What is OAuth? #
OAuth is a secure way to let apps connect to your Asana account without sharing your password. When you create an app in Asana and authorize it inside this plugin, you’re telling Asana: “I trust this app to act on my behalf within certain limits.”
- Asana explains OAuth here: https://developers.asana.com/docs/oauth
What happens when you authorize #
- You create an app in Asana (covered in detail here).
- You then connect your Asana account through this plugin using OAuth.
- From that point on, the plugin can create and update tasks for you, based on the permissions granted by your app.
What are scopes? #
Scopes define what parts of your Asana account the app can access. Instead of all-or-nothing, scopes let you decide:
- Can the app read tasks?
- Can it create or update tasks?
- Can it manage projects or just work with your tasks?
See Asana’s documentation: https://developers.asana.com/docs/oauth-scopes
Current and upcoming behavior #
- Asana is moving toward scope-based access for all apps.
- This is a good change: it gives finer control and greater security.
- When Asana finishes rolling out scopes (or enough for the plugin to function with them):
- All existing users will need to specify the necessary scopes in their Asana app.
- You’ll need to re‑authorize your account through the plugin with those scopes.
What to expect #
- We’ll provide detailed instructions once scopes are fully in place.
- Expect updates through:
- A new blog post / documentation page
- An email notification
- A plugin update with guided steps
For now, just know that OAuth is what makes the connection possible, and scopes will soon let you define more precisely what the plugin can do in your Asana account.
