Notion Analytics

Security

Security architecture includes RLS, secret isolation, webhook signatures, rate limiting, and audit logs.

Start free

Supabase RLS

Workspace-scoped data uses row-level security and server-side service-role isolation for backend-only operations.

Webhook HMAC

Outbound webhook deliveries are signed, retried, logged, and disabled after repeated failures.

2FA support

Account security includes password flows, sessions, lockouts, TOTP secrets, backup codes, and recovery controls.

Audit logging

Important workspace, billing, integration, export, and admin actions create audit-ready records.

Access

Workspace membership roles enforce read, write, billing, member, report, and integration permissions.

Data

Supabase RLS, server-side service-role isolation, validation, and scoped API keys protect workspace data boundaries.

Integrations

Webhooks use HMAC signatures, provider credentials are encrypted, and API keys are masked after creation.

Monitoring

Audit logs, Sentry-ready error capture, rate limiting, and health checks support operational review.