Skip to content
English
Submit a Support Ticket
Contact us
  • There are no suggestions because the search field is empty.

How to Set Up SAML-Based SSO with Asana

Learn what SAML-based SSO is, why it's beneficial, and how to configure it in Asana for secure, centralized user authentication.

Understanding SAML-Based SSO

What is SAML-Based SSO?
SAML (Security Assertion Markup Language) is an open standard that allows identity providers (IdPs) to securely pass authentication credentials to service providers (SPs) like Asana. With SAML-based Single Sign-On (SSO), users can access multiple applications with one set of login credentials, streamlining the authentication process.​

Benefits of Enabling SAML-Based SSO in Asana:

  • Centralized Authentication: Manage user access through a single identity provider, simplifying user management.

  • Enhanced Security: Reduce the risk of password-related breaches by minimizing the number of credentials users need to remember.

  • Improved User Experience: Provide seamless access to Asana without requiring separate login credentials.

  • Compliance Support: Meet organizational security and compliance requirements by enforcing consistent authentication policies.​

Prerequisites

Before setting up SAML-based SSO in Asana, ensure the following:

  • You have an Enterprise or Enterprise+ Asana subscription.

  • Access to the Admin Console in Asana.

  • An identity provider (IdP) that supports SAML 2.0 (e.g., Okta, Azure AD, Google Workspace).

  • Administrative access to your IdP to configure SAML settings.​

Step-by-Step Guide to Configure SAML-Based SSO in Asana

  1. Access the Admin Console:

    • Log in to Asana.

    • Click on your profile picture in the top right corner and select Admin Console.​

  2. Navigate to Security Settings:

    • In the Admin Console, click on the Security tab.

    • Locate the Authentication section.​

  3. Enable SAML-Based SSO:

    • Click on Set up SAML.

    • You will be prompted to enter SAML configuration details provided by your IdP.​

  4. Configure SAML Settings in Your IdP:

    • Log in to your identity provider's admin portal.

    • Create a new SAML application for Asana.

    • Provide the following information (specific fields may vary by IdP):

      • Entity ID / Audience URI: https://app.asana.com/

      • Assertion Consumer Service (ACS) URL / Single Sign-On URL: https://app.asana.com/-/sso/saml

      • Name ID Format: EmailAddress

      • Attribute Statements (Optional): You may map user attributes like firstName and lastName.

  5. Obtain IdP Metadata:

    • Download the SAML metadata XML file from your IdP or note the necessary URLs and certificate information.​

  6. Complete SAML Configuration in Asana:

    • Return to Asana's Admin Console.

    • Enter the IdP metadata or upload the XML file as required.

    • Save the configuration.​

  7. Test the SSO Configuration:

    • It's recommended to test the SSO setup with a small group of users before rolling it out organization-wide.

    • Ensure that users can log in to Asana via the identity provider without issues.​

  8. Enforce SSO (Optional):

    • Once testing is successful, you can choose to enforce SSO for all users in your organization.

    • This ensures that all users authenticate through the configured SAML SSO.​

Additional Considerations

  • User Provisioning: Asana does not support automatic user provisioning via SAML. Users must be manually added to Asana or provisioned through SCIM if supported.

  • Multiple Domains: If your organization uses multiple email domains, ensure all are verified in Asana to allow SSO access.

  • How to configure Microsoft Entra SSO integration with Asana

  • Support: If you encounter issues during setup, consult your identity provider's documentation or contact Asana support for assistance.