Service Account Token expiration rules

Hello,

I am working on a project which requires me to extract information from tasks from all projects within an Asana workspace. I have searched and found out that an easy way to achieve this is by using the Asana API and a service account token (since the workspace is on Asana Enterprise).

I have decided to use the Asana Python library for this.

I am not an Asana Admin and so I had to receive the token from another person. The issue is that when I tried to use the token, I received the following error:
image

When I asked them to send me a different token, the same issue occurred. I do have to say at this point that for both of these cases, there was a significant time (at least a couple of hours) between the token being generated and me using it in my script.

The only time when I managed to make it work was when I used a new token right after it was generated.

Thus, my question is, is there a time limit in which a service account token needs to be used before it “deactivates” itself and a new one needs to be generated?

And secondly, is there an expiry date for a service account token?

I wasn’t able to find anything about this in the Asana documentation so any help on this would be greatly appreciated.

Thank you very much!

Hi @Rares_Lungu,

The expiration time is one hour. It’s mentioned here (but only parenthetically):

https://developers.asana.com/docs/oauth

The application can now use the Token Exchange Endpoint to exchange the code, together with the Client Secret, for a Bearer Token (which lasts an hour) and a Refresh Token (which can be used to fetch new Bearer Tokens when the current one expires).

1 Like

Hello @Phil_Seeman and apologies for taking so long to reply. Thank you very much for the information. I guess I just didn’t look hard enough.

Appreciate you taking the time to reply :raised_hands:

1 Like