Block domain user from adding their own account

Is there a way to stop user in our domain from being able to just add themselves Asana accounts? I would like users to request or be given the access from an admin and not be able to just set it up on their own.

1 Like

Same issue here, meaning that people just like Asana and always put new stuff in, but it is difficult for the admin to manage the account. @Marie can you let us know if we do have an option to have them request before adding new people to the organization?

In the meantime, @Keith_Piccininno, on our side, we have issued our Asana Convention to guide people with the do’s and don’ts, but is it still based on their good faith :slight_smile:

Hi @Sebastien_Levesque and @Keith_Piccininno. At the Organisation level, that’s not possible, everyone sharing your domain will automatically be able to join your Organisation in Asana; I don’t believe we’ve planned to change this in the near future. However, you can restrict access at the Team or Project level. You can for example set your Team to “Request to Join” (Team permissions | Product guide • Asana) or can retsrict your project visibility to “Project Members only” Project permissions | Product guide • Asana.

Hope this helps!

@Marie - I know this is an old question, but I have the same concern. I’m not as worried about it from a privacy perspective, but I’m concerned that people with our domain can just add on and take us over our billing limit. I’ve seen us go over more than once and I have to clean up. Giving some type of admin verification here would be helpful, as our 400 person company is a bit hard top micromanage manually.

Hi @Tyler_Comfort, thanks for reaching out! :slight_smile: If you have a paid plan associated with your Organization and you need to limit the number of members, I suggest you to move you paid plan to a team instead. By doing so you will be able to control how many members you want to invite. For more details, please contact our support team: How to contact our Support Team ✉ - #2

Hi @Emily_Roman, can you please elaborate more on your response. I currently manage a “Premium organization”, and we need to limit who gets automatically invited into the account, we keep deactivating users and they keep coming back.

1 Like

Hi @George_Acosta, we currently offer the options to upgrade the entire Organization, a Team or just specific Teams (we call it a Division). The two last options give you the option to control over members and how many seats you have on your paid plan. I’m sure our support can give you more details and a tailored answer depending of how many members you have!

@Emily_Roman - This still doesn’t prevent users from inviting whomever they want to the organization… and/or inviting incorrect users being auto-added when there’s an open seat. This effectively rules the Admin useless. What’s the point in an Admin, if just anyone can invite users to a paid account? It’s like playing whack-a-mole to get rid of bad user accounts.

2 Likes

@Emily_Roman I have the same issue. Admins need the ability to authorize end users prior to the account being automatically upgraded, which drives the billing cost above budget. The current terms of use state that:

** Asana reserves the right to calculate the total number of End Users periodically and, if the number of End Users exceeds Customer’s current Subscription, then Asana reserves the right to invoice Customer for the applicable tier on a pro rata basis for the remaining period in Customer’s Subscription Term, so that all End User Subscription Terms coincide and are co-terminus.*

** “End User” means an individual who is authorized by Customer to use the Service under Customer’s account. End Users may include, without limitation, Customer’s or its Affiliates’ employees, consultants, contractors and agents.*

The key word here is authorized. Without a process to authorize end users, anyone with knowledge of the organization’s email domain can create an account. And because a domain is required at signup, it automatically commits the organization to pay for users that create accounts associated with their domain, whether authorized or not. This is highly problematic for the admin. Thank you for addressing the issue!

4 Likes

Unfortunately after reaching out to Asana customer support, I was unable to resolve this issue many of us are experiencing. I will be switching to another project management tool. Without an authorization process in place for admins to approve new users, there is no explicit consent for increasing subscription levels/customer cost. The terms of service do not define “authorized user.” Other SaaS solutions require admins to explicitly approve billing upgrades and the addition of paid user accounts. It’s disappointing that Asana’s guidance is essentially to monitor the account to manually verify that the subscription wasn’t auto-upgraded, because the product is otherwise very solid and I’ve been a fan for years.

CC: @NicoleK @Marie I hope this issue is brought to the attention of the compliance and product teams to avoid hassle for future customers. Thank you for reviewing these comments!

1 Like

How is this STILL not a thing? Our Finance team is asking that we look into other PM tools because of this issue, and it blows my mind that we can’t, in any way, regulate who adds on to our team, as long as they have our email domain name. It’s crazy. Someone could just go to tag someone in our org, click “add,” and, voila, we’re paying for a new user with no oversight whatsoever. Asana - you HAVE to change this!

2 Likes

This topic was automatically closed after 4 days. New replies are no longer allowed.