PAT vs OAuth

Hey Guys,

I understand that to use OAuth, we have to create an App. Also based on my understanding, on one end of the App there is always an user trying to access some API of Asana.

My use case is a bit different, I am writing a script that will run daily, all that script does is make some GET calls to get details of a project and store the details in one of our database.

For my use case, I think I can only use PAT, please correct me if I am wrong.

Also, is there any way to programmatically reset PATs?


Welcome, @Murali_Siddappa_Badi,

I moved your post to a category more for these types of questions.

I believe that you could use either OAuth or PAT so you could read about the differences at Asana but if the user for which you’d create the PAT provides the access you need, and only that one user is using it, I think PAT would be easier and sufficient.

I don’t think you can programmatically reset PATs; just in the developer console (Asana).


1 Like

If you use oauth, your app can use the same for ever, by refreshing the token with the refresh_token, that is not expiring.
Token lasts 1 hour, but refresh token lasts until you unauthorize it.
You can “hard code” your app using a refresh_token of a user that have full access rights to your workspace, to retrieve the data you need in your script.

1 Like

Actually, user won’t be using the script. Script will automatically run every day. Script will fetch the required data from Asana and dump the data in one of our database. From what I understand, an App should have an UI right?

For example this point " A user will arrive at your application and click a button that says “Connect with Asana.” The “Connect with Asana” button will be available on UI only right? does Asana expose an API for this?

Just to be clear, a PAT is tied to a user’s account but the user need not be present to run the script that uses the PAT so I think that may be the appropriate solution.


Thank you!

1 Like