How to link Asana account with my app's account

I am trying to integrate Asana into my app. I have successfully gotten Asana’s access token and refresh token. However, how do I link Asana’s access token to a user on my app?

I have looked at the way slack does it: https://api.slack.com/best-practices/blueprints/account-binding. Which is that the app must generate a unique code and send that code to the redirect URL and then when the app receives the code back the app will parse its database and check for the same code and it will know which user is trying to authenticate. However, I can’t seem to get the code back from Asana’s redirect URL. Any help is appreciated. Thanks!

Isn’t the user the person who is performing the OAuth authorization? If so, you already know who that user is within your code that’s performing the authorization, right?

Yes, but my app backend is serving as a medium between Asana and another application. I am doing oauth on Asana and oauth on another application. Then I need a way to link the two accounts together.

So its:

Other Application->my backend<-Asana

The other application wants to talk to Asana through my backend. But I can’t seem to figure out how to link them together since the 2 oauths are done independently.

Ultimately what I need to do is to pass a query parameter into the redirect url that I give to Asana, then when Asana redirects I want it to preserve the query parameter I passed in, is that possible?

Right now when I do oauth, I am trying to pass in a unique token as the state query parameter, so my oauth URL is: ‘https://app.asana.com/-/oauth_token?grant_type=authorization_code&client_id=’ + asanaClientId + ‘&client_secret=’ + asanaClientSecret + ‘&redirect_uri=’ + redirect_uri + ‘&code=’ + code + ‘&state=’ + uniqueToken.

However, the query I get back is:
{ code: ‘XXXXXXXXXXXXXXX’, state: ‘<STATE_PARAM>’ }
The code I get back successfully, just X-ed it out for safety, however the state is just literally <STATE_PARAM>, it does not return the param that I passed in.

Can’t your backend keep a join table of user id from on side and the other to do the matching?

1 Like