When you see the ‘API Token Revoked’ error in Notion, your integration or API key can no longer authenticate with the Notion server. This error typically appears after you manually regenerate an internal integration secret, delete an integration from your workspace, or when Notion security policies automatically expire old tokens. This article explains why the token gets revoked and provides step-by-step instructions to create or reconnect a working integration token.
Key Takeaways: Fixing the Notion API Token Revoked Error
- My Integrations > Internal Integration > Secrets > Show > Copy: Generate a new token after the old one is revoked.
- Integration > Capabilities > Read content / Update content: Ensure the integration has the correct permissions before connecting to a database.
- Database connection > Add connections > Select integration: Reconnect a database to a new or regenerated integration token.
Why Notion Revokes an API Token
An API token is a secret string that identifies your integration to the Notion API. Notion revokes a token for three main reasons:
First, you or another workspace admin manually regenerated the token in the integration settings. Regeneration immediately invalidates the old token. Second, the integration itself was deleted from the workspace. Deleting an integration removes all associated tokens. Third, Notion may automatically expire tokens that have not been used for an extended period, though this is less common. Once revoked, any API call using the old token returns an HTTP 401 Unauthorized response with the error message ‘API token revoked’.
Steps to Resolve the API Token Revoked Error
- Open the Notion Integration Settings
Go to Settings & Members in the left sidebar. Then click My connections under the Workspace section. Scroll down and click Manage integrations to open the Integrations page. - Locate Your Integration
On the Integrations page, find the integration that previously used the revoked token. Click on its name to open the integration settings page. - Generate a New Token
In the integration settings, scroll to the Secrets section. Click Show next to the existing token, then click Regenerate. A new token string appears. Click Copy and save it securely. The old token is now revoked and cannot be used again. - Update Your Application or Script
Replace the old token in your application code, environment variable, or configuration file with the new token. If you use a third-party tool that connects via API, enter the new token in its settings panel. - Reconnect the Integration to Databases
If the integration was previously connected to specific databases, you must reconnect it. Open any database that the integration should access. Click the three-dot menu in the top-right corner of the database view. Select Add connections from the menu. Find your integration in the list and click Confirm. Repeat for every database the integration needs to read or write. - Test the Connection
Run a simple API call, such as retrieving a list of databases, to confirm the new token works. The call should return a 200 OK status instead of a 401 error. If the error persists, verify that the integration has the correct capabilities set in the integration settings page under Capabilities.
If Notion Still Shows the Revoked Error After the Main Fix
Integration Was Deleted From the Workspace
If you cannot find your integration on the My integrations page, an admin may have deleted it. To fix this, create a new integration. Go to Settings & Members > My connections > Manage integrations > New integration. Give the integration a name, select the workspace, and set the appropriate capabilities. Copy the new token and follow steps 4 through 6 above to reconnect databases.
Token Not Copied Correctly
A common mistake is copying only part of the token string or including an extra space at the beginning or end. The token is a long alphanumeric string that starts with secret_. Double-check your clipboard content and ensure the token is pasted exactly as shown in the integration settings.
Integration Does Not Appear in Database Connections List
When you click Add connections on a database, only integrations that have been granted access to that database appear. If your integration is missing, you must first connect it from the database settings. Alternatively, open the integration settings and verify that it has the Read content and Update content capabilities enabled. Without these, the integration cannot be added to any database.
Notion API Token Revoked vs Expired vs Invalid: Differences
| Item | Revoked Token | Expired Token | Invalid Token |
|---|---|---|---|
| Description | Token manually invalidated or integration deleted | Token past its validity period | Token never existed or was malformed |
| HTTP status code | 401 Unauthorized | 401 Unauthorized | 401 Unauthorized |
| Error message | API token revoked | API token expired | API token invalid |
| Common cause | Regenerated secret or deleted integration | Token older than 90 days (rare) | Typo in token or wrong token pasted |
| Fix | Regenerate token and reconnect | Regenerate token | Copy the correct token |
Now you can resolve the ‘API Token Revoked’ error by regenerating the token and reconnecting your integration to each database. After completing the steps, test the connection with a simple API call to confirm the fix. As an advanced tip, store your Notion API token in an environment variable instead of hardcoding it in your script to simplify future token rotations.