I’m currently the Manager of IT Infrastructure at a 600+ user SaaS startup and we use Asana Enterprise for a subset of our teams.
I’ve been getting frequent messages from our account rep trying to upgrade our seat count since we seemingly keep going over. This led me to dig into Asana usage and how users are getting in to our account.
We pay for Enterprise to use SSO/SCIM through Okta to control user access to Asana, like we do for nearly every other SaaS product in our stack.
Asana currently does not allow Enterprise Customers to disable users from inviting each other to the account. So even with access controls set up at the Okta level, these are being bypassed by end users who are inviting each other. What makes this especially unsavory is receiving notifications to buy more seats on our account due to pending invites (That we don’t want authorized in the first place) under the explanation that "This means that should these invited users accept their invitations, you will fall into overage. ".
We have our Asana account as locked down as it possibly can be according to their documentation, but there is a wide open gap for other users to invite each other.
Support will tell you that if the users are not assigned the app in our Okta they won’t have a license provisioned, which normally I’d agree with and have no issues. However, using these pending invites as a premise to charge for more seats is growth hacking at it’s most egregious.
Asana needs to allow Enterprise customers to disable the ability for users with no admin permission to invite each other to their platform. They have the capability to do so, as shown by the feature to disable guest invites but the feature is conveniently missing for paid seats.
I was encouraged to make a post on the forums by the support VIP Team. I’d love to hear if any other business owners, administrators, or IT staff have similar experiences.
Thanks, as Asana experts I’d love to hear your insight on the subject.
Control over end user ingress and egress is one of the most important things to modern day enterprise companies that are beholden to regulations, certifications, audits.
Having loose controls for such an expensive piece of software is a hard sell come renewal time, no matter how wonderful the actual tool is to use.
Slightly worrying that they’re aware of the issue and that it is raised often but have not addressed it for quite a long time if the forum posts I linked are any indication.
Asana team, I understand this will take a lot of work for Asana to resolve. But do you have a workaround for this limitation? Can you provide a workaround to manage better and control the Asana licenses provisioning/invitation process?
Thanks
To update this, it’s been another quarter, and another renewal request for additional seats with pending licenses being sent out by email that cannot be claimed.
The ability to add this feature is trivial to implement, I have to imagine the only reason it isn’t already is that it’s a growth hacking tactic.
It’s unacceptable for an Enterprise product with Enterprise pricing to restrict toggles like this.
This has not been addressing the issue as team admins can still invite members as they please. It would be better if the billing admin was in control of this setting. I have to monitor our membership daily and manually remove individuals who have joined overnight. And because they work on a different side of the world and is on Asana for more than 12 hours when I do my manual control, Asana still pro-rata invoices us for this. This is not acceptable