Asana
Last reviewed: 3 months ago
This guide covers how to configure Asana ↗ as a SAML application in Cloudflare Zero Trust.
Prerequisites
- An identity provider configured in Cloudflare Zero Trust
- Super admin access to an Asana Enterprise, Enterprise+, or Legacy Enterprise account
1. Add a SaaS application to Cloudflare Zero Trust
- In Zero Trust ↗, go to Access > Applications.
- Select Add an application > SaaS > Select.
- For Application, select Asana.
- For the authentication protocol, select SAML.
- Select Add application.
- Fill in the following fields:
- Entity ID:
https://app.asana.com/
- Assertion Consumer Service URL:
https://app.asana.com/-/saml/consume
- Name ID format: Email
- Entity ID:
- Copy the SSO endpoint and Public key.
- Select Save configuration.
- Configure Access policies for the application.
- Select Done.
2. Add a SAML SSO provider to Asana
- In Asana, select your profile picture > Admin console > Security > SAML authentication.
- Under SAML options, select Optional.
- Fill in the following fields:
- Sign-in page URL: SSO endpoint from application configuration in Cloudflare Zero Trust.
- X.509 certificate: Public key from application configuration in Cloudflare Zero Trust. Wrap the public key in
-----BEGIN CERTIFICATE-----
and-----END CERTIFICATE-----
.
- Select Save changes.
3. Test the integration and require SSO
-
Open an incognito browser window and go to your Asana URL. You will be redirected to the Cloudflare Access login screen and prompted to sign in with your identity provider.
-
After this is successful, you may want to require users to log in via SSO. In Asana, select your profile picture > Admin console > Security > SAML authentication. Under SAML options, select Required for all members, except guest accounts.