authentication in Chrome extension

I want information and update from Asana within a chrome extension developed,
I want to access the API without a token but the browser will recognize the user inside and then allow PUT or GET calls

I seen extension “Asana Extension for Chrome” but I don’t understand ’ it’s seen very complicated

1 Like

@ShunS or @lpb, maybe you can help @yehudit_mendelman with how to mange authentication within a Chrome extension?

1 Like

Hi @yehudit_mendelman,

Usually we need an authentication method to use Asana API, either personal access token or OAuth.
However, for browser extensions, we can skip the authentication process because

you were already logged into Asana in your browser so you were able to authenticate to the API with credentials stored by your browser.

Source: https://developers.asana.com/docs/authentication-quick-start
Please note that this applies only when the user is logged into Asana.

When I developed my own code, I referenced Asana’s official Chrome extension on GitHub too. It might look complicated because it uses jQuery.

I’m not familiar with jQuery and other JS libraries, so I developed my extension in pure JavaScript.
I think the code around const xhr = new XMLHttpRequest(); in background.js might be a simpler example of calling Asana API from an extension. It corresponds to api_bridge.js file in Asana’s repository.

I hope this helps, and please don’t hesitate to ask if you have further questions!
(Disclaimer: I’m an amateur programmer and my extension is really outdated. Updating it has been at the end of my to-do list for quite a long time.)

Thank you @Phil_Seeman for looping me in!

1 Like

@yehudit_mendelman,

I created Asana2Go.

In addition to @ShunS’s good reply, see my post:

which has links to Chrome’s help for new extension developers, and Asana’s old version of its extension.

It’s not the simplest process, even though it is based on HTML, CSS, and JS. That’s because there are major security concerns and “firewalls” around three distinct spaces in your extension, the need for almost all async processing, and a special library.

It didn’t seem like your question was about OAuth. But if you have a particular question let us know. However, I think you really need to immerse yourself and learn the Chrome Extension ecosystem, if you haven’t already. Start with a very simple extension app (w/o Asana) and build on it.

Hope that helps,

Larry

2 Likes