Figma Plugin Authentication (Sandboxed Environments)
Special authentication flow for Figma plugins and other third-party integrations.
On this page
Overview
ZapStart provides a secure way to authenticate users in restricted environments like Figma plugins, or other third-party integrations where standard authentication flows may not work due to security restrictions.
You might be surprised by what ZapStart handles for you out of the box!
Implementing secure authentication in sandbox environments is complex due to cross-origin restrictions, iframe limitations, and token management challenges - but our solution handles these complexities automatically.
When You Need This
You'll need sandboxed-environments authentication when building Figma plugins or other third-party integrations where cookies and standard login flows are restricted.
For detailed implementation instructions and technical details, you will find the documentation on how to authenticate your figma plugin with your ZapStart backend in the backend/src/routes/authRoutes.js file, at the bottom of the file. We have created speicial endpoints you can use to authenticate your figma plugin.
The authentication part handled by ZapStart when integrating with a Figma plugin is the backend side part (which is the most heavy part and where complexity is), not the client side part (the figma plugin side).
However, we have provided guidance in the backend/src/routes/authRoutes.js file to help you even write the figma plugin code and how to make the appropriate requests to the backend.
Who Can Skip This
If your application doesn't integrate with third-party platforms like figma plugins, you can safely skip this documentation and use the standard authentication flow.