It would be very helpful to have the ability to set a task as public via the API
eg. Creating a task via Zapier and marking the task public as optional would allow a bot user to create tasks for some of our teams and this in turn would mean our workflows would be even more robust.
Would you be able to comment on if the possibility to mark a task public via the API?
The current documentation does not permit this.
Thanks!
Hi @lilrkt,
There’s no actual “public/private” property on a task object. From a data model standpoint, a public task is simply a task that is not assigned to any projects or teams, and thus is accessible to the entire organization. If you just create a task and don’t assign it to any projects, by definition it’ll be a public task.
You can see a little more about this topic here:
(FYI I moved your post to the “Developers & API” forum section since, while I know it mentions Zapier, it’s more of an API question.)
I looked at this some more and actually I’m unsure about it now. In the Asana UI, there is that “Make public” button (well, link) at the top of tasks. I played with changing that for a task that’s attached to a project and I can’t find any difference in the task’s underlying data when it’s toggled public or private.
@Joe_Trollo @Jeff_Schneider @Matt_Bramlage, what change(s) occur in the underlying data model when you “make a task public” using the link at the top of a task in the UI?
There is an internal flag that is set when you click “Make public to…” in the UI. However, the API does not (and will not) expose what this flag is set to or let apps set it themselves. Visibility and access control is a complicated piece of our product, and exposing the wrong kind of information can be extremely misleading.
For example, if you see a task in the API that says the task has not been made public, and you are the only collaborator, you might assume that the task is private to you, but that’s not always correct. The task could have a parent task that you cannot see, and anyone who can see the parent task can see your task. The task could also have been multi-homed into a private project, and so all members of that project can see your task. This misinformation is a larger security risk than no information at all, which is why we do not expose this in the API.
If you want your app to create tasks that are visible to a particular team or workspace, I would recommend creating a public project in Asana, and then adding your tasks to that project so they inherit the project’s public visibility.
Ah, OK. That clears up the mystery and explains everything, thanks, Joe!
Hi Joe_Trollo, the trouble for us is that we need to avoid adding tasks to a project as it creates issues with our reporting.
Is there any way you can allow tools like Zapier to set the visibility?
Hi @lilrkt, I’m sorry, but for the reasons described in my previous post, the API will not be adding the ability to mark tasks as public to a workspace.
OK. Understood.
Hi @Joe_Trollo, we are looking for a way using the API to get a list of users that can edit or access a given task ID. Is there a simple way of handling this or will we have to use multiple API calls to check lists of projects, parent tasks, collaborator lists, etc… to build a proper list.
Without the ability to see the Private/Public flag for a task, is it even viable to build a complete list of users that has access or can edit?
Thanks
Hi @cscarola, because of the complex and numerous access control rules, it is not possible to determine an exact list of users that can modify a task, even if you did make all those API calls. Even a “public vs. private” flag would not accurately convey who can modify a task, as a task could be publicly visible but be in a comment-only project and therefore is not editable to all users.