Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.iru.com/llms.txt

Use this file to discover all available pages before exploring further.

About Figma

Iru uses OAuth 2.0 (authorization code). When you enable the source, a browser popup sends you to Figma to sign in and approve scopes (files, projects, org, teams, components, webhooks, analytics, etc.). Some scopes (for example variables:read) require Enterprise - lower tiers simply omit those datasets rather than failing outright.

How it works

DetailValue
CategoryDesign systems
AuthenticationOAuth 2.0
Recommended planOrganization or Enterprise for broad API coverage
Representative scopes include files:read, projects:read, org:read, org_teams:read, components:read, webhooks:write (for incremental updates), and analytics:read - exact lists follow the Figma authorization screen. Official references: Authentication, Scopes, REST API.

Prerequisites

  • Admin or Owner on the Figma organization you want Iru to read.

Connect Figma to Iru

Iru Compliance

1

Open Sources

In Iru Compliance, on the left navigation bar, expand Compliance and select Sources.
Left navigation: Compliance expanded, Sources selected
2

Turn on Figma

Find Figma (use Category or Search by name or description). On that card, turn on the toggle. A browser tab or window may open for the connector wizard.
3

Allow popups and start OAuth

Allow popups for your Iru site if the browser blocks them. Start the OAuth flow from the connector wizard.
4

Sign in to Figma and approve

Complete Figma login if prompted. Review the scopes and select Allow.
5

Confirm the source is Active

When the popup closes, confirm the Figma card shows Active.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Authorize with Org Admin/Owner; Editors may lack org scopes.
Re-authorize with a user who can access those teams/projects.
Re-run the OAuth flow from Iru.

Considerations

Removing the authorizing user from the org can…

Removing the authorizing user from the org can invalidate access - reconnect with a durable admin account.

See also