[New] V2 MCP server now generally available!

English Forum Developers & API Changelog
1

Summary

The Asana MCP server is now generally available with the release of V2. This update introduces a new client registration model, an optimized tool set, support for Streamable HTTP, and workspace scoped authorizations.

The previous beta release of the MCP server (now referred to as V1) is deprecated as of today and will be shut down in 3 months. The V1 redirect URI allowlist is frozen, so all new integrations must use V2.

What’s improved in V2:

  • Simplified client setup: Create and manage MCP clients directly in Asana’s developer console using OAuth pre-registration (no more dynamic client registration or allowlist requests).
  • Customer control of MCP access: Asana admins using App Management can now allow or block specific V2 MCP clients, just like any other integration.
  • Leaner tool set: Consolidated tools focused on core functionality, reducing context window usage and improving reliability
  • Streamable HTTP support: Modernized transport aligned with the current MCP standard
  • Workspace-scoped authorization: MCP access will be limited to a specific Asana workspace going forward so that the user’s workspace can be assumed during a session.

These changes respond directly to developer and customer beta feedback about security, setup friction, token management, and server ergonomics. More details on these changes below!

What’s new

V2 MCP server

The V2 MCP server is available at:

https://mcp.asana.com/v2/mcp

New client registration model

V2 moves from OAuth dynamic client registration (DCR) to self-service pre-registration in Asana’s developer console. You now create MCP clients directly in the developer console with full control over OAuth settings and workspace distribution.

This change eliminates the need to request redirect URI allowlist additions and gives organizations better visibility into which clients can access their data.

For complete setup instructions, see our integration guide.

AsanaMCP-Auth-Part12

Customer control of MCP access

V2 gives Asana customers control over which V2 MCP clients access their organization’s data.

For admins: Organizations using App Management can now allow or block specific V2 MCP clients, just like any other Asana integration. This will bring MCP access under the same governance policies you already have in place.

For end users: Users can see exactly which client is requesting access before granting permission.

Optimized tool set

We’ve consolidated the V2 tool set to focus on the core Asana functionality users most often access through MCP. This responds to feedback that the previous tool set was too broad, and reduces context window usage so AI assistants can work more efficiently.

Tool names are also simplified (e.g., create_task instead of asana_create_task).

Note: We’ll continue evolving the tool set based on usage patterns and feedback. Tools may be added, updated, or deprecated over time. Use the tools/list MCP command to get current tool metadata, and subscribe to this changelog for updates. Treating tool names and interfaces as static could result in breaking changes.

Streamable HTTP

V2 modernizes transport support by adopting Streamable HTTP, the current MCP standard for client-server communication. All traffic is consolidated into a single endpoint at https://mcp.asana.com/v2/mcp. The /sse endpoint will not be supported in V2.

Workspace-scoped authorization

Users now select a workspace when authorizing MCP access, so the server knows which workspace to use for the session. This eliminates extra tool calls we saw in V1 where models had to fetch workspace information repeatedly. The tradeoff is that MCP sessions can only access one workspace at a time.

Screenshot 2026-02-03 at 12.47.00 PM
Screenshot 2026-02-03 at 12.47.00 PM1424×756 52.1 KB

Who is affected

If you’re currently using the V1 MCP server (with dynamic client registration), you’ll need to migrate to V2 within 3 months. After the deprecation period ends, V1 will no longer be supported and V1 clients will stop working.

If you’re building a new MCP app, use the V2 MCP server and optionally submit your app to be published. The V1 redirect URI allowlist is now frozen and no longer accepting new entries.

Why we’re making this change

This update addresses feedback we heard during beta:

  • Simpler setup: Create clients directly in the developer console without managing allowlists or dynamic registration
  • Customer control: Organizations can manage V2 MCP client access through App Management, just like other integrations
  • Modernized transport: Streamable HTTP alignment with the current MCP standard
  • Focused tool set: Core tools reduce context window usage

How to migrate

To migrate from V1 to V2:

  1. Create an MCP app in Asana’s developer console
  2. Configure your OAuth settings and workspace distribution
  3. Update your MCP client to use the new client ID and client secret
  4. Point your client to the V2 server URL (now using Streamable HTTP): https://mcp.asana.com/v2/mcp
  5. Update any tool references to use the new simplified names (e.g., create_task instead of asana_create_task)

Existing V1 tokens and clients will continue to work until the deprecation period ends. After shutdown, all V1 clients will stop working regardless of token validity.

For detailed setup instructions, see our integration guide.

Timeline

Now:

  • V2 MCP server is generally available
  • V1 redirect URI allowlist is frozen (no new entries accepted)
  • New integrations must use V2

May 11, 2026 (3 months from now):

  • V1 MCP server will be shut down
  • Existing V1 integrations must migrate to V2 or they will stop working

FAQ

Why are you reducing the number of tools available in V2?

We consistently heard feedback that the V1 MCP server had too many tools. Large tool sets can overwhelm the context window and cause models to struggle with tool selection—Anthropic wrote about this challenge in November 2025.

The V2 tool set focuses on core Asana functionality based on usage data from our beta. We removed tools that were rarely used or duplicative, reducing the total count by more than half.

We plan to continue improving and carefully adding to the tool set in the coming months. We’d appreciate your feedback, and recommend that clients refresh Asana tool metadata frequently to get the latest updates and avoid breaking changes.

What changed:

  • Dropped: Lesser used tools related to goals management, allocations, time periods
  • Consolidated: Redundant query tools (e.g., separate “get projects for team” and “get projects for workspace” are now a single tool)
  • Renamed: Tool names no longer use the asana_ prefix (e.g., create_task instead of asana_create_task)
  • Streamlined: Workspace-scoped authorization means many tools no longer require a workspaceGid parameter

Will the V2 tools change in the future?

Yes. We plan to continue improving the tool set in the coming months based on feedback, usage patterns, and evals. Tools may be added, updated, or deprecated over time. We recommend:

  • Using the tools/list MCP command to get current tool metadata
  • Subscribing to this changelog for updates
  • Building your integration to handle tool schema changes gracefully

Why are you dropping support for dynamic client registration?

Dynamic client registration made it easy to get started quickly but introduced security challenges and made it difficult for organizations to manage which clients could access their data through MCP. Since our beta launched, MCP maintainers acknowledged these challenges and relaxed their guidance on DCR support (from SHOULD to MAY).

Moving to OAuth pre-registration comes with usability tradeoffs for some users. For example, when an Asana MCP integration isn’t already available, users may need to register a custom app. We believe the security benefits and organizational control outweigh this friction. We’re also working with MCP client developers to ensure a smooth transition.

What happens if I miss the deadline to migrate to V2?

After the 3-month deprecation period ends, V1 will be shut down and your integration will stop working. We recommend migrating as soon as possible to avoid disruption. Reply here or request support at help.asana.com if you need help with migration.

Why can’t I use MCP tokens with the Asana API?

Asana issues separate tokens for MCP apps and API apps following MCP security best practices. This separation limits the scope of access for each token type. If a token is compromised, the blast radius is contained.

If you need to make standard Asana API requests, create a separate API app in the developer console and obtain tokens through the standard OAuth flow. If you have use cases for accessing both with a single client or token, please let us know!

Can I still get my redirect URI added to the V1 allowlist?

No. The V1 allowlist is frozen and no longer accepting new entries. All new integrations must use V2.

If you have questions or run into issues migrating to V2, please reply here or reach out at help.asana.com. We’d love to hear your questions or feedback on V2.

Thanks,
John

4 Likes
Claude add asana mcp failed, Asana MCP Server - TLS Certificate Error
2

I just tried to authenticate to the V2 MCP server using VSCode but kept receiving the following error:

[warning] Error fetching resource metadata: Error: Protected Resource Metadata 'resource' property value "https://mcp.asana.com/v2" does not match expected value "https://mcp.asana.com/v2/mcp" for URL https://mcp.asana.com/.well-known/oauth-protected-resource/v2. Per RFC 9728, these MUST match. See https://datatracker.ietf.org/doc/html/rfc9728#PRConfigurationValidation

The url https://mcp.asana.com/v2 itself leads to a 404, and https://mcp.asana.com/v2/ does not work either as it also does not match.

This mismatch leads to Asana returning:
Received 401 status with Authorization header, retrying with new auth registration. Error details: {“error”:“invalid_token”,“error_description”:“Invalid token signature - token was not issued by Asana OAuth”}

3

Hi @Scion,

I just wanted to quickly reply to thank you for sharing this. We’re looking into it, and I will report back here.

4

Hi @John_Baldo, I started experimenting with the Asana MCP server today. I configured the server URL in my Codex config.toml and attempted to authenticate using the codex mcp login asana command with the v2 URL, but it didn’t work.

Is this related to the client pre-registration requirement you mentioned in your article? If so, do you have a guide that explains how to configure the client ID and client secret for CLI-based tools like Codex or Claude Code? The official documentation seems to focus on the app/UI-based client rather than CLI client.

Thank you.

5

@Scion, We are checking in with MCP maintainers and VS Code about this resource metadata validation. In the meantime, you can continue using the V1 MCP server at https://mcp.asana.com/sse We are committed to providing VS Code support in V2 and will resolve this before shutting down V1. I will continue to report back here. Thanks for your patience and thanks again for sharing this.

@Hao_Jie_Wong , Thanks for that feedback. We will work on providing or linking to documentation for CLI / config file interfaces and check in with Codex and others on support for client pre-registration.

1 Like
6

Hi, I don’t think it’s currently possible to configure an OAuth client ID and client secret directly in Codex, based on their docs and this related issue.

I was able to connect to Asana MCP v2 by proxying it through mcp-remote server instead, using the following setup:

[mcp_servers.asana]
command = "npx"
args = [
  "-y",
  "mcp-remote",
  "https://mcp.asana.com/v2/mcp",
  "--static-oauth-client-info",
  "@<path-to-your-client-info.json>",
]
startup_timeout_sec = 60

The client-info.json file simply contains the required OAuth client_id and client_secret after you pre-register your MCP app:

{
  "client_id": "...",
  "client_secret": "..."
}

That said, I’d still really like to see docs that explains how to set this up properly for non-UI tools (e.g. tools like Claude Code (I think Claude supports specifying client info, unlike Codex) and Codex CLI.

1 Like
7

I can’t post more than two links yet as a new forum user, but here’s the mcp-remote repo:
mcp-remote

mcp-remote

1 Like
8

@Hao_Jie_Wong Huge thanks for sharing this. We will be working on documentation updates over the next couple weeks. Apologies for not having those in place from the start!

2 Likes
9

Great news! Is it possible to access Asana goals through MCP?

10

@John_Baldo any idea?

11

Hi @François_Lecomte, and welcome to the forum!

At the moment, MCP V2 doesn’t include a dedicated get_goals tool. However, you can still retrieve goals by using the search_objects tool. It allows you to search for goals by providing the goal name—or even just a partial match.

This is an intentional design choice as part of a broader effort to consolidate tools. The goal is to keep the toolset leaner and more focused, which helps LLMs better understand what actions to take, reduces context window usage, and improves overall reliability.

As a reminder, you can always check which tools are available by running the tools/list MCP command or by connecting to the Asana Remote MCP server using one of the available inspectors, such as MCP Inspector or Postman.

Hope this helps, let us know if you have any follow-up questions!

Best,
Dominik

3 Likes
12

Can you please get Asana registered with Cursors available MCP server list? The docs are a bit too confusing for me to get this set up.