I’m currently the Manager of IT Infrastructure at a 600+ user SaaS startup and we use Asana Enterprise for a subset of our teams.
I’ve been getting frequent messages from our account rep trying to upgrade our seat count since we seemingly keep going over. This led me to dig into Asana usage and how users are getting in to our account.
We pay for Enterprise to use SSO/SCIM through Okta to control user access to Asana, like we do for nearly every other SaaS product in our stack.
Asana currently does not allow Enterprise Customers to disable users from inviting each other to the account. So even with access controls set up at the Okta level, these are being bypassed by end users who are inviting each other. What makes this especially unsavory is receiving notifications to buy more seats on our account due to pending invites (That we don’t want authorized in the first place) under the explanation that "This means that should these invited users accept their invitations, you will fall into overage. ".
We have our Asana account as locked down as it possibly can be according to their documentation, but there is a wide open gap for other users to invite each other.
Support will tell you that if the users are not assigned the app in our Okta they won’t have a license provisioned, which normally I’d agree with and have no issues. However, using these pending invites as a premise to charge for more seats is growth hacking at it’s most egregious.
Asana needs to allow Enterprise customers to disable the ability for users with no admin permission to invite each other to their platform. They have the capability to do so, as shown by the feature to disable guest invites but the feature is conveniently missing for paid seats.
Asana team, I understand this will take a lot of work for Asana to resolve. But do you have a workaround for this limitation? Can you provide a workaround to manage better and control the Asana licenses provisioning/invitation process?
This has not been addressing the issue as team admins can still invite members as they please. It would be better if the billing admin was in control of this setting. I have to monitor our membership daily and manually remove individuals who have joined overnight. And because they work on a different side of the world and is on Asana for more than 12 hours when I do my manual control, Asana still pro-rata invoices us for this. This is not acceptable
I am in the same boat. I ran into the issue…again…where team admins (aka managers) are inviting new members without requesting through IT. There are now more invites than seats, but the end user does not know that and we have no way to stop them from inviting users through the ‘back door’.