> ## Documentation Index
> Fetch the complete documentation index at: https://authsome.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Notion (DCR)

> Log in to Notion (DCR) from authsome via OAuth2. Tokens are stored locally and refreshed automatically.

Notion (DCR) is a bundled OAuth2 provider in authsome. Notion via the Model Context Protocol endpoint. For the standard OAuth flow against `api.notion.com`, use [notion](/integrations/oauth/notion).

## At a glance

|                           |                                                |
| ------------------------- | ---------------------------------------------- |
| Provider name             | `notion_dcr`                                   |
| Display name              | Notion (DCR)                                   |
| Auth type                 | OAuth2                                         |
| Default flow              | `dcr_pkce`, Dynamic Client Registration + PKCE |
| PKCE supported            | Yes                                            |
| Device code supported     | No                                             |
| DCR supported             | Yes                                            |
| Default scopes            | (none)                                         |
| Proxy host                | `mcp.notion.com`                               |
| Env var (`access_token`)  | `NOTION_ACCESS_TOKEN`                          |
| Env var (`refresh_token`) | `NOTION_REFRESH_TOKEN`                         |

## Prerequisites

Notion's MCP endpoint (`mcp.notion.com`) supports Dynamic Client Registration. You do **not** need to register an OAuth app. Authsome registers a client automatically.

## Log in

```bash theme={null}
authsome login notion_dcr
```

The first time, authsome opens a local form at `http://127.0.0.1:7998` to collect your `client_id` and `client_secret`. They are encrypted in your vault and reused on every subsequent login. A second browser window then opens to `https://mcp.notion.com/authorize` for the authorization step.

Verify:

```bash theme={null}
authsome get notion_dcr --field status
# → connected
```

## Multiple accounts

Pass `--connection <name>` on `login` and on every read command to keep two or more accounts on the same provider side by side. See [Multiple connections per provider](/guides/multiple-connections) for the full pattern.

```bash theme={null}
authsome login notion_dcr --connection personal
authsome login notion_dcr --connection work
```

## Use the token

Run the agent under the proxy (recommended).

<CodeGroup>
  ```bash Proxy (recommended) theme={null}
  authsome run -- python my_agent.py
  ```

  ```bash Environment theme={null}
  eval "$(authsome export notion_dcr --format env)"
  ```
</CodeGroup>

Under the proxy, authsome sets `NOTION_ACCESS_TOKEN=authsome-proxy-managed` in the child's environment and injects the real token into outbound requests to `mcp.notion.com`. The child process never sees the actual value. Refresh tokens are never exported.

## Override the bundled definition

```bash theme={null}
authsome inspect notion_dcr > ~/.authsome/providers/notion_dcr.json
# edit scopes, base_url, or anything else
authsome list   # source now shows "custom" for notion_dcr
```

User-registered files always win over bundled definitions.

## What's next

<Columns cols={2}>
  <Card title="Run agents with the proxy" icon="shield-halved" href="/guides/run-agents-with-proxy">
    Inject the access token into outbound requests without exposing it.
  </Card>

  <Card title="Multiple connections per provider" icon="users" href="/guides/multiple-connections">
    Keep two or more accounts on the same provider side by side.
  </Card>

  <Card title="OAuth providers" icon="right-to-bracket" href="/integrations/oauth/index">
    All bundled OAuth providers.
  </Card>
</Columns>
