Asana streamlines user provisioning with Azure AD
Published Jun 17 2019 09:00 AM 7,187 Views



This is Sue Bohn, director of program management for Identity and Access Management. I’m pleased to feature Asana in this latest post for our Voice of the ISV (independent software vendor) blog series. Asana is a work management platform that handles managing, tracking, and achieving goals so teams can focus on the work that makes the greatest impact.


Lawrence Han, Asana’s Enterprise Product Manager, joins us to share how they integrated their platform with Azure Active Directory (Azure AD) and implemented the System for Cross-Domain Identity Management (SCIM) protocol to automate user provisioning in Azure AD. It’s quite an interesting story. I hope you enjoy it.


Three ways Azure AD helps Asana meet customer needs

Asana is a leader in the work management category. As the prominent work management platform in many organizations, our customers frequently tell us that our product must work with their identity providers, and often that’s Azure AD. When we looked at integrating with Azure AD, we considered several angles. First, did it meet our customers’ needs? We have customers in 195 countries with millions of team members using our product to manage their most important projects and tasks. Our product is usually one of many apps that users use every day. We know that for both users and IT, having to manage multiple credentials isn’t an optimal experience. When we realized that our customers really needed the convenience and security that Azure AD with single sign-on (SSO) offers, integrating our product with Azure AD became a baseline requirement.


We also looked at security. We’re pioneering a new way to work, and a key element of that is ensuring that Asana adheres to the high security standards of enterprise organizations. Azure AD provides that layer of security and assurance that IT managers and organizations are looking for. As a pioneering leader in the work management space, we were committed to partnering with a leader in the identity management space.


In the new work world, IT needs to connect and manage cloud and software as a service (SaaS) apps across the organization. Azure AD gives IT managers the ability to centrally connect and manage Asana alongside other cloud applications: adding new users, granting access across the organization, and applying the organization policies as needed. That made integrating with Azure AD compelling for us and our customers.


Improved user provisioning with SCIM

To win in the software business, you need to build what your customers want. We knew that IT managers were interested in automatic provisioning because it eases their workload. It’s what forward-looking teams seek in products beyond just credential management.


We found out that Azure AD had adopted the SCIM protocol and that was exciting for us. The SCIM protocol can drive greater consistency in how identities are managed across systems. Azure AD can be configured to provision assigned users and groups automatically to applications that implement a specific profile of the SCIM 2.0 protocol. Also, the connector offers required and optional attributes to be sent from Azure AD. We knew it was something we wanted in our product.


It was helpful to have Microsoft support during the implementation process. We kept reviewing each other’s specs and both teams were actively engaged in building and testing the product. While there are SCIM standards and industry-standard flows, there’s enough nuance in the standards that you need to refine the details. Having their input made the process easier. The documentation was also a great starting point. The implementation took a couple of months and user provisioning has been live for the last 1 ½ years.


Streamlined provisioning and SSO ease rollouts

Overall, the integration was a great success! Our customers need the ability to streamline access that automatic provisioning and SSO provide. They can’t support enterprise rollouts without it. The other advantage is that Azure AD integrates with other Microsoft products. That makes Azure AD beneficial for IT and makes it easy for our product to plug into an enterprise infrastructure.


We found that as customers move their applications to the cloud, they’re looking for quick ways to onboard new applications. If an application isn’t in a catalog, it’s a lot of work to bring it into an organization. Being in the Azure Marketplace is a real benefit for us and one that we recommend for any product.


Learn more

I hope you enjoyed reading about Asana’s integration story and will be able to apply some of their recommendations to your own integration plans. You can expect more ISV partner stories coming out soon. In the meantime, check out the Azure Active Directory Identity Blog series to read other stories about Azure AD and identity management.


If you are new to Azure AD, or need a refresher on how to connect your apps, start here. Thousands of your favorite apps are pre-integrated for single sign-on and/or automated user provisioning in our app gallery, and each have a tutorial to help get you setup.


If you’re a developer or an ISV interested in getting your app pre-integrated with Azure AD and are listed on our app gallery, start by reviewing our documentation here. If you’re a customer and would like to have a 3rd party application pre-integrated with Azure AD, you can submit your request here. Please feel free to request access. 

Version history
Last update:
‎Aug 03 2020 01:50 PM
Updated by: