Notion
Read & write Notion pages and databases via the official OAuth app install flow. Tokens never expire; no refresh strategy.
Vendo redirects to Notion's OAuth flow where the user picks the workspace and chooses exactly which pages or databases this connection can access. Vendo only ever sees what's explicitly shared with the integration — nothing else in the workspace. The access token is stored encrypted and used to call the Notion API directly (no proxy intermediary).
Auth modes
| Profile | Default | How it works |
|---|---|---|
oauth_app_install (OAuth (app install)) | Yes | Tenant grants permission via the provider's OAuth flow. Vendo stores the access token encrypted and calls the provider API directly. |
Environment variables
These are the env vars Vendo injects into your deployment at boot when this integration is bound. Source values are resolved by resolveConnectionEnvVars in packages/integrations/lib/ from the connection record (credential, metadata) and deployment context (proxy URL, Vendo-issued API key).
| Variable | Profiles | Source | Secret |
|---|---|---|---|
NOTION_TOKEN | all | connection credential (encrypted at rest) | Yes |
Reading the credential at runtime
Vendo writes NOTION_TOKEN (and any companion vars above) into your deployment's environment at boot — the official Notion SDK auto-discovers it, so most code just instantiates the client with no extra wiring. vendo.token(slug) is the resolution-chain-aware alternative that reads the same value in Vendo mode and falls back to whatever you set in OSS mode; use whichever fits your style. See Two modes for the full resolution chain.
Direct API
Notion is called directly (no Vendo proxy intermediary). The SDK reads the injected credential from the environment and talks to Notion's API host.
Quickstart
import vendo
# Read & write Notion pages and databases on the user's behalf via OAuth.
token = vendo.token("notion")
# Use `token` wherever you would have used the provider's API key —
# pass it to the official SDK or set it as the env var the SDK reads.
print(token)import { Vendo } from "@vendodev/sdk";
const vendo = new Vendo();
// Read & write Notion pages and databases on the user's behalf via OAuth.
const notionToken = await vendo.token("notion");
// Use `notionToken` wherever you would have used the provider's API
// key — pass it to the official SDK or read it as the env var the SDK expects.
console.log(notionToken);import VendoSDK
let vendo = Vendo()
// Read & write Notion pages and databases on the user's behalf via OAuth.
let token = try await vendo.token("notion")
// Use `token` wherever you would have used the provider's API key.
print(token)Learn more
-
Concepts: connections & integrations — how connections, bindings, and credentials fit together.
-
Build a tool: SDK — full
vendo.tokenandvendo.data.executesemantics.