Asana Service Accounts & Personal Access Tokens
Asana service accounts let your workflows authenticate as a non-human bot identity instead of a person's account. The service account has its own name and its own token, managed centrally by a super admin — no one person's OAuth consent to expire, and access can be revoked without touching anyone's personal account.
There are two ways to get a token, and both work in Sim:
- Service account token (recommended for teams) — available on Asana Enterprise and Enterprise+ plans, created by a super admin in the Admin Console.
- Personal access token (PAT) — available on any plan, created from any user account. For production workflows, create it from a dedicated bot account rather than a personal one.
Both token types use the same format and paste into the same field in Sim.
Option A: Service Account Token (Enterprise / Enterprise+)
Prerequisites
You need an Asana super admin on an Enterprise or Enterprise+ plan. Service accounts are an organization-level feature — regular users cannot create them.
Create the Service Account
Open the Asana Admin Console and go to Apps → Service accounts
Click Add service account, give it a name (e.g. Sim Integration) — this is the name that will appear on tasks and comments the workflows create
Grant the service account Full Permissions. Scoped service accounts (for example, ones limited to User Provisioning / SCIM) cannot call the standard Asana API and will fail when you connect them to Sim
Copy the token when it's shown. Asana only displays it once — if you lose it, you'll have to regenerate it — plan to update the credential in Sim at the same time, since the old token stops working once it's replaced.
A service account with Full Permissions has org-wide access to all data in your Asana organization, including private projects. Treat the token like an admin password.
Option B: Personal Access Token
If you're not on an Enterprise plan, a personal access token works identically on the wire. For production workflows, create a dedicated bot user account (e.g. sim-bot@yourcompany.com) and generate the PAT from that account — a PAT is tied to the user who created it, inherits only that user's permissions, and stops working if the user is deprovisioned.
Log in as the bot account and open the developer console at app.asana.com/0/my-apps
Click + Create new token, give it a name that describes its use (e.g. Sim Integration), and click Create token
Copy the token immediately — Asana only shows it once.
Add the bot account to the workspaces and projects your workflows need. A PAT can only see what its user can see.
Adding the Token to Sim
Open your workspace Settings and go to the Integrations tab
Search for "Asana Service Account" and click it, then click Add to Sim and choose Add access token
Paste the token — service account token or personal access token, both work in the same field — and optionally set a display name and description
Click Add access token. Sim verifies the token by calling Asana's /users/me endpoint — if it fails, you'll see a specific error explaining what went wrong.
If a brand-new token fails validation with an authentication error, wait a few minutes and try again — newly created service account tokens can take a short time to become active.
The token is encrypted before being stored.
Using the Service Account in Workflows
Add an Asana block to your workflow. In the credential dropdown, your Asana service account appears alongside any OAuth credentials. Select it and configure the block as you normally would.
The block calls the Asana API (app.asana.com/api/1.0) with the token as a standard Bearer credential. There's no impersonation step — the token acts as itself: the service account identity, or the bot user for a PAT.