Is it ok to use PAT instead of of OAuth

Eitan1 · May 6, 2024, 9:40am

Hi,
I’m trying to build a plugin that integrates with Asana. I’ve been trying to learn about the OAuth and PAT systems of authentication and from what I see I can’t build a plugin without exposing the client secret to whoever will use the plugin. is it ok to use the PAT and require whoever will be using the plugin the create their own token and use that?

lpb · May 6, 2024, 4:01pm

Welcome, @Eitan1,

While it depends on the breadth of your audience and the nature of your plugin, generally speaking you’d want to use OAuth; PATs wouldn’t really be appropriate for what you’re describing.

For more details, see these:

and

Thanks,

Larry

system · May 13, 2024, 4:02pm

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
PAT vs OAuth Developers & API	5	1239	January 18, 2023
OAuth? Personal Access Token? API Key? How to get connected to Asana through our API Developers & API platform , api , authentication	7	17617	May 6, 2022
Best practices for using personal access token when developing application Developers & API	2	242	April 24, 2024
Asana API Personal Token Developers & API api	1	1345	May 24, 2022
403 Forbidden error using app PAT Developers & API webhooks	6	2566	December 1, 2019

Is it ok to use PAT instead of of OAuth

Related topics