In Asana, permissions control the level of access users have to view and edit information. This enables users to balance collaboration and control while ensuring that company data remains secure. For instance, when working on a confidential project, the project team should be able to collaborate, but the information should only be shared with those who need it.
Permissions mainly occur at the object level and are options that limit access to a team, project, or task.
What is an object-based permission?
Object-based permissions determine the type of access you have as a member depending on which team, portfolio, project, or task you've been invited to.
For example, if you add someone to a team, they can access all the public projects and tasks within that team. However, they can only view private projects in that team if they are invited to the project. Object-based permissions allow you to keep sensitive information hidden.
You can also add collaborators to a task without adding them to the project. These task collaborators won't have access to other tasks in the project. Authorized members, such as a project admin or project editor, can give you access to view or edit projects.
In Asana, a single user can have multiple access levels, based on the content created and the permissions given.
Who can access what in Asana
Who can see a task?
Who can see a project?
Comment-only permissions for projects allow teammates to view or comment on projects without edit access.
Comment-only permissions are available to Asana Premium, Business and Enterprise customers.
Who can see project messages?
Who can see team messages?
Who can see a team?
Who can see an organization or a workspace?
Admin rights in Asana
The admin console is where admins manage Asana for people in an organization. The Members tab gives you an accurate count of members, pending invites, guests, and provisioning controls, so you can quickly add and remove users.
Organization admins and super admins can add, remove, and manage members and their settings, and enforce password complexity.
The admin console is where admins can manage Asana for your organization. The members tab provides you with a. accurate count of the members, guests, pending invites and provisioning controls. This allows you to easily add or remove users as needed, giving you complete control over your organization's members from a single, central location.
Organization admins and super admins can add, remove, and manage members and their settings, and enforce password complexity.
Asana Enterprise customers have additional controls. Learn more.
Guest permissions in Asana
Guests are users that don't share the organization's email domain. You can use guests to collaborate with clients, contractors, customers, or anyone without an approved organization email domain.
Learn more about guests and their permissions in our Guests FAQ Help Center article.
What is a private user?
If two people are seeing each other as a Private User, they are both guests. If guests see this, that means they are not working in either the same team or project together; this is to ensure that if you’re working with clients, they cannot see one another’s names unless you want them to. Once they are both working in the same project or team, their names will be displayed for one another.
What is a limited access member?
Limited access members have restricted access to your workspace and can only see what you've specifically shared with them. Limited access membership is useful for inviting contractors, clients, or other third parties to view specific projects and tasks without granting them access to everything in your workspace.
Learn more about limited access members in our Understanding workspaces Help Center article.
Privacy controls
Asana provides in-product admin controls, user and object-level permissions, plus the ability to define which third-party applications are accessible to your organization.
Read more about how we protect and secure your data.
Asana has established a comprehensive GDPR compliance program. Read about the significant steps Asana has taken to align its practices with GDPR.