0👍
As per the Asana API documentation, the access_token shall be passed into the Authorization header, like the following:
curl https://app.asana.com/api/1.0/users/me \
-H "Authorization: Bearer ACCESS_TOKEN"
It’s the standard way of passing an access token for OAuth2 based API. If you still struggle to get it through, you can use an API-tool (like Pizzly) that takes care of the OAuth dance for you.
Source:stackexchange.com