Client Credential Intake System: Make Credential Requests + Notion Tracker (Import‑Ready)

• Access: Sending Credential Requests requires a Make Enterprise plan or official Make Partner access. Recipients can authorize on any plan.
• UI path to send manually: Left sidebar → Credentials → Credential Requests → [Sent] tab.
• Guest scope: Recipients join as limited‑scope Guests to provide/manage only the requested credentials; they can revoke/delete their own credentials at any time.
• No webhook: There is no native webhook for “authorized.” Use API polling or (Enterprise) Audit Logs.
• Non‑OAuth apps: Use secure share links (1Password or Bitwarden Send) rather than email. Rotate/revoke after use.

Collect these once and store in Make as variables or in a Make Data Store.

• [MAKE_API_TOKEN]: Personal access token with scopes: credential-requests:read, credential-requests:write; plus Notion/Slack/Email scopes as needed.
• [ORG_ID] and (optional) [TEAM_ID]: For scoping Audit Logs if you’re Enterprise.
• [NOTION_API_KEY] and [NOTION_DATABASE_ID]: For the intake tracker.
• [SLACK_WEBHOOK_URL] or [SLACK_BOT_TOKEN] and [SLACK_CHANNEL_ID] (if using Slack nudges).
• [EMAIL_FROM], [SMTP_HOST], [SMTP_USER], [SMTP_PASS] (if using email nudges).
• [OWNER_NAME], [OWNER_EMAIL]: Who’s on the hook for follow‑ups.
• [CLIENT_NAME], [CLIENT_CONTACT_NAME], [CLIENT_CONTACT_EMAIL]: Filled per project.
• [PROJECT_NAME]: To personalize communication and views.

Create a Notion database named “Credential Intake.” Add these properties exactly (types in parentheses):

• Client (Title)
• Project (Text) — default [PROJECT_NAME]
• App (Select) — e.g., Gmail, Google Drive, HubSpot, Slack, Webflow
• Request Link (URL)
• Request ID (Text)
• Credential ID (Text)
• Status (Select) — Pending, Partially Authorized, Authorized, Declined, Invalid, Revoked
• Owner (People) — assign to [OWNER_EMAIL] or use Text if you prefer
• Created (Created time)
• Last Nudge (Date)
• Nudge Count (Number) — default 0
• Next Nudge At (Formula)
• SLA Breach? (Formula → Checkbox)
• Authorized At (Date)
• Revoked At (Date)
• Notes (Rich text)

Formulas (paste as‑is; ensure property names match):

• Next Nudge At

if(
  or(prop("Status") == "Authorized", prop("Status") == "Revoked", prop("Status") == "Declined"),
  empty(""),
  if(
    empty(prop("Last Nudge")),
    dateAdd(prop("Created"), 24, "hours"),
    if(
      prop("Nudge Count") >= 1,
      dateAdd(prop("Last Nudge"), 48, "hours"),
      dateAdd(prop("Last Nudge"), 24, "hours")
    )
  )
)

• SLA Breach?

if(
  and(prop("Status") != "Authorized", now() > dateAdd(prop("Created"), 72, "hours")),
  true,
  false
)

Recommended Notion views:

• “Active”: Status is not Authorized/Revoked/Declined.
• “Due for Nudge”: Next Nudge At is on/before now; Status is not Authorized/Revoked/Declined.
• “SLA > 72h”: SLA Breach? is checked.
• “Authorized This Week”: Authorized At is within past 7 days.

Trigger: Manually (on new project) or from a Notion “Add request” button. Goal: Create separate Credential Requests per app and log each row in Notion.

Module plan (Make):

1. Tools → Iterator of [APPS_TO_REQUEST] — e.g., ["Gmail","Google Drive","Slack"].
2. HTTP → Make API (POST) to create request:
   • URL: https://api.make.com/credential-requests/requests/v2
   • Headers: Authorization: Bearer [MAKE_API_TOKEN], Content-Type: application/json
   • Body (fill per app per Developer Hub spec):

{
  "recipient": { "email": "[CLIENT_CONTACT_EMAIL]", "name": "[CLIENT_CONTACT_NAME]" },
  "connections": [
    {
      "app": "[APP_KEY]",
      "label": "[PROJECT_NAME] — [APP_NAME]",
      "notes": "Purpose: [WHAT_THIS_CONNECTION_ENABLES]",
      "scopes": ["[SCOPE_1]","[SCOPE_2]"]
    }
  ]
}

• Map [APP_KEY]/[SCOPES] using Make’s app catalog and API docs for each target app.

3. JSON → Parse response to capture [REQUEST_ID] and [REQUEST_LINK].
4. Notion → Create database item in [NOTION_DATABASE_ID]:
   • Client: [CLIENT_NAME]
   • Project: [PROJECT_NAME]
   • App: [APP_NAME]
   • Request Link: [REQUEST_LINK]
   • Request ID: [REQUEST_ID]
   • Status: Pending
   • Owner: [OWNER_NAME]

Tip: If you prefer a single multi‑app request, adapt the body to include multiple “connections” in one request and create one Notion row per connection (iterate returned credentials when available).

Trigger: Schedule every [POLL_INTERVAL_MINUTES] minutes (e.g., 15). Goal: Advance Status automatically and capture Credential IDs when available.

Module plan (Make):

1. Notion → Search database items where Status is not Authorized/Declined/Revoked AND Request ID is not empty.
2. Tools → Iterator over results.
3. HTTP → Make API (GET) request detail:
   • URL: https://api.make.com/credential-requests/requests/[REQUEST_ID]
   • Headers: Authorization: Bearer [MAKE_API_TOKEN]
4. JSON → Parse response; map status to Notion Status using this table:
   • pending → Pending
   • partially_authorized → Partially Authorized
   • authorized → Authorized
   • declined → Declined
   • invalid → Invalid
5. Optional: If response includes a credential object, capture [CREDENTIAL_ID] for teardown later.
6. Notion → Update database item:
   • Status: [MAPPED_STATUS]
   • Credential ID: [CREDENTIAL_ID] (when present)
   • Authorized At: set to now() when status transitions to Authorized
   • Clear Next Nudge At / stop further nudges when Authorized

Enterprise alternative watcher (optional):

• Poll Organization/Team Audit Logs for events matching “credential request authorized.” Use your [ORG_ID]/[TEAM_ID] and filter by [REQUEST_ID] or [CLIENT_CONTACT_EMAIL]. Keep the same Notion update logic. [AUDIT_LOGS_LIST_ENDPOINT] varies by account; confirm exact path in your plan’s docs.

Goal: Nudge at 24h and 72h until completion, then stop. Choose Slack or Email.

Module plan (Make):

1. Scheduler → Every [NUDGE_CRON] (e.g., hourly at :10).
2. Notion → Search “Due for Nudge” view (Next Nudge At ≤ now; Status not in Authorized/Revoked/Declined).
3. Tools → Iterator over rows.
4. Branch by Nudge Count:
   • If Nudge Count == 0 → send 24h template.
   • Else → send 72h template.
5. Slack → Post to [SLACK_CHANNEL_ID] via bot OR HTTP → Incoming Webhook to [SLACK_WEBHOOK_URL].
   • Message (24h):

:wave: [CLIENT_CONTACT_NAME], quick nudge to authorize **[APP_NAME]** for **[PROJECT_NAME]** so we can start. Use this secure Make link: <[REQUEST_LINK]>.
If you use SSO, sign in first, then click Authorize. — [OWNER_NAME]

• Message (72h escalation) adds owner mention and optional client sponsor CC.

6. OR Email → Send via SMTP:
   • Subject: "Action needed: authorize [APP_NAME] for [PROJECT_NAME]"
   • Body:

Hi [CLIENT_CONTACT_NAME],

To proceed, please authorize [APP_NAME] using this secure Make link: [REQUEST_LINK].
This avoids sharing passwords and keeps scope narrow to this project. If you prefer, we can walk you through it on a 5‑minute call.

Thanks,
[OWNER_NAME]

7. Notion → Update row: Last Nudge = now(); Nudge Count = Nudge Count + 1.
8. Stop condition: When Status becomes Authorized/Declined/Revoked, do not enqueue further nudges (Next Nudge At becomes empty via formula).

Trigger: Manually (Notion checkbox or view) or on “Project closed.” Goal: Remove remote credential, reset request if re‑auth is needed, and mark records clean.

Module plan (Make):

1. Notion → Search items where (Status == Authorized) AND (Project marked Closed OR [READY_FOR_TEARDOWN] == true).
2. HTTP → Make API (POST) delete‑remote:
   • URL: https://api.make.com/credential-requests/credentials/[CREDENTIAL_ID]/delete-remote
   • Headers: Authorization: Bearer [MAKE_API_TOKEN]
3. Notion → Update item:
   • Status: Revoked
   • Revoked At: now()
   • Notes: "Revoked via delete‑remote on [DATE_TIME]"

Optional reauthorization flow (expired OAuth):

• If status becomes Invalid later, call:
  • POST https://api.make.com/credential-requests/credentials/[CREDENTIAL_ID]/request-reauthorize
• Update Notion Status to Pending and resume watcher/nudges.

When an app does not support OAuth or Make lacks a connector:

• Use one of:
  • 1Password item share link — paste [SECRET_SHARE_URL] with expiry [SHARE_EXPIRES_AT] and optional passphrase [SHARE_PASSPHRASE].
  • Bitwarden Send — paste [SECRET_SHARE_URL] with expiry and (optionally) passphrase.
• In Notion, set:
  • Status: Pending until validated.
  • Notes: What the secret is for and where it will live permanently in the client’s vault.
• After configuring in Make (e.g., HTTP module with API key), immediately rotate the key in the client’s system, update the connection, and store the new secret only in the client’s vault. Then set Status: Authorized.
• At project end, rotate/revoke again and document Revoked At. If you created a Make Connection with that key, replace or delete it across scenarios (see Make’s “replace connections” guidance) and mark Status: Revoked.

• Enterprise only: Enforce 2FA for your Make organization (Org settings → Enforce 2FA). Note: SSO/IdP users must be enforced at the provider.
• Audit Logs (Enterprise): Retained for 12 months at Org/Team scope and include “credential request created/authorized/deleted” and 2FA enforcement changes. If you use Audit Logs as your watcher, filter on event name and [REQUEST_ID]/[CLIENT_CONTACT_EMAIL].
• Least privilege: Request only the scopes you truly need per app; describe the purpose in the request notes.
• Client control: Remind stakeholders they can revoke/delete their credentials anytime from their Guest access.

Use this to populate the HTTP Create Request body quickly. Cross‑check required fields per app in the Developer Hub.

Minimal single‑connection payload (skeleton):

{
  "recipient": {
    "email": "[CLIENT_CONTACT_EMAIL]",
    "name": "[CLIENT_CONTACT_NAME]"
  },
  "connections": [
    {
      "app": "[APP_KEY]",               // e.g., google-drive, hubspot, slack
      "label": "[PROJECT_NAME] — [APP_NAME]",
      "notes": "Purpose: [WHAT_THIS_CONNECTION_ENABLES]",
      "scopes": ["[SCOPE_1]", "[SCOPE_2]"]
    }
  ]
}

Multi‑connection example (one request covering multiple apps): add additional objects inside "connections" and create one Notion row per returned credential.

Status mapping reference for your parser:

• pending → Pending
• partially_authorized → Partially Authorized
• authorized → Authorized
• declined → Declined
• invalid → Invalid

• “Active” board grouped by App with Status swimlanes.
• “By Client” board grouped by Client with badge for SLA Breach? and Next Nudge At.
• “Owner Focus” list filtered to Owner = [OWNER_NAME], sorted by Next Nudge At ascending.
• “Audit” table showing Authorized At and Revoked At for monthly reviews.

Rollups (optional, if you relate to a Projects DB):

• Per Project: Total Requests, Authorized, Pending, SLA Breach count.
• SLA Rate formula: if(prop("Total Requests") == 0, 1, toNumber(prop("Authorized")) / toNumber(prop("Total Requests"))).

1. Before you invite a real client, run Scenarios A–D on yourself.
2. Confirm Status changes without manual edits.
3. Verify 24h/72h escalation timing by temporarily setting the Next Nudge At formula to shorter intervals during testing.
4. Revert intervals and enforce 2FA before go‑live.

Common fixes:

• 401s on Make API calls → check [MAKE_API_TOKEN] scopes include credential-requests:read/write.
• No Credential ID in response → some apps attach it only after authorization; re‑poll until present.
• Clients stuck at “partially_authorized” → they authorized one of multiple connections; keep nudging with a checklist of pending apps in the message body.
• Non‑OAuth secrets sent by email → stop and replace with a secure share link; rotate immediately.