Premium & Enterprise authentication

By default, Asana's regular authentication apply and your Organization Members have the choice to either use a traditional password or Google SSO to log into their respective accounts.

In Premium, Business and Enterprise Organizations, Administrators can select how their Members log into Asana, set password complexity requirements and force reset all Members' passwords.

Premium, Business and Enterprise authentication settings only apply to your Organization Members. Organization Guests are not affected by your authentication settings.

Password complexity & Force password reset

Administrators have the option to force reset passwords for all Members in the Organization, and set a strength level requirement for passwords.

To manage password complexity and reset passwords

  1. Click your profile photo and select Admin Console
  2. Navigate to the Security tab
  3. Select the Password Strength tab to choose between Strong and Simple password strengths
  4. Choose Password Reset to force reset all passwords

When you force reset passwords for your Organization, Members will be prompted to reset their password upon their next log in. Members already logged into their Asana account will be force logged out and will need to reset their password.

Password strength

You can choose your password strength by clicking into the Security tab of your Admin Console and clicking on Password strength.

You can choose between a simple and strong password. Simple passwords must have at least 8 characters and strong passwords must have at least 8 characters and must include characters from at least three of the following types: lowercase, uppercase, numbers, and special characters.

password strength

Google SSO

If your company uses G Suite for business or education, and you are using the Premium or Enterprise version of Asana, you have the option to require your Members to authenticate via Google.

To change your Organization to Google SSO

  1. Click your profile photo and select Admin Console from the drop down menu
  2. Navigate to the Security tab
  3. Navigate to the Google sign-in tab
  4. Select the Members must log in with their Google Account

Once this change has been saved, any passwords associated to your Members' Asana accounts will no longer work and they will be required to use Google SSO.

If you are changing the email domain associated with your Google accounts, please contact us so that we can add the new domain to your Organization.

SAML

If your company uses an identity provider like OneLogin, Okta, LastPass, Bitium, Azure AD, SecureAuth, or Active Directory, and you're using the Enterprise version of Asana, your IT department will want to configure SAML. To set up SAML, you must:

  • Belong to an Enterprise Organization
  • Be an AdministratorAdministratorAn Organization's Administrator can update the Organization settings from the administrator console.Read more of your Enterprise Organization

Once an Enterprise Organization has been set up with SAML, the Organization Members will no longer need a password to log into their accounts. From the login page, they can just enter their email and click Log In, leaving the password field empty.

Step One: Configure your IDP

If you meet those conditions, the first step is to configure Asana with your identity provider. The steps for OneLogin, Okta, LastPass, Bitium, SecureAuth, and Active Directory are listed below, but you can also do this for other identity providers:

OneLogin

  • In OneLogin, go to Apps > Find apps
  • Search for Asana
  • Click add next to Asana
  • Click Continue
  • Copy the the sign-in page URL and x.509 certificate somewhere for use in Step Two

Okta

  • In Okta, click the Applications tab
  • Search for Asana
  • Copy the Log-in URL and the x.509 certificate for use in Step Two
  • Learn more here.  

LastPass

  • In LastPass Enterprise, first go to your Enterprise Console and select the SAML tab at the top of the console. You will then be taken to the main SAML page
  • Click the Asana app icon
  • Follow the instructions on the screen
  • Copy the Log-in URL and the x.509 certificate for use in Step Two

GSuite

  • Learn how to set up SSO via SAML for Asana here.  

Bitium

  • In Bitium, click Manage Apps from the top bar
  • Click Add An App
  • Search for Asana
  • Copy the Log-in URL and the x.509 certificate for use in Step Two
  • Learn more here.  

Azure AD

Check out this article to find out how to set up SAML for Asana with Azure AD.  

Active Directory

Check out this document to find out how to set up SAML for Asana with Active Directory.  

You could also try Okta Cloud Connect. Okta Cloud Connect is a free edition of Okta for one application. It allows you to set up Okta for AD integration and SSO for one core application. You can find more information here.  

SecureAuth

Check out this article for step-by-step instructions on setting up SAML for Asana with SecureAuth.  

Step Two: Configure Asana

After you've configured Asana with your identity provider, you now make the appropriate changes in Asana.

To change your Organization to SAML

  1. Click your profile photo and select Admin Console from the drop down menu
  2. Navigate to the Security tab
  3. Navigate to the SAML authentication tab
  4. From the SAML options field click "Required for all members, except guest accounts"
  5. Paste the sign-in page URL that you copied from Step One into its corresponding field
  6. Paste the X.509 Certificate that you copied from Step One into its corresponding field
  7. Click the Save button

We recommend that the Admin for your Organization first sets SAML to optional and tries to log in with their SAML credentials. Then after a successful login switches the configuration to required.

Once set up properly, anyone who belongs to your company's Enterprise Organization will be required to log in to their Asana account with your preferred identity provider (regardless of other Organizations or Workspaces their account may belong to).

If you are an Administrator and are having trouble with setting up SAML for your Enterprise Organization, contact us.  

Sorry, we don't support this browser

Asana doesn't work with the internet browser you are currently using. Please sign up using one of these supported browsers instead.

Choose your language

Selecting a language changes the language and/or content on asana.com