0

I am creating a notion API integration with OAuth authentication. I keep getting an invalid_client error when the user clicks allow access button and OAuth follow hits my callback URL. Also, auth_token is created in base64 format via client_id:client_secret which is provided in the integration console. Code is returned as query param when the OAuth process hits my callback URL.

What am I missing?

const code = req.query.code;

const auth_token = Buffer.from(
    "my_oauth_client_id:my_oauth_client_secret" // provided in integration panel
).toString("base64");

await axios
    .post(
        "https://api.notion.com/v1/oauth/token", {
            code,
            grant_type: "authorization_code",
            redirect_uri: "https://notion-fastlane-web-2hfaoof9v-oak93.vercel.app/api/notion/oauth/callback",
        }, {
            headers: {
                "Content-Type": "application/json",
                Authorization: `Basic ${auth_token}`,
            },
        }
    )
    .then(() => res.status(200).send("OK"))
    .catch((error) => {
        res.status(error.response.status).send(error.response.data);
    });
};
picsoung
  • 6,314
  • 1
  • 18
  • 35
oakar
  • 1,187
  • 2
  • 7
  • 21
  • is this still giving you a problem – rawk May 15 '21 at 09:47
  • yes, i do not know why @rawk – oakar May 15 '21 at 10:33
  • Is this the full Oauth flow? – adlopez15 May 16 '21 at 01:31
  • I don't think the issue here is the POST, it's where you GET the authorization code. Are you successfully getting the code back? ``` //Get authorization code, then create body and headers for token exchange app.get(access_token_path, ({query: {code}}, res) => { const body = { "grant_type": "authorization_code", code, "redirect_uri": `${callback_uri}`, }; const options = { headers: { "Authorization": `Basic ${auth_token}`, "Content-Type": "application/json" } }``` – adlopez15 May 16 '21 at 08:17
  • Is your redirect_uri the same when you start the flow by opening /v1/oauth/authorize? – Just Jake May 18 '21 at 03:32

1 Answers1

1

I also found this part of the authorization process really confusing as a beginner.

When working on my integration, I found that Axios provides an "auth" param (https://axios-http.com/docs/req_config) you can add to the request options where you can specify the Basic Authentication parameters, which are the client id and secret aka username and password, and it will base64 encode them for you and put them in the right format Notion specifies. You can check out the rest of the request config I used to see if there's anything else you're missing.

 {
    method: "post",
    url: "https://api.notion.com/v1/oauth/token",
    auth: {
      username: process.env.OAUTH_CLIENT_ID,
      password: process.env.OAUTH_CLIENT_SECRET,
    },
    data: {
      grant_type: "authorization_code",
      code: temp_code,
      redirect_uri: "https://example.com/oauth/redirect",
    },
    headers: { "Content-Type": "application/json" }, 
}

Also, I made a simplified diagram of the entire OAuth process with Notion if that would help: https://naomiperez.netlify.app/notion-oauth-flow/

Naomi
  • 11
  • 1