Invalid_Grant error when exchanging OAuth code for Notion API access token

DancingFox · July 23, 2025, 2:56pm

I’m experiencing an issue with the OAuth flow for the Notion API. I’ve set up an integration in Notion, but I’m running into problems when trying to exchange the authorization code for an access token.

Here’s a summary of my process:

I generated the OAuth authorization link and received a temporary code after the user consented.
Now, I’m attempting to swap that code for an access token.

My token request looks like this:

POST https://api.notion.com/v1/oauth/token
Authorization: Basic eW91cl9jbGllbnRfaWQ6eW91cl9zZWNyZXRfa2V5X2hlcmU=
Content-Type: application/json

{
    "grant_type": "authorization_code",
    "code": "temp-auth-code-here",
    "redirect_uri": "http://localhost:3000/callback"
}

However, I keep getting back this error:

{
  "error": "invalid_grant"
}

I’ve double-checked that the redirect URI is the same as what I used in the original authorization request. The code looks valid as I obtained it from the callback.

Can anyone help me figure out what could be the issue? Am I missing something in the request format or the headers?

jess_brown · August 1, 2025, 3:41am

same! I had the same prob. that auth code literally expires in seconds. try to swap it right after getting it. also check your client secret, I had mine all messed up from copying and it took ages to find out!

elizabeths · July 31, 2025, 12:42pm

The invalid_grant error occurs when there’s a mismatch in your OAuth configuration. I faced a similar issue previously and discovered that the redirect_uri in your token exchange must exactly match what you’ve registered in Notion’s integration settings. This includes being cautious about trailing slashes or the difference between http and https, as they can cause problems. Additionally, ensure that the Basic auth header is correctly base64 encoded from “client_id:client_secret”. It’s helpful to log both your registered redirect URI and the one you’re sending to confirm they align. Lastly, verify that your OAuth settings in Notion’s developer console are saved properly.

livbrown · July 28, 2025, 5:09am

Your Authorization header might be the problem. I ran into this same issue months back - Notion’s OAuth endpoint is really picky about credential encoding. Skip the Basic auth and put your client_id and client_secret directly in the request body JSON instead. Also double-check that your integration has the right OAuth scopes enabled in the developer console. I’ve seen integrations get created but the OAuth config never gets fully activated. The error message sucks, but it’s usually credential formatting that breaks things.

DancingFox · August 1, 2025, 11:19am

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.