The Asana API is a RESTful interface, allowing you to programmatically update and access much of your data on the platform. It provides predictable URLs for accessing resources, and uses built-in HTTP features to receive commands and return responses. This makes it easy to communicate with from a wide variety of environments, from command-line utilities to browser plugins to native applications.
Learn more about the Asana API on the Asana Developers Site.
Asana Connect is an easy and secure way to grant API access to third-party applications without sharing your username and password.
Asana Connect uses OAuth 2.0, an industry standard for authentication. You have likely used OAuth to authenticate and log in to services using your Facebook, Twitter, or Google accounts.
Always use discretion when approving access to your account. Carefully read any access or permission requests from the services to which you are connecting. It is also recommended that you regularly review apps you have authorized and revoke access from integrations you no longer want or need to have access to your account; you can always grant access again later.
To review your account’s authorized applications:
You can revoke an app’s access at any time from this tab using the Deauthorize button next to that app’s name.
Manage Developer Apps
If you’re a developer, use the Developer App Management page to create Personal Access Tokens and access your API Key.
To access the Developer App Management page:
From the Developer App Management page, you can:
- Manage or register apps that you own
- Manage or create new Personal Access Tokens
- View your API Key
Personal Access Tokens
Personal Access Tokens provide individuals with a low friction means to access the Asana API when writing scripts, working with command line utilities, or prototyping applications. In most cases you should not provide personal access tokens to applications you do not know or fully trust the creator of.
Creating a Personal Access Token
- Click your profile photo from the topbar
- Select My Profile Settings…
- Open the Apps tab
- Click Manage Developer Apps
- Click + Create New Personal Access Token
Create a Personal Access token from the Developers App Management page:
- Type a description of what you’ll use the Personal Access Token for
- Click Create
- Copy your token and use it to authorize requests
Read more about working with authentication in the Asana API in our developer documentation.
Applications that support accessing Asana on behalf of many users should make use of Asana Connect rather than Personal Access Tokens.
It’s good practice to regularly review and deauthorize access tokens you no longer want or need.
API Key (Deprecated)
The API Key is being phased out and will eventually not be supported for use with the Asana platform.
If you are an Asana user looking for your API Key so that you can provide it to an application, you may not be able to use that application until the developer updates it to use one of Asana’s alternative forms of authentication. Asana cannot give you access to the application—you must contact its developer.
If you are a developer, you should switch your application to use OAuth instead. For more information, you can learn more about the API Key deprecation and solutions for your application here.