I’m experiencing an issue with the Notion OAuth process. When I attempt to exchange my temporary authorization code for an access token, I receive a 401 unauthorized error.
This is the code I’m using:
const response = await fetch("https://api.notion.com/v1/oauth/token", {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'Authorization': `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`
},
body: JSON.stringify({
grant_type: 'authorization_code',
code: authCode,
redirect_uri: redirectUrl
})
});
Currently, I’m using localhost as my redirect URL in the integration setup. While the authorization process works and I successfully receive the code, the exchange for the token fails. Has anyone else faced this issue? The documentation provided by Notion does not offer much information on this type of error.
hit this same issue last week. check your Notion integration settings - the client secret sometimes gets regenerated without warning. also verify you’re using the right environment variables. I was pulling from .env.local instead of .env and it took forever to figure out lol
I encountered a similar challenge with the Notion API. It’s crucial to exchange the authorization code promptly, as they tend to expire quickly. If there’s a delay from obtaining the code to requesting the access token, you may end up with a 401 error. Ensure that your client ID and client secret are accurate as even a single incorrect character can lead to authentication failures. Additionally, verify that your redirect URI is an exact match with what you initially configured, including the protocol and trailing slashes.
The 401 error typically indicates a problem with the base64 encoding of your credentials. I faced this same issue recently while working with Notion OAuth. First, ensure that your clientId and clientSecret are set correctly; they should not be undefined or empty. The redirect_uri is critical as it must exactly match what you configured in your Notion integration settings, including the port if you’re using localhost. Additionally, some environments may not work well with Buffer.from(); consider using btoa() instead if you’re in a browser context. Lastly, don’t delay too long in exchanging the authorization code for the token, as it tends to expire quickly.