Skills

notion-security-basics

Installation
SKILL.md

Notion Security Basics

Overview

Security fundamentals for the Notion API: integration token management, internal vs public integration models, principle of least privilege for capabilities, page-level access auditing, token rotation, OAuth2 flows for public integrations, and webhook verification. All examples use @notionhq/client v2.x and target the 2022-06-28 API version.

Prerequisites

  • Notion integration created at notion.so/my-integrations
  • Node.js 18+ with @notionhq/client installed (npm install @notionhq/client)
  • Understanding of environment variables and .env file patterns
  • For public integrations: OAuth2 client ID and secret from the integration dashboard

Instructions

Step 1: Secure Token Storage and .env Management

Integration tokens are secrets with the same sensitivity as database passwords. Notion tokens use the ntn_ prefix (current) or secret_ prefix (legacy). Both grant full access to every page shared with the integration.

Installs
1
Repository
jeremylongshore…s-skills
GitHub Stars
2.3K
First Seen
Mar 25, 2026
Security Audits
Gen Agent Trust HubPass
SocketPass
SnykWarn
notion-security-basics — jeremylongshore/claude-code-plugins-plus-skills