Skip to main content

Authentication Method

Personal Access Token Setup

Step 1: Create a Personal Access Token

  1. Log in to figma.com
  2. Click your profile icon → Settings
  3. Scroll to the Personal access tokens section
  4. Click Generate new token
  5. Give it a name (e.g., “Corsair Integration”)
  6. Copy the token immediately — you won’t be able to see it again
  7. Store it securely
Storing Credentials: 
pnpm corsair setup --plugin=figma api_key=your-personal-access-token

Webhook Setup (Optional)

Figma webhooks use a passcode for verification (not an HMAC secret).
  1. Use the Figma API or Corsair to create a webhook (corsair.figma.api.webhooks.create)
  2. Provide a passcode in the webhook creation request
  3. Store it as the webhook_signature:
pnpm corsair setup --plugin=figma webhook_signature=your-webhook-passcode

Required Credentials Summary

CredentialRequired ForWhere to Find
Personal Access TokenAll API callsFigma Settings → Personal access tokens
Webhook PasscodeWebhook verificationSet when creating the webhook
For general information about how Corsair handles authentication, see Authentication.