figma guide

Designing connected accounts and OAuth linking UI in Figma: social sign-in, app permissions, and unlink flows

Design connected accounts UI in Figma with linked Google/Apple providers, third-party app permissions, OAuth consent screens, unlink confirmations, and Dev Mode handoff.

Published
Updated
Jul 06, 2026
Read time
7 min
Level
Beginner

Quick answer

Connected accounts settings let users link or unlink sign-in providers (Google, Apple, Facebook) and review third-party apps that access their data—separate from the login screen’s social buttons. Design a Linked providers section with connect/disconnect per provider, an Authorized apps list with scopes and revoke actions, and OAuth consent screens for new integrations. Unlinking requires confirmation and a last-auth-method guard so users cannot lock themselves out. Start from the Figma guides hub and pair with login, security settings, and account dashboard guides.


Who this is for

  • Product designers building account settings for social login management and integrations.
  • Design system teams distinguishing login-time OAuth buttons from settings-time link/unlink patterns.
  • Engineers implementing provider linking, token revocation, scope display, and account-merge edge cases.

Login social buttons vs connected accounts settings

SurfacePurposeKey difference
Login / register social rowAuthenticate new or returning sessionOne-click sign-in; see login guide
Connected accounts settingsManage linked identities on existing accountLink additional providers; unlink with guards
OAuth consent screenAuthorize third-party app accessShows scopes; not the same as “Sign in with Google”
Developer API keysProgrammatic accessSeparate page—don’t mix with consumer OAuth

Verdict: reuse provider brand icons and button styles from login, but settings use row + status badge + action link patterns—not full-width sign-in buttons.


ConnectedAccountsPanel anatomy

PartSpecNotes
Page title”Connected accounts” or “Sign-in methods”Under account nav
Intro copy”Manage how you sign in”One sentence
Provider rowsGoogle, Apple, Facebook, email/passwordOne row per method
Status badgeConnected / Not connected
Primary actionConnect / DisconnectText button or secondary
Email rowPrimary email + verified badgeLink to email verification
Password rowSet password / Change passwordWhen social-only account
ConnectedAccountsPanel
├── Variant: hasPassword=true | socialOnly
├── Variant: provider=google | apple | facebook | email
└── Layers:
    ├── PageHeader
    ├── ProviderRow (repeat)
    │   ├── ProviderIcon
    │   ├── ProviderLabel
    │   ├── StatusBadge
    │   ├── ConnectedEmailMeta (if linked)
    │   └── ConnectButton | DisconnectButton
    ├── EmailPasswordSection
    └── LastAuthMethodWarning (conditional)

Place near security settings in IA—users expect sign-in methods together.


Provider row states

StateUIAction
Not connectedGray badge + “Connect”Opens provider OAuth in popup or redirect
ConnectedGreen badge + masked email”Disconnect”
Connect in progressSpinner on rowDisable duplicate clicks
Connect errorInline error under row”Account already linked to another user”
Provider unavailableDisabled row + tooltipMaintenance or region block

Connect flow: same OAuth as login but with link intent—user must already be authenticated. Show success toast “Google account connected.”


StepUI
1. Trigger”Disconnect” on provider row
2. Guard checkIf last auth method → block with explanation
3. ModalConfirm dialog — consequences copy
4. Re-authPassword or active session + OTP for sensitive unlink
5. SuccessRow returns to Not connected; email notification
DisconnectProviderModal
├── Variant: canDisconnect=true | lastMethodBlocked
├── Variant: provider=google | apple | facebook
└── Layers:
    ├── WarningIcon
    ├── Headline ("Disconnect Google?")
    ├── ConsequenceCopy
    ├── ReAuthFields (conditional)
    ├── ConfirmButton (destructive)
    └── CancelButton

Last-method blocked UI: “Add a password or another sign-in method before disconnecting Google.” CTA links to set password or connect Apple.


Social-only account: add password

Many OAuth users have no password. Design inline SetPasswordForm on the same page:

FieldNotes
New passwordStrength meter from security settings
ConfirmMatch validation
Submit”Save password”

Show banner: “You’re signed in with Google only. Add a password to sign in without Google.”


Authorized apps (third-party OAuth)

Separate section below linked providers—for apps user approved via OAuth consent (analytics, calendar sync, partner integrations).

ElementSpec
App rowLogo + app name + connected date
Scopes summary”Read profile, Read orders” — human-readable
Revoke”Remove access”
Empty”No apps connected”
ExpiredGray row + “Access expired”
AuthorizedAppsList
├── Variant: state=empty | populated
└── Layers:
    ├── AppRow (repeat)
    │   ├── AppLogo
    │   ├── AppName
    │   ├── ConnectedDate
    │   ├── ScopesSummary
    │   ├── ExpandScopesLink
    │   └── RevokeButton
    └── EmptyStateIllustration

Cross-link privacy settings — revoking app access relates to data sharing preferences.


When your users authorize another product, design a dedicated consent frame—not the login page.

PartSpec
App brandingThird-party logo + name
Requesting access toYour product name + user avatar
Scope listCheckmarks per permission
Deny / AllowSecondary + primary
Privacy linkLink to your privacy policy
Account switcher”Continue as user@email.com
OAuthConsentScreen
├── Variant: scopes=minimal | extended
└── Layers:
    ├── AppHeader
    ├── UserContextRow
    ├── ScopeList
    ├── PrivacyPolicyLink
    ├── DenyButton
    └── AllowButton

Verdict: scope bullets map 1:1 to backend scopes in Dev Mode—engineers need the mapping table.


Account merge edge cases

ScenarioUI
Email already exists”Link accounts?” modal — explain merge
Provider linked to other userError: “This Google account is used by another login”
Merge previewShow which orders/wishlist data will combine
Decline mergeReturn to settings; keep separate

Design AccountMergeModal as optional advanced frame—many MVPs block duplicate provider links with clear error copy only.


Mobile layout

PatternSpec
Provider rowsFull-width; icon 24px left
ActionsRight-aligned text buttons
ModalsBottom sheet on mobile for disconnect confirm
Consent screenSticky Allow/Deny footer
Scopes expandAccordion per accordion patterns

Handoff checklist

ItemDev Mode annotation
OAuth link vs loginDifferent redirect_uri and prompt params
Provider listConfigurable enabled providers per region
Last auth method ruleBlock disconnect when count === 1 and no password
Revoke token APIPer app client_id
Scope display mapread:orders → “View your order history”
Email notificationsconnect, disconnect, new app authorized
Account merge APIOptional; document if out of scope
a11yStatus badges not color-only; modal focus trap

Pair with notification preferences for integration alert toggles.


Common mistakes

MistakeWhy it hurtsFix
Reusing login button layout in settingsWrong affordanceRow + status + text action
Allow disconnect of only auth methodAccount lockoutLast-method guard + set password CTA
Raw OAuth scope stringsUsers don’t understandHuman-readable scope list
No consent Deny buttonTrust / policy issuesEqual-weight Deny
Mixing API keys with OAuth appsConfusing IASeparate developer settings page
No email on link/unlinkUndetected takeoverSecurity notification emails
Connect without re-authSession hijack links providerRequire recent login
Identical icons at login and consentUsers think they’re signing inDifferent page title and copy

  1. Audit login SocialAuthStack from login post for icon/button tokens.
  2. Design ConnectedAccountsPanel with provider rows and badges.
  3. Add SetPasswordForm variant for social-only accounts.
  4. Design DisconnectProviderModal with last-method blocked state.
  5. Build AuthorizedAppsList with scope summaries and revoke.
  6. Design OAuthConsentScreen for partner integrations.
  7. Spec email triggers and link to security + privacy pages.
  8. Prototype connect → disconnect blocked → add password → disconnect success.

FAQ

Same page as security settings?

Sibling pages under Account—“Sign-in methods” (connected accounts) and “Security” (password, 2FA, passkeys) with cross-links.

Show provider email on row?

Yes—masked (j•••@gmail.com) so users know which Google account is linked.

Facebook login still worth a row?

Include only enabled providers—use a config-driven row component, hide deprecated providers in design file notes.

B2B SSO (SAML)?

Add Enterprise SSO row with domain hint—separate from consumer OAuth; link out to IT admin docs.

Revoke vs disconnect?

Disconnect = unlink sign-in provider from your account. Revoke = remove third-party app’s API access—different verbs, different modals.


Next steps

Share on X

§ Keep reading

Related guides.