Asana trigger node returning 403

Questions
,
1

Trying to set up some automation through n8n with Asana. When I try to use the trigger node, I receive a 403 error. With other nodes like “Create Task”, “Delete Task”, etc., there are no problems at all, everything works fine.

Also, the most important thing to mention is that even though I have Cloudflare Zero Trust set up, I have other nodes that also work with webhooks and I don’t have any problems there at all. All other workflows are working absolutely fine.

Describe the problem/error/question

Problem running workflow
Bad request - please check your parameters
Show Details
Asana Trigger: The remote server which is intended to receive the webhook responded with an incorrect status code: 403

What is the error message (if any)?

Please share your workflow

Share the output returned by the last node

no output

Information on your n8n setup

  • n8n version: 2.12.2
  • Database (default: SQLite): default
  • n8n EXECUTIONS_PROCESS setting (default: own, main): default
  • Running n8n via (Docker, npm, n8n cloud, desktop app): docker
  • Operating system: linux based (Unraid OS)
2

Hi @OriginalBacer , welcome to the n8n community!

Asana needs to reach my n8n webhook, and Cloudflare Zero Trust is likely blocking that request. I’d make sure the webhook URL is publicly accessible and bypass authentication for that path, then recreate the trigger so Asana can validate it successfully.

3

I checked Cloudflare, and I can definitely say that protection is fully disabled right now, even for the entire subdomain. Bup problem still exist.

4

Are you using localhost for your webhook URL? If so, Asana won’t be able to reach it.

image
image913×360 18.6 KB

5

No, I am not. I have a domain name connected to n8n: n8n.coop.pp.ua

And as I mentioned, I am already using other webhooks and they are working fine.

6

Got it, thanks for confirming :+1:
I just wanted to double-check that part.
it would help to see a bit more detail to narrow this down, could you share: json, the webhook url generated by n8n and any logs when the trigger is created ?

7

There are no logs.

Fox example this kind of webhook (it is not active already):
https://n8n.coop.pp.ua/webhook-test/b2c8f016-ed39-4be8-a11e-af6a7dea70a4/webhook

{
“name”: “My workflow 4”,
“nodes”: [
{
“parameters”: {
“authentication”: “oAuth2”,
“resource”: “123”
},
“type”: “n8n-nodes-base.asanaTrigger”,
“typeVersion”: 1,
“position”: [
0,
0
],
“id”: “0ea29f51-34a4-4ce6-9b61-9c6d48936a7c”,
“name”: “Asana Trigger”,
“webhookId”: “b2c8f016-ed39-4be5-a11e-af8a7dea70a4”,
“credentials”: {
“asanaOAuth2Api”: {
“id”: “ULKbyWOI8C0Ap6iG”,
“name”: “Asana account Oauth”
}
}
}
],
“pinData”: {},
“connections”: {},
“active”: false,
“settings”: {
“executionOrder”: “v1”,
“binaryMode”: “separate”,
“availableInMCP”: false
},
“versionId”: “a330fa8e-b742-42f5-aed3-9a3e980bb2be”,
“meta”: {
“templateCredsSetupCompleted”: true,
“instanceId”: “5bdc5835b71e85151c477b7b45d8b75998a765d3d1fa1c2a8929d80985d5e2ae”
},
“id”: “kibvDpa58wdyFr0T”,
“tags”:
}

8

And it doesn’t matter whether it’s a token or OAuth. Same problem for both of these.

9

Thanks, that helps. The test URL makes sense as an example for an inactive workflow, but it doesn’t confirm whether the Asana trigger is correctly configured in the real registration flow. What would help most here is the production webhook URL from the active workflow. I also noticed the webhook ID in the JSON does not seem to exactly match the one in the example URL, so I just want to make sure we are looking at the same trigger.

10

The maximum I can provide is a test webhook because I am not able to save the workflow, it just doesn’t allow me to publish it. I am sending you the trigger workflow again.

Webhook test: https://n8n.coop.pp.ua/webhook-test/7ef96710-7d81-4911-82e9-194a17d60c1b/webhook
Webhook prod: https://n8n.coop.pp.ua/webhook/7ef96710-7d81-4911-82e9-194a17d60c1b/webhook

{
“name”: “My workflow 4”,
“nodes”: [
{
“parameters”: {
“resource”: “1213723789648420”,
“workspace”: “1213705296701173”
},
“type”: “n8n-nodes-base.asanaTrigger”,
“typeVersion”: 1,
“position”: [
0,
0
],
“id”: “46dbe16b-a65b-4296-afcd-634dac901b7d”,
“name”: “Asana Trigger”,
“webhookId”: “7ef96710-7d81-4911-82e9-194a17d60c1b”,
“credentials”: {
“asanaApi”: {
“id”: “XjTdKi72iMETfvJU”,
“name”: “Asana account TOKEN”
}
}
}
],
“pinData”: {},
“connections”: {},
“active”: false,
“settings”: {
“executionOrder”: “v1”,
“binaryMode”: “separate”,
“availableInMCP”: false
},
“versionId”: “7d74310b-822b-4aa9-9cc9-fa8b58308045”,
“meta”: {
“templateCredsSetupCompleted”: true,
“instanceId”: “5bdc5835b71e85151c477b7b45d8b75998a765d3d1fa1c2a8929d80985d5e2ae”
},
“id”: “kibvDpa58wdyFr0T”,
“tags”:
}

11

Solved, free Cloudflare plan with “Bot fight mode” ruined everything.

1 Like
12

Hey @OriginalBacer, interesting that other webhooks work but Asana fails with 403. Few things to check: (1) Is your n8n webhook URL HTTPS? Asana requires HTTPS for webhook delivery. (2) Try regenerating the trigger in n8n and checking if the webhook validation succeeds. (3) Check n8n’s webhook logs — does Asana even attempt to send the webhook? If Cloudflare and firewall are open, this smells like an n8n-side webhook format issue. You could also try testing the Asana API directly with a curl request to your webhook URL from your terminal — if that works but Asana’s request doesn’t, it might be something about how Asana formats its webhook payload.

13

I’ve already marked the correct solution earlier in this thread, but I decided to write a detailed explanation because some of the suggestions here are simply not applicable and do not work in this specific case.

In my setup, I’m using Cloudflare Zero Trust and have it configured to bypass all traffic on a specific subdomain used for webhooks. However, when I tried to use the Asana Trigger node in n8n, it still wouldn’t work. The error looked like this:

Problem running workflow

Bad request - please check your parameters
Show Details
Asana Trigger: The remote server which is intended to receive the webhook responded with an incorrect status code: 403

Even though all the relevant firewall rules were disabled or set to bypass, the issue persisted. After digging deeper, I discovered the real problem was Cloudflare’s Bot Fight Mode.

Important detail: on the free plan, you cannot disable Bot Fight Mode per application or subdomain – it’s enabled globally. That means even if you configure bypass rules for your webhook subdomain, Bot Fight Mode can still interfere and cause 403 responses for Asana webhooks.

So the solution is:

  1. If you are using Cloudflare (including Cloudflare Tunnels), disable Bot Fight Mode globally; or
  2. Upgrade to a paid plan that allows you to turn off Bot Fight Mode for a specific app/zone and then disable it only for the application you use for webhooks.

After disabling Bot Fight Mode, the Asana Trigger node started working correctly and the 403 error disappeared. I’m pretty sure this behaviour will be the same for other webhook-based trigger nodes behind Cloudflare as well, so it’s worth checking this setting if you see similar 403 errors.

1 Like
14

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.