I am in the process of building a simple Notion client using the Notion API. During the OAuth authentication process, I expect users to have the option to select specific pages or databases for access. However, I'm curious if there is a method provided by Notion to confirm which of these entries have been approved during authorization. Any insights or examples of retrieving these permissions would be very helpful for my project.
hey, from what ive seen, notion doesn’t send you a clear list of pages/dbs your user picked. u get a token with scopes, and then u need to query those endpoints to see exactly what can be accessed
The Notion API does not explicitly return a detailed list of pages or databases approved by the user during OAuth. My experience shows that once you receive the token with scope details, you need to perform additional API calls on the respective endpoints to identify which resources are accessible. Essentially, you are limited to inferring permissions from the scopes granted, and then validating access by querying the API. This approach is common practice, and it may be beneficial to implement custom validation logic in your client.
In my experience, the Notion OAuth process is similar to many other OAuth implementations where the token represents the authorization scopes rather than specific details on approved pages or databases. This means you have to rely on additional API calls to retrieve the actual data. While it does add an extra step to your code, I found that leveraging these follow-up calls to map the token’s scopes to specific resources is a workable, albeit indirect, solution. Ensuring your implementation gracefully handles any discrepancies between the token scopes and the data returned by the API proved particularly important during development.