WebRiskOps

ClickUp setup

Use ClickUp setup to configure clickup_cloud, workspace_id, space_id, folder_id, list_id, auth_method and scopes before exporting tasks.

Project managers and admins

Feature availability

Product, package, provider and deployment boundaries for this page.

Available from
Current documentation
Providers
clickup
Deployment modes
cloud

Before connecting ClickUp

Use this page when the customer wants WebRiskOps to create or update ClickUp tasks for report findings or fix tasks. ClickUp is cloud-only, so setup should focus on the customer-owned workspace, space, optional folder, list, statuses, priorities, assignees, tags and custom fields instead of private-network checks. Start from `/settings` after Cloud and self-hosted integrations confirms ClickUp is a cloud target. Do not save a ClickUp token until the destination workspace, list mapping, auth summary and revoke path are clear.

Connect a ClickUp workspace and list

Follow the path `Cloud and self-hosted integrations → ClickUp cloud target → Workspace, space and list mapping → Work management export → Revoke or fallback`.

  1. Open /settings and review Integration status, then choose ClickUp setup. Result: provider_key is recorded as clickup_cloud before workspace fields are requested.
  2. Confirm ClickUp is a cloud-only target and leave base_url empty. Result: deployment_mode stays cloud and self-hosted network checks are not shown for ClickUp.
  3. Choose the customer-owned ClickUp workspace and authorize with the supported auth_method. Result: WebRiskOps can list only the workspaces, spaces, folders, lists, statuses, tags, users and custom fields the customer allowed.
  4. Select workspace_id and list_id for the task destination. Result: future work management exports know which ClickUp workspace and list own the task.
  5. Confirm optional space_id and folder_id when the list belongs inside a ClickUp hierarchy. Result: admins can recognize whether exports go to a folderless list or a folder list.
  6. Confirm status, priority, tags, assignee, custom_fields and custom_task_type when the workspace exposes them. Result: WebRiskOps can create tasks without requesting unrelated ClickUp administration access.
  7. Save only when the workspace, list and auth summary match the customer workflow. Result: ClickUp is available to work management export without exposing token values in documentation or support messages.
  8. If PROVIDER_AUTH_REQUIRED appears, reconnect ClickUp before retrying. Result: the target stays blocked until valid cloud credentials exist.
  9. If PROVIDER_SCOPE_UNAVAILABLE appears, adjust the ClickUp authorization or choose portable fallback. Result: tasks are not created without the workspace, list and task permissions ClickUp requires.
  10. Continue to Work management export after setup. Result: workspace_id, space_id, folder_id, list_id, status, priority, tags, assignee and custom field mapping use the same ClickUp provider record.

Configure ClickUp authorization

ClickUp setup should collect only the workspace and task access the customer needs.

  • `clickup_cloud` is the supported ClickUp provider key for customer-facing setup.
  • `base_url` should stay empty because ClickUp does not have a self-hosted target.
  • `auth_method` should identify the supported ClickUp OAuth or approved token flow before a credential is saved.
  • `scopes` should allow workspace, space, folder, list, status, task, tag, custom field and user lookup for the selected workspace.
  • `workspace_id` and `list_id` should be visible before ClickUp appears in work management export, with space_id and folder_id shown when available.
  • Revoke access in ClickUp first, then disconnect the ClickUp target in WebRiskOps so historical tasks keep references without keeping live credentials.

Ready ClickUp integration states

Continue only when the task destination is clear.

  • Cloud target ready means `provider_key` is `clickup_cloud` and `deployment_mode` is cloud.
  • Workspace ready means `workspace_id` belongs to the customer-owned ClickUp workspace.
  • List ready means `list_id` identifies the ClickUp list that should receive tasks.
  • Hierarchy ready means space_id and folder_id identify the ClickUp path when the selected list is nested.
  • Task field mapping ready means status, priority, tags, assignee, custom_fields and optional custom_task_type match the customer's workflow when those fields are available.
  • Scope ready means ClickUp can create tasks and read the workspace, list, tag, custom field and user metadata needed for mapping.

Blocked ClickUp setup states

Blocked ClickUp setup should explain exactly what to fix.

  • `PROVIDER_AUTH_REQUIRED` means reconnect ClickUp before saving or retrying export.
  • `PROVIDER_SCOPE_UNAVAILABLE` means the token cannot access the selected workspace, space, folder, list, statuses, task fields, tags or users.
  • A non-empty `base_url` means the customer is trying to use an unsupported self-hosted ClickUp target.
  • Missing workspace_id or list_id means work management export cannot place the task.
  • Missing status, priority, tag, assignee, custom field or custom_task_type mapping should fall back to ClickUp defaults or portable export notes when ClickUp does not expose matching fields.

Continue after ClickUp setup

Continue to Work management export when the ClickUp list is ready. Use Status sync and duplicate handling when a ClickUp task already exists, Portable export fallbacks when ClickUp permissions cannot be made safe, Asana setup when the team tracks remediation in Asana, or Generic webhook automation setup when the customer owns an automation endpoint instead of a work management list.

Related documentation

Cloud and self-hosted integrationsWork management exportAsana setupGeneric webhook automation setupStatus sync and duplicate handlingPortable export fallbacks

Was this page helpful?

Feedback goes into the product documentation review queue.