+1 Apart from the issues already mentioned, I’ll add a couple of things that not only baffle me, they are literally stopping our IT department from allowing a wide rollout of Figma at our company:
In the Figma Organization settings, one can define from which domains members can be created. It’s a way of capturing all users within a domain, but it also feels like a way of whitelisting a bunch of domains. However, this doesn’t prevent anybody from inviting anybody else, even with a @gmail.com address (or the address of a competitor…)
There is this handy possibility of setting a Team within an Organization to “secret”, meaning it is not visible or searchable by anybody other than its members. However, all members can invite anybody (again from any domain) to this team, without the Team owner knowing anything about it. How is this secret?
Look, we all get the point that accessibility is the priority for Figma. Ensuring that more and more people can join Figma without any friction. Great for design but also great for Figma. Nothing wrong with that. But at the VERY least, you could implement a notification system for Team owners/admins for every new invite. And since dreaming is free: add a way for team owners/admins to be able to either accept or reject each invite. Yes, it creates a waiting time and “friction”, but we gotta strike a balance here…