BA
Better Auth4mo ago
Jakub Hašek

Implemeting Notion OAuth2

Hey! I have tried everything now to implement the Oauth2 flow for Notion, but I always get this error. Anyone has any ideas what could cause it?
No description
32 Replies
Jakub Hašek
Jakub HašekOP4mo ago
I also get this error on the client
No description
Aaron
Aaron4mo ago
It is receiving an incorrect client_id and client_secret That's really the only reason I know of that notion will respond with that error code
Jakub Hašek
Jakub HašekOP4mo ago
Could this be because they want it encoded in Base64 and BetterAuth doesn't do that?
Jakub Hašek
Jakub HašekOP4mo ago
No description
Aaron
Aaron4mo ago
better-auth should be doing it internally. If its not, then something is wrong about that.
Jakub Hašek
Jakub HašekOP4mo ago
Not sure. I used Remix OAuth2 before and did not change anything apart from the callback URL as specified in the OAuth2 plugin here
Aaron
Aaron4mo ago
I haven't used better-auth's generic oauth2 implementation so I can't offer more help than what I have already stated. So either better-auth isn't base64 encoding the id and secret or your id and secret are wrong
Blank
Blank4mo ago
try adding { authentication: 'basic' } in the config
Jakub Hašek
Jakub HašekOP4mo ago
Lifesaver! Now I have a email_is_missing error, but it looks like the flow went through. Thanks 🙏
Blank
Blank4mo ago
email_is_missing means the oauth is not returning a email in data try checking the socpes
Jakub Hašek
Jakub HašekOP4mo ago
I think it is because the request to api.notion.com/v1/users/me fails with a 40I. From the error it seems like Better-auth doesn't pass the authorization header when requesting, which Notion requires
Jakub Hašek
Jakub HašekOP4mo ago
No description
Blank
Blank4mo ago
ok try this it is the endpoint which returns user data?
Jakub Hašek
Jakub HašekOP4mo ago
Yup, it is. https://developers.notion.com/reference/get-self
Notion API
Retrieve your token's bot user
Retrieves the bot User associated with the API token provided in the authorization header. The bot will have an owner field with information about the person who authorized the integration. Errors Each Public API endpoint can return several possible error codes. See the Error codes section of the St...
Blank
Blank4mo ago
you can just implement your custom function if the normal one is not working getUserInfo(tokens) {...} access tokens, call the api, return data
Jakub Hašek
Jakub HašekOP4mo ago
Thanks! WIll figure that out 🙌
Mnigos
Mnigos3mo ago
Hey @Jakub Hašek did you managed to solve it? I have this invalid_client error. Here is my config 
                {
                    providerId: 'notion',
                    clientId: env.NOTION_CLIENT_ID,
                    clientSecret: env.NOTION_CLIENT_SECRET,
                    authentication: 'basic',
                    redirectURI: env.NOTION_CLIENT_REDIRECT_URI,
                    authorizationUrl: 'https://api.notion.com/v1/oauth/authorize',
                    tokenUrl: 'https://api.notion.com/v1/oauth/token',
                    // userInfoUrl: 'https://api.notion.com/v1/users/me',
                    getUserInfo: async ({ accessToken, tokenType }) => {
                        if (!accessToken) throw new Error('No access token')

                        const response = await fetch('https://api.notion.com/v1/users/me', {
                            headers: {
                                Authorization: `${tokenType ?? 'Bearer'} ${accessToken}`,
                            },
                        })

                        if (!response.ok) throw new Error('Failed to fetch user info')

                        const data = await response.json()

                        console.log('data', data)

                        // return {
                        //     id: data.id,
                        //     name: data.name,
                        //     email: data.email,
                        // }
                    },
                },
                {
                    providerId: 'notion',
                    clientId: env.NOTION_CLIENT_ID,
                    clientSecret: env.NOTION_CLIENT_SECRET,
                    authentication: 'basic',
                    redirectURI: env.NOTION_CLIENT_REDIRECT_URI,
                    authorizationUrl: 'https://api.notion.com/v1/oauth/authorize',
                    tokenUrl: 'https://api.notion.com/v1/oauth/token',
                    // userInfoUrl: 'https://api.notion.com/v1/users/me',
                    getUserInfo: async ({ accessToken, tokenType }) => {
                        if (!accessToken) throw new Error('No access token')

                        const response = await fetch('https://api.notion.com/v1/users/me', {
                            headers: {
                                Authorization: `${tokenType ?? 'Bearer'} ${accessToken}`,
                            },
                        })

                        if (!response.ok) throw new Error('Failed to fetch user info')

                        const data = await response.json()

                        console.log('data', data)

                        // return {
                        //     id: data.id,
                        //     name: data.name,
                        //     email: data.email,
                        // }
                    },
                },
@Jakub Hašek If you found a solution I could really use your help.
Jakub Hašek
Jakub HašekOP3mo ago
This config ended up working for me: 
config: [
        {
          providerId: 'notion',
          authentication: 'basic',
          clientId: process.env.NOTION_OAUTH_CLIENT_ID,
          clientSecret: process.env.NOTION_OAUTH_CLIENT_SECRET,
          authorizationUrl: process.env.NOTION_AUTHORIZE_URL,
          tokenUrl: 'https://api.notion.com/v1/oauth/token',
          redirectURI: process.env.NOTION_REDIRECT_URI,
          responseType: 'code',
          getUserInfo: async (token) => {
            const response = await fetch('https://api.notion.com/v1/users/me', {
              headers: {
                Authorization: `Bearer ${token.accessToken}`,
                'Notion-Version': '2022-06-28',
              },
            });

            if (!response.ok) {
              throw new Error(
                `Failed to fetch user info: ${response.status} ${response.statusText}`
              );
            }

            const data = await response.json();
            const notionBotId = data.id;
            const user = data.bot.owner.user;

            return {
              id: user.id,
              email: user.person.email,
              emailVerified: true,
              notionBotId: notionBotId,
              notionUserId: user.id,
              avatarUrl: user.avatar_url,
              name: user.name || user.person.email.split('@')[0],
              accessToken: token.accessToken,
            } as User;
          },
config: [
        {
          providerId: 'notion',
          authentication: 'basic',
          clientId: process.env.NOTION_OAUTH_CLIENT_ID,
          clientSecret: process.env.NOTION_OAUTH_CLIENT_SECRET,
          authorizationUrl: process.env.NOTION_AUTHORIZE_URL,
          tokenUrl: 'https://api.notion.com/v1/oauth/token',
          redirectURI: process.env.NOTION_REDIRECT_URI,
          responseType: 'code',
          getUserInfo: async (token) => {
            const response = await fetch('https://api.notion.com/v1/users/me', {
              headers: {
                Authorization: `Bearer ${token.accessToken}`,
                'Notion-Version': '2022-06-28',
              },
            });

            if (!response.ok) {
              throw new Error(
                `Failed to fetch user info: ${response.status} ${response.statusText}`
              );
            }

            const data = await response.json();
            const notionBotId = data.id;
            const user = data.bot.owner.user;

            return {
              id: user.id,
              email: user.person.email,
              emailVerified: true,
              notionBotId: notionBotId,
              notionUserId: user.id,
              avatarUrl: user.avatar_url,
              name: user.name || user.person.email.split('@')[0],
              accessToken: token.accessToken,
            } as User;
          },
Mnigos
Mnigos3mo ago
Thank you so much! Can you also share your better auth version?
Shashwat
Shashwat2mo ago
did anybody solved this, i am trying to solve this but it just does not work, idk why, i tried everything but it still says "invalid_client" @Mnigos @Jakub Hašek ahh got it working with above config thanks, but i wonder why the notion login provided by docs doesnt work
Mnigos
Mnigos2mo ago
You have notion build in with better auth 1.3
Shashwat
Shashwat2mo ago
yeah but its not working for me, it gives same "invalid_client", i had use genericOAuth
Ping
Ping2mo ago
Hey @Shashwat mind trying it on the latest Better-Auth versioning and report back if it's working?
Shashwat
Shashwat2mo ago
Nope it does not work for me
Shashwat
Shashwat2mo ago
https://github.com/Shashwat-0077/better-auth-notion-try here is the code that i am trying (i tried to follow the flow of my main proj)
GitHub
GitHub - Shashwat-0077/better-auth-notion-try
Contribute to Shashwat-0077/better-auth-notion-try development by creating an account on GitHub.
Shashwat
Shashwat2mo ago
most probably, their is something that i am doing wrong, some silly mistake or something, idk , please correct me also their is demo vid i included in the repo for the reference @Ping PS : the same credentials(notion client ID and secret) works with the genericOAuth ( the solution stated above in the chat)
Ping
Ping2mo ago
Okay, thanks for all of the info, I'll check it out
Shashwat
Shashwat2mo ago
Please guide me if their is something I am doing wrong, I would prefer the solution stated in docs rather than the workarounds
Ping
Ping2mo ago
Yeah it might be an issue on our end so I've alerted the team. If I get an update back I'll LYK.
Shashwat
Shashwat2mo ago
Sure, thank you 🫡
KiNFiSH
KiNFiSH2mo ago
the notion oauth is breaking because 1. You have to make sure you are not making the integration private , it should be public. 2. notion uses a fixed set of permission to enable. 3. notion passes client secret on the headers now it works after making some changes. it should be released on the following patch releases. for now you can try using - npm i https://pkg.pr.new/better-auth/better-auth@3567 it should work.
Shashwat
Shashwat2mo ago
I'll wait till the patch release, thanks for the update!!!

Did you find this page helpful?