I’m building a mobile application and want to integrate with Notion’s API using OAuth flow. The issue I’m running into is with setting up the redirect URL in the OAuth configuration.
When I try to enter a custom URL scheme in the redirect URI field, the system automatically adds https:// at the beginning. For example, when I enter myapp://notion/callback, it becomes https://myapp://notion/callback which breaks the mobile deep linking.
My workflow should be:
User taps login button in my app
Mobile browser opens with Notion auth page
User completes authentication
Notion redirects back to my app using custom scheme
Is it possible to register a redirect URI without the HTTPS protocol requirement? Has anyone successfully implemented this type of mobile OAuth flow with Notion’s API?
Hit this same issue building a Flutter app last year. Notion’s OAuth HTTPS requirement is such a pain. I fixed it with a hybrid approach - register https://auth.yourdomain.com/notion as your redirect URI, then use a tiny PHP script that instantly redirects to your custom scheme. Keep it under 200ms or users will notice the delay. The script just grabs the auth code and redirects: header('Location: myapp://callback?code=' . $_GET['code']);. Notion gets its HTTPS, your app gets the deep link, users barely see the web hop. Works great on iOS and Android. Just handle the case where your app isn’t installed - otherwise people get stuck on a broken redirect. Skip the complex server stuff. Simple redirect script works and costs almost nothing to host.
Alternative approach that worked for my React Native app: Skip fighting redirect URI limitations - use an in-app browser instead of the system browser. You can handle callbacks directly in your app without custom URL schemes. I used react-native-inappbrowser-reborn to open Notion’s auth URL in a modal browser. The redirect URI hits a simple webpage that shows “Authorization complete” and runs JavaScript to post the auth code back to the parent window. Your app listens for that message and grabs the code directly. No URL scheme registration, no middleware servers, and users never leave your app. Feels native and sidesteps HTTPS protocol conflicts completely. You also get better error handling and it works the same on iOS and Android without platform-specific URL scheme setup.
Use universal links instead of custom URL schemes. Set up something like https://yourdomain.com/app/notion-callback that your app handles. When Notion redirects there, iOS opens your app if it’s installed - otherwise falls back to web. This hits Notion’s HTTPS requirement and still gives you native deep linking. You’ll need to add associated domains to your app entitlements and host an apple-app-site-association file on your domain. Android works similarly with App Links. I switched to this after fighting the same custom scheme problems you’re having. Honestly, the UX is better - no weird protocol switching and it handles cases where the app isn’t installed way more smoothly.
Had this exact issue last year building an iOS app with Notion integration. That forced HTTPS prefix is super annoying for mobile deep linking. Here’s what worked for me: set up a lightweight web server as a middleman. Register https://yourdomain.com/notion-callback as your redirect URI in Notion’s OAuth settings. This endpoint grabs the auth code and immediately redirects to your custom scheme with the code attached. So it goes: User authenticates → Notion hits your web endpoint → Your endpoint redirects to myapp://notion/callback?code=xyz. The web endpoint can just be a simple serverless function that passes the code along. This satisfies Notion’s HTTPS requirement but still gives you proper mobile deep linking. User experience stays smooth since the web redirect happens instantly. Just make sure you handle the auth code exchange properly in your mobile app once it receives the deep link.
Been there with mobile OAuth flows. The HTTPS requirement sucks when you need custom URL schemes.
I ended up building a lightweight automation bridge instead of fighting the redirect mess. Created a flow that handles OAuth on a web endpoint, then pushes auth tokens straight to the mobile app through a secure channel.
Here’s the setup:
User taps login
App opens web view to your automation endpoint
Endpoint handles full Notion OAuth with proper HTTPS redirects
Auth completes, automatically sends tokens back via webhook or polling
App gets credentials and closes web view
This kills the custom scheme headache completely. You get HTTPS compliance and smooth UX. No more wrestling with URL scheme validation or protocol conflicts.
Automation handles token management, refresh cycles, and errors automatically. Way cleaner than hacking around redirect requirements.
Notion’s OAuth redirect handling sucks for mobile apps. I’ve hit this wall so many times.
Best fix I found? Build an automated OAuth handler that skips the redirect nightmare completely. Don’t mess with URL schemes - just create a workflow that runs the whole OAuth process automatically.
Set up automation to watch for OAuth requests, handle Notion auth, grab tokens, and send them straight to your app via webhook or API.
Here’s how it works:
User hits login
App kicks off automation
Automation handles OAuth (proper HTTPS)
Tokens come back automatically
User never leaves your app
This kills URL scheme problems and gives you way better error handling. The automation can also handle token refreshes and retries without junking up your mobile code.
Much more reliable than fighting redirect URI limits or spinning up custom servers. You get solid OAuth without the mobile headaches.
notion’s oauth is super strict, especially for mobile apps. you might want to test using a localhost redirect like http://localhost:8080/callback for dev. but once it’s production, it has to be HTTPS.
also, consider using multiple redirect URIs based on your environment. but honestly, using the in-app browser method is likely your best bet!