The Shibboleth V2 IdP and SP software have reached End of Life and are no longer supported. This documentation is available for historical purposes only. See the IDP v4 and SP v3 wiki spaces for current documentation on the supported versions.


Asana general instructions are at  Unfortunately, their manual config instructions are an outdated google doc with screenshots of how to configure ADFS.  Here's the info you need for Shibboleth:


  1. EntityID is
  2. Send the user's email address as the NameID using 
  3. Asana does not support encrypting assertions or responses – don't try it

  4. In Asana, configure the HTTP-Redirect URL as the sign-on URL


Here's metadata for Asana since they don't provide any.


SP Metadata
<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" entityID="">
        <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
                <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="" index="0"/>