Skip to main content

The Supabase Figma OAuth integration appears to have been broken after recent deprecation of `files:read`. Supabase itself is appending `files:read` scope to the OAuth initiation URL which appears not to be a valid scope for the OAuth app I have, despite the email mentioning there’s a grace period until mid-November for the switch-over.

 

This has now broken a lot of important flows in the platform that I’m building, thus it’s not even possible to submit the OAuth app for review to publish it publicly, as well.

We experienced the same problem when creating a new Figma OAuth app and integrating it to Supabase.
It’s solved by overriding the scope with current_user:read:

await supabase.auth.signInWithOAuth({
  provider: "figma",
  options: {
    redirectTo: rediretTo,
    queryParams: {
      // override the default files:read scope
      scope: "current_user:read",
    },
  },
});

 

Hi friends - I’m a PM at Figma. Just wanted to reiterate that it is already possible to specify your own scopes. Users can send options:{scopes: 'xyz'} in the signInWithOAuth function. You can check the Sign in with scopes and access provider tokens example in the right side of this section in the docs.

I’ve also reached out to Supabase and asked them to update their default scope to be `current_user:read`

Thanks for the flag!

Terms & ConditionsCookie settingsAccessibility statement