Skip to main content

About Notion

The Notion connector reads page metadata, database schemas, workspace membership, and integration configuration so you can map knowledge-base evidence to controls in Iru Compliance. Authentication uses a Notion internal integration token (sometimes called a connection secret) generated from My integrations.

How It Works

Notion expects the token in the Authorization header: 
Authorization: Bearer YOUR_INTEGRATION_TOKEN
Internal integrations only reach content that you explicitly share with the integration. Plan sharing deliberately - typically by attaching the integration at a parent page so children inherit access.
DetailValue
CategoryProductivity / documentation
AuthenticationBearer token (internal integration)
Workspace roleOnly workspace owners can create integrations
Documentation: Create integrations, Authorization overview, API reference.

Prerequisites

  • Workspace owner rights (needed to create integrations).
  • A clear list of pages or databases compliance evidence should include.

Connect Notion to Iru

Complete this tab before you connect the source in Compliance.
1

Sign in to Notion

Sign in at notion.so with a user who can create internal integrations for the workspace you want Iru to read.
2

Open My integrations

Visit notion.com/my-integrations, or in the Notion app open SettingsConnections and follow the path to Create or manage integrations.
3

Configure the integration

Create a new integration. Name it (for example Iru Compliance), assign it to the correct workspace, and enable capabilities your controls need: at minimum Read content, and Read user information including email addresses when membership evidence matters.
4

Save and copy the internal integration secret

Save the integration, then copy the internal integration secret. Treat it like a password; it does not expire unless you rotate or delete the integration.
5

Share content with the integration

Open each top-level page or database → Connections → pick Iru Compliance. Sharing a parent page reduces duplicate work for nested docs.Without explicit shares, the integration legitimately sees nothing, even if your humans can read the pages.
Continue on the Iru Compliance tab.

Troubleshooting

Check pop-up blocker settings for the Iru site and try again.
Re-copy the secret, ensure the integration was not deleted or rotated.
Re-open each parent page and confirm Connections lists your integration.
Only workspace owners manage integrations - confirm you created it in the intended workspace.

Considerations

Rotate secrets on your schedule and update Iru…

Rotate secrets on your schedule and update Iru immediately afterward.

Iru reads metadata exposed to the token: it does not…

Iru reads metadata exposed to the token - it does not silently edit pages or invites.

Sources Management

Browse and manage every Compliance source.

Getting Started With Compliance

Frameworks, actions, and Artifacts.

Iru Overview

How Endpoint, Compliance, and Identity fit together.

Artifacts Management

Upload, review, and organize evidence from sources and actions.