Guides
App directoryDocsForumMy apps

[DRAFT] OAuth scopes

Suggest Edits

🚧

Preview

OAuth permission scopes are in preview. More scopes will be added over time, and some details may change before the anticipated final release in July 2025. Use the Full Permissions toggle to opt out of the preview and get user full access.

Asana uses OAuth 2.0 for secure user authorization. Scopes allow your app to request only the access it needs, following the principle of least privilege. That is, OAuth scopes define which parts of the Asana API your app can access. This helps users trust your app and ensures their data is protected.

📘

Getting started

For comprehensive documentation on how to register and use the scopes listed on this page, see OAuth scopes.

List of OAuth scopes

The following tables show the currently available set of OAuth scopes (subject to revision) and the corresponding API endpoints they enable. Each scope follows the documented <resource>:<action> format. For additional details on each API endpoint, visit the API reference.

Attachments

ScopeEndpoints
attachments:readGET /attachments/{attachment_gid}
GET /attachments

Goals

ScopeEndpoints
goals:readGET /goals/{goal_gid}
GET /goals
GET /goals/{goal_gid}/parentGoals

Portfolios

ScopeEndpoints
portfolios:readGET /portfolios
GET /portfolios/{portfolio_gid}
GET /portfolios/{portfolio_gid}/items

Project templates

ScopeEndpoints
project_templates:readGET /project_templates/{project_template_gid}
GET /project_templates
GET /teams/{team_gid}/project_templates

Projects

ScopeEndpoints
projects:deleteDELETE /projects/{project_gid}
projects:readGET /projects
GET /projects/{project_gid}
GET /tasks/{task_gid}/projects
GET /teams/{team_gid}/projects
GET /workspaces/{workspace_gid}/projects
GET /projects/{project_gid}/task_counts
projects:writePOST /projects
PUT /projects/{project_gid}
POST /projects/{project_gid}/duplicate
POST /teams/{team_gid}/projects
POST /workspaces/{workspace_gid}/projects
POST /projects/{project_gid}/addCustomFieldSetting
POST /projects/{project_gid}/removeCustomFieldSetting

Stories

ScopeEndpoints
stories:readGET /stories/{story_gid}
GET /tasks/{task_gid}/stories
GET /tasks/{task_gid}/stories

Tasks

ScopeEndpoints
tasks:deleteDELETE /tasks/{task_gid}
tasks:readGET /tasks
GET /tasks/{task_gid}
GET /projects/{project_gid}/tasks
GET /sections/{section_gid}/tasks
GET /tags/{tag_gid}/tasks
GET /user_task_lists/{user_task_list_gid}/tasks
GET /tasks/{task_gid}/subtasks
GET /tasks/{task_gid}/subtasks
GET /tasks/{task_gid}/dependencies
GET /tasks/{task_gid}/dependents
GET /workspaces/{workspace_gid}/tasks/custom_id/{custom_id}
GET /workspaces/{workspace_gid}/tasks/search
tasks:writePOST /tasks
PUT /tasks/{task_gid}
POST /tasks/{task_gid}/duplicate
POST /tasks/{task_gid}/subtasks
POST /tasks/{task_gid}/setParent
POST /tasks/{task_gid}/addDependencies
POST /tasks/{task_gid}/addDependencies
POST /tasks/{task_gid}/removeDependencies
POST /tasks/{task_gid}/removeDependencies
POST /tasks/{task_gid}/addDependents
POST /tasks/{task_gid}/removeDependents
POST /tasks/{task_gid}/addProject
POST /tasks/{task_gid}/removeProject
POST /tasks/{task_gid}/addTag
POST /tasks/{task_gid}/removeTag
POST /tasks/{task_gid}/addFollowers
POST /tasks/{task_gid}/removeFollowers

Teams

ScopeEndpoints
teams:readGET /teams/{team_gid}
GET /workspaces/{workspace_gid}/teams
GET /users/{user_gid}/teams

Typeahead

ScopeEndpoints
workspace.tyepahead:readGET /workspaces/{workspace_gid}/typeahead

Users

ScopeEndpoints
users:readGET /users
GET /users/{user_gid}
GET /users/{user_gid}/favorites
GET /teams/{team_gid}/users
GET /workspaces/{workspace_gid}/users

Workspaces

ScopeEndpoints
workspaces:readGET /workspaces
GET /workspaces/{workspace_gid}

OpenID Connect scopes

In addition to the resource-related scopes above, these scopes are used when requesting identity information via OpenID Connect:

ScopeAccess provided
openidProvides access to OpenID Connect ID tokens and the OpenID Connect user info endpoint.
emailProvides access to the user's email through the OpenID Connect user info endpoint.
profileProvides access to the user's name and profile photo through the OpenID Connect user info endpoint.

📘

OpenID Connect scopes

For more information about the OpenID Connect and the openid scope, view its documentation.

Updated 6 days ago

Asana Home
Asana helps you manage projects, focus on what's important, and organize work in one place for seamless collaboration.
© 2023 Asana, Inc.
Developers
Guides API reference My apps App directory Forum
Asana
Product Enterprise Partners Blog Careers
Help us improve
How was your experience using our docs?
Send feedback