Is there an option to restrict WHO can invite others to collaborate in an organization?
OR
Is there an option to completely restrict someone outside an organization to access a file, even if he is invited by someone within ? (Admin pains)

Suggestion 1 : Some options for admin to restrict/allow others to invite others.
Suggestion 2 : Some option to restrict organization level files from outside access (even with invite)
Suggestion 3 : A new “FILE_SHARE” Webhook to catch the file share event and do some workarounds to avoid this problem.

Hey @Aby, These features are actually not provided and would be interesting to have them. I suggest that a moderator pass this conversation into Product ideas or even that you create a new topic to clearly present your suggestion.

@Gleb @Bruno_Figueiredo @Josh

Hey @Aby I moved your topic over to product ideas and edited the title just so it’s more an affirmation and not a question.

These are all paint points of mine so I get this.

I am the Director of IT from my organization so this is an issue very close to my heart. One of my biggest issues with Figma is that an administrator cannot control who is allowed to invite individuals into the system. Especially since the inviter can pass on permissions equal or less to their own, and that means an editor costs money. I understand from Figma that this was done intentionally in order to reduce the barrier to collaboration but from an Enterprise controls perspective, I simply cannot have non-admins being able to invite outsiders into the organization. An invited user starts as a “viewer” (even if they are a guest) and then they could self-upgrade themselves to editor if the admin is unable to reduce them to “viewer restricted” before that happens. Since there are no notifications to admins when someone is invited, an admin would literally have to be staring at the log all day every day, and as an IT team of 2, we simply don’t have time for this. I’d prefer to just restrict ability to invite outsiders to admin only, along with certain other capabilities in the system, such as creating teams.

Adding my vote to this. As the IT guy at my small company, I am surprised every quarter by new additions to my Figma Organization. I understand the desire for flexible collaboration in Figma, but from an organizational and cost-oversight standpoint, Figma could use some improvement. Some options that would help with this:

• Aby’s recommendations
• In lieu of a revamped invitation process that restricts invitations only to owners/admins, send a confirmation message with a CTA to the owner/admin any time an Editor sends an invitation (this should be pretty standard for any onboarding/procurement)
• Throw a notice to Editors adding new users that their Organization will be billed for any new Editors (should also be part of any checked onboarding/procurement flow)

Why doesn’t disabling public link sharing in the admin settings disable the ability to invite guests outside of the organization, as well? As a user, it is surprising that if public link sharing was disabled, I can still go ahead and invite guests.

+1 Apart from the issues already mentioned, I’ll add a couple of things that not only baffle me, they are literally stopping our IT department from allowing a wide rollout of Figma at our company:

• In the Figma Organization settings, one can define from which domains members can be created. It’s a way of capturing all users within a domain, but it also feels like a way of whitelisting a bunch of domains. However, this doesn’t prevent anybody from inviting anybody else, even with a @gmail.com address (or the address of a competitor…)

• There is this handy possibility of setting a Team within an Organization to “secret”, meaning it is not visible or searchable by anybody other than its members. However, all members can invite anybody (again from any domain) to this team, without the Team owner knowing anything about it. How is this secret?

Look, we all get the point that accessibility is the priority for Figma. Ensuring that more and more people can join Figma without any friction. Great for design but also great for Figma. Nothing wrong with that. But at the VERY least, you could implement a notification system for Team owners/admins for every new invite. And since dreaming is free: add a way for team owners/admins to be able to either accept or reject each invite. Yes, it creates a waiting time and “friction”, but we gotta strike a balance here…

Btw, here’s another thread with similar issues and some cool concept of how a reworked Admin dashboard could look like:

Request finer-grained permission control for organization admin - Product Feedback - Figma Support Forum

Thanks for mention. Just spent one day to remove unintended editors and I’m really exhausted about it. My dear Figma, Please consider these.