  • Select Settings from the dropdown menu.
  • Go to the "Account" tab and scroll to the Personal access tokens section.
  • Find the compromised token and click Revoke next to it.
  • Create a new token if needed, with appropriate scopes.
  • Review any integrations or applications that were using the revoked token and update them with the new token.
  • Consider implementing organization-wide IP restrictions if available for your Figma plan.