The Asana API is a RESTful interface, allowing you to programmatically update and access much of your data on the platform. It provides predictable URLs for accessing resources, and uses built-in HTTP features to receive commands and return responses. This makes it easy to communicate with from a wide variety of environments, from command-line utilities to browser plugins to native applications.
Learn more about the Asana API on the Asana Developers Site.
Asana Connect is an easy and secure way to grant API access to third-party applications without sharing your username and password.
Asana Connect uses OAuth 2.0, an industry standard for authentication. You have likely used OAuth to authenticate and log in to services using your Facebook, Twitter, or Google accounts.
Always use discretion when approving access to your account. Carefully read any access or permission requests from the services to which you are connecting. It is also recommended that you regularly review apps you have authorized and revoke access from integrations you no longer want or need to have access to your account; you can always grant access again later.
To review your account’s authorized applications:
You can revoke an app’s access at any time from this tab using the Deauthorize button next to that app’s name.
Manage Developer Apps
If you’re a developer, use the Developer App Management page to create Personal Access Tokens and access your API Key.
To access the Developer App Management page:
From the Developer App Management page, you can:
- Manage or register apps that you own
- Manage or create new Personal Access Tokens
- View your API Key
Personal Access Tokens
Personal access tokens provide individuals with a low friction means to access the Asana API when writing scripts, working with command line utilities, or prototyping applications. In most cases you should not provide personal access tokens to applications you do not know or fully trust the creator of.
Applications that support accessing Asana on behalf of many users should make use of Asana Connect.
You are required to enter a description for each access token in order to easily remember its individual purpose.
You are also encouraged to regularly review and deauthorize access tokens you no longer want or need.
API Key (Deprecated)
The API Key is being phased out and will eventually not be supported for use with the Asana platform.
If you are an Asana user looking for your API Key so that you can provide it to an application, you may not be able to use that application until the developer updates it to use one of Asana’s alternative forms of authentication. Asana cannot give you access to the application—you must contact its developer.
If you are a developer, you should switch your application to use OAuth instead. For more information, you can learn more about the API Key deprecation and solutions for your application here.