About Asana
The Asana connector pulls workspace, team, project, and membership information your controls need for access reviews and operational evidence. The integration uses OAuth 2.0 (authorization code). The Asana user who completes consent must already see the workspaces and teams you expect to audit - otherwise collections will look incomplete even after a successful login.How It Works
Iru redirects you through Asana’s OAuth screen and stores tokens so refresh can happen without asking you to sign in every hour. Scopes are read-oriented - they let Iru enumerate teams, users, projects, workspaces, and memberships appropriate for compliance reporting.| Detail | Value |
|---|---|
| Category | Project management |
| Authentication | OAuth 2.0 |
| Plans | Premium, Business, or Enterprise tiers align with API capabilities Asana exposes to integrations |
Prerequisites
- An Asana account with visibility into the workspaces, teams, and projects you want evidence for (often a workspace admin).
- Browser pop-ups allowed for your Iru hostname - the OAuth window opens as a popup.
Connect Asana to Iru
- Asana
- Iru Compliance
Complete this tab before you enable the source in Iru Compliance, so the right user is ready for OAuth.
Sign in to Asana
Open asana.com and sign in with the account you will use in the OAuth popup (often a workspace admin with broad visibility).
Confirm workspace coverage
Open each workspace, team, and project your compliance program expects in evidence. If this user cannot browse it in the Asana UI, Iru cannot read it either.
Review OAuth documentation (optional)
Skim Asana OAuth so you know which read scopes the consent screen will reference.
Continue on the Iru Compliance tab.
Troubleshooting
Nothing opens when you turn the source on
Nothing opens when you turn the source on
Check pop-up blocker settings for the Iru site and try again.
Popup blocked
Popup blocked
Allow pop-ups for your Iru domain, disable the source, then enable it again.
Insufficient permissions in Asana
Insufficient permissions in Asana
Re-authorize with a user who can see the missing workspaces or teams.
Empty data
Empty data
Confirm the authorizing user belongs to real teams/projects - brand-new accounts may have nothing to read.
Disconnected later
Disconnected later
Tokens expire roughly hourly; Iru refreshes automatically unless the authorizing user was deactivated - re-run OAuth with an active account.
Considerations
The connection follows whichever Asana user…
The connection follows whichever Asana user authorized it - transfer ownership before that person offboards.
Asana rate limits large workspaces; first sync can…
Asana rate limits large workspaces; first sync can take several minutes.
Related Articles
Sources Management
Browse and manage every Compliance source.
Getting Started With Compliance
Frameworks, actions, and Artifacts.
Iru Overview
How Endpoint, Compliance, and Identity fit together.
Artifacts Management
Upload, review, and organize evidence from sources and actions.