notion-enterprise-rbac

Featured

Configure Notion enterprise access control with OAuth, workspace permissions, and audit logging. Use when implementing OAuth public integrations, managing multi-workspace access, or building permission-aware Notion applications. Trigger with phrases like "notion SSO", "notion RBAC", "notion enterprise", "notion OAuth", "notion permissions", "notion multi-workspace".

AI & Automation 2,274 stars 319 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Notion Enterprise RBAC ## Overview Implement enterprise-grade access control for Notion integrations. This covers the full OAuth 2.0 authorization flow for public integrations (multi-tenant), per-workspace token storage with encryption at rest, Notion's page-level permission model and how to handle `ObjectNotFound` vs `RestrictedResource`, an application-level role system (admin/editor/viewer) layered on top of Notion's permissions, comprehensive audit logging to a Notion database, and workspace deauthorization cleanup. ## Prerequisites - Notion public integration created at https://www.notion.so/my-integrations (for OAuth) - `@notionhq/client` v2+ installed (`npm install @notionhq/client`) - Python alternative: `notion-client` (`pip install notion-client`) - Database for storing per-workspace tokens (PostgreSQL, DynamoDB, etc.) - HTTPS endpoint for OAuth callback (required by Notion) ## Instructions ### Step 1: OAuth 2.0 Authorization Flow Notion uses OAuth 2.0 for public integrations to access external workspaces: ```typescript import { Client } from '@notionhq/client'; import crypto from 'crypto'; // Step 1: Build the authorization URL function getAuthorizationUrl(state: string): string { const params = new URLSearchParams({ client_id: process.env.NOTION_OAUTH_CLIENT_ID!, response_type: 'code', owner: 'user', // 'user' = user-level token, 'workspace' = workspace-level redirect_uri: process.env.NOTION_REDIRECT_URI!, state, ...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI AWS · Cloud PostgreSQL · Database Notion · Productivity OAuth · Auth npm · DevTools

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

notion-security-basics

Apply Notion API security best practices for integration tokens, OAuth2 flows, least-privilege capabilities, and page-level access control. Use when securing integration tokens, configuring OAuth2 for public integrations, rotating credentials, or auditing which pages an integration can access. Trigger with phrases like "notion security", "notion secrets", "secure notion", "notion API key security", "notion token rotation", "notion OAuth2", "notion permissions audit".

2,274 Updated today
jeremylongshore
AI & Automation Featured

hubspot-enterprise-rbac

Configure HubSpot enterprise access control with OAuth scopes and team permissions. Use when implementing role-based access, configuring per-team HubSpot scopes, or setting up multi-user access patterns for HubSpot integrations. Trigger with phrases like "hubspot RBAC", "hubspot roles", "hubspot enterprise", "hubspot permissions", "hubspot team access", "hubspot OAuth scopes".

2,274 Updated today
jeremylongshore
AI & Automation Featured

intercom-enterprise-rbac

Configure Intercom enterprise OAuth, admin roles, and app-level access control. Use when implementing OAuth integration, managing admin permissions, or setting up organization-level controls for Intercom. Trigger with phrases like "intercom OAuth", "intercom RBAC", "intercom enterprise", "intercom roles", "intercom permissions", "intercom admin access".

2,274 Updated today
jeremylongshore
AI & Automation Featured

clickup-enterprise-rbac

Implement ClickUp Enterprise SSO, OAuth 2.0 multi-workspace access, role-based permissions, and organization management via API v2. Trigger: "clickup SSO", "clickup RBAC", "clickup enterprise", "clickup roles", "clickup permissions", "clickup OAuth app", "clickup multi-workspace".

2,274 Updated today
jeremylongshore
AI & Automation Solid

webflow-enterprise-rbac

Configure Webflow enterprise access control — OAuth 2.0 app authorization, scope-based RBAC, per-site token isolation, workspace member management, and audit logging for compliance. Trigger with phrases like "webflow RBAC", "webflow enterprise", "webflow roles", "webflow permissions", "webflow OAuth scopes", "webflow access control", "webflow workspace members".

2,274 Updated today
jeremylongshore