Asana Integration

Overview

Once set up, our Asana integration will export security issues and API Protect/Mobile Protect events as tickets to your instance, including detailed vulnerability data.

To authenticate to your instance, we will use an Asana application; We recommend creating a new application specifically for Data Theorem.

Setting up an integration

You can set up the integration through the Data Theorem portal. You can also find it in the devsecops page.

Open

Once on the page, click the Setup a new Integration button to begin setup.

Open

The portal will guide you through each step and ask you for:

• Creating an Asana application for integrating with Data Theorem

• An integration name, which can be any name you want for your integration

• The Client ID and Client Secret

• The Workspace ID and Project ID

• The settings for auto export of policy violations. These will dictate which issues are going to be automatically exported on your instance.

• Adding redirect URL to the recently created Asana application and get back to Verify Integration.

1 step: Create an Asana app

You will see first steps to follow in order to create Asana application.

Open

Here are the things to do:

Option A: Access directly
Go to the developer console using this link:
https://app.asana.com/0/my-apps

Option B: Access from within Asana

1. Click your profile photo in the top-right corner of the Asana app.

2. Select Settings > Apps > View developer console.

3. On the "My apps" page, click the Create new app tab.

Open

4. In the pop-up form:

   1. Enter your App Name.

   2. Under "Which best describes what your app will do?", select Integrate Asana and another tool.

   3. Agree to the Terms and click Create app.

Open

2 step: Submit credentials

In the 2nd step fill all the data related to the integration.

Open

1. Get the Client ID and Client Secret, and fill them in the form:

   • Once your application is created, you will be redirected to a page where you can see your Client ID and Client Secret.
     Copy these values and paste them into the form along with a name for your integration:

Open

2. Get the Workspace ID and Project ID, and fill them in the form.

   • In your Asana App, go to the Project page where you want security issue tickets to be transferred.

   • Copy the Workspace ID and Project ID from the URL as shown in the image, and enter them into the form also.

Open

3. Choose as well, the settings for auto export of policy violations. These will dictate which issues are going to be automatically exported on your instance.

Open

3 step: Authorize Asana

1. Copy the generated url given below in the form.

   Open

   

2. Go back to the app page you created in Asana

3. In the left menu, click OAuth

Open

4. Under Redirect URLs Click to Add redirect URL button

   Open

   

5. In the pop-up form paste the copied redirect url.

Open

6. Click Add

7. On the same page, select the following permission scopes as shown in the screenshot below:

   1. Under Projects: Read

   2. Under Tasks: Read, Write, Delete
      
      

      Open

      

       

8. Click Save Changes button

9. Get back here to click Next button to verify the integration

4 step: Verify Integration

Click the Verify Integration button and wait until it is completed.

Open

Once it is set up, issues will be exported to your instance as tickets.