> ## Documentation Index
> Fetch the complete documentation index at: https://authsome.ai/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Notion

> Log in to Notion from authsome via OAuth2. Tokens are stored locally and refreshed automatically.

Notion is a bundled OAuth2 provider in authsome. Notion pages, databases, and blocks within workspaces the user grants.

## At a glance

|                           |                           |
| ------------------------- | ------------------------- |
| Provider name             | `notion`                  |
| Display name              | Notion                    |
| Auth type                 | OAuth2                    |
| Default flow              | `pkce`, PKCE browser flow |
| PKCE supported            | No                        |
| Device code supported     | No                        |
| DCR supported             | No                        |
| Default scopes            | (none)                    |
| Proxy host                | `api.notion.com`          |
| Env var (`access_token`)  | `NOTION_ACCESS_TOKEN`     |
| Env var (`refresh_token`) | `NOTION_REFRESH_TOKEN`    |

## Prerequisites

You need to register an OAuth app with Notion once. Create a public OAuth integration in your Notion workspace settings. Set the redirect URI to authsome's callback.

The redirect URI must be:

```text theme={null}
http://127.0.0.1:7998/auth/callback/oauth
```

This is the only callback URL authsome's PKCE flow listens on.

Dashboard: [https://www.notion.so/my-integrations](https://www.notion.so/my-integrations).

<Note>
  Notion's standard OAuth flow does not use PKCE. For an MCP-style flow with DCR, use [notion\_dcr](/integrations/oauth/notion-dcr) instead.
</Note>

## Log in

```bash theme={null}
authsome login notion
```

The first time, authsome opens a local form at `http://127.0.0.1:7998` to collect your `client_id` and `client_secret`. They are encrypted in your vault and reused on every subsequent login. A second browser window then opens to `https://api.notion.com/v1/oauth/authorize` for the authorization step.

Verify:

```bash theme={null}
authsome get notion --field status
# → connected
```

## Multiple accounts

Pass `--connection <name>` on `login` and on every read command to keep two or more accounts on the same provider side by side. See [Multiple connections per provider](/guides/multiple-connections) for the full pattern.

```bash theme={null}
authsome login notion --connection personal
authsome login notion --connection work
```

## Use the token

Run the agent under the proxy (recommended).

<CodeGroup>
  ```bash Proxy (recommended) theme={null}
  authsome run -- python my_agent.py
  ```

  ```bash Environment theme={null}
  eval "$(authsome export notion --format env)"
  ```
</CodeGroup>

Under the proxy, authsome sets `NOTION_ACCESS_TOKEN=authsome-proxy-managed` in the child's environment and injects the real token into outbound requests to `api.notion.com`. The child process never sees the actual value. Refresh tokens are never exported.

## Override the bundled definition

```bash theme={null}
authsome inspect notion > ~/.authsome/providers/notion.json
# edit scopes, base_url, or anything else
authsome list   # source now shows "custom" for notion
```

User-registered files always win over bundled definitions.

## What's next

<Columns cols={2}>
  <Card title="Run agents with the proxy" icon="shield-halved" href="/guides/run-agents-with-proxy">
    Inject the access token into outbound requests without exposing it.
  </Card>

  <Card title="Multiple connections per provider" icon="users" href="/guides/multiple-connections">
    Keep two or more accounts on the same provider side by side.
  </Card>

  <Card title="OAuth providers" icon="right-to-bracket" href="/integrations/oauth/index">
    All bundled OAuth providers.
  </Card>
</Columns>
