Create task with personal access token


I’m actually trying to create a task with ASANA api with personal access token.

I use Boomerang (chrome-extension) for my test.
With POST :
Endpoint URL :
My header : Authorization: Bearer accessToken
and my body JSON

“data” : {
“name” : “name of the task”,
“workspace” : 01234567891234,
“projects” : 98765432112456

but I systematically get an error 401. (I changed the id of workspace and projects)

I do not understand why I am not allowed while I acced to the url with GET

Ty for the help !

Hello @Thomas_Delattre,

I’m pretty sure that the issue is with the authorization.

I’m using Postman, also a chrome-extension. Here’s a successful test.

But if I deliberately use an incorrect access token, here’s what I get:

Can you double check the authorization parameters?


In Boomerang, I put in Headers name: " Authorization: Bearer " and in value my token ?

I really don’t understand why with the same personal access token, I can get data from users/me, /workspace, /projects, I don’t have error 401.

How can I access url get but not for a POST :confused:

PS: Sorry for my English, I’m french

Hey @Thomas_Delattre, it’s possible to get other authorization errors, for instance that you have access to your Asana workspace (so can access /users/me), but not that particular project. “Private” projects and projects that are “Private to members” where you are not the owner / a member of the project would send back 401 when you try to access them.

Can you double check that you can successfully do a GET request to with your access token and that it works?


Hey, ty for the answer.

I have just done the test and I have access to the project with a GET request.

Unfortunately, I still can not create a task on this project with a POST request, I still get " Not authorized ".

To be sure, to create a task in a particular project :

Headers : Authorization: Bearer value_token


:thinking: Hmm. That project looks fine, and I see you’re the owner, so you should have access. However, when I go to see if you have any personal access tokens, I don’t see any associated with your account. Could you double check in your account apps settings page and clicking on “Manage developer apps” that you have a personal access token listed (screenshot below)? Could you try to do your POST request if you get a new token on that page and use it instead?

Yes, I have two personal access token.

By creating a new one, I still have not authorized.
Cf screenhot

And the new access token


Update : I finally succeeded with the help of the Asana support.

The key should be Authorization and the value should be Bearer with Boomerang !



Glad we got everything sorted out @Thomas_Delattre!

what do you exactly put in the header??

A bit old, but if it helps anyone:

Should be Key: “Authorization”. Value: “Bearer 0/d267ae6b40551be54edb7474e249bed1” .
so…“Bearer [your App token]”

Here´s a postman asana collection, includes an example with an authorized call that helped me to get it all going

hey mods. This postman collection contains an active bearer token. Remove it pls :slight_smile:

cc @Bastien_Siebman

Dunno if working tokens are forbidden, but just in case, the one included in the collection looks totally made for testing purposes… unless you really think someones it´s using the Microsoft workspace…
{“data”:[{“id”:177987220357060,“name”:“Microsoft”},{“id”:498346170860,“name”:“Personal Projects”}]}

Dunno if it is for testing purposes but an active token is an active token and someone can use it on behalf of the user.

I had to mention in case the user published it by mistake. Have a great day <3