On September 18th, we had the privilege of attending Make with Notion 2025 live in San Francisco. What we witnessed was more than a feature release: it was a turning point.
Notion officially transitioned from 2.0 (the database era) to 3.0 (the AI era), and the two flagship announcements are set to redefine how companies design, secure, and scale their systems:
Custom AI Agents Autonomous assistants that live inside your workspace and act on your behalf.
Granular Database Permissions (Row-Level Access) Long-awaited fine-grained access control, finally unlocking secure collaboration at scale.
This combination positions Notion not just as a knowledge platform but as the backbone for secure, automated, and enterprise-grade workflows.
Custom Agents: From Assistant to Teammate
Until now, Notion AI has been reactive: you prompt, it answers. With Custom Agents, Notion 3.0 introduces proactive, autonomous AI processes that operate in the background and follow structured triggers.
How Custom Agents Work
A Custom Agent is configured with three elements:
- Triggers - define when it should run. Examples:
- A new page created in a database.
- A change of status (e.g., “To Review → Approved”).
- A scheduled cadence (every Friday at 5pm).
- External events (e.g., a Slack message, Outlook email).
- Instructions — its operating manual. Written in natural language, stored on a Notion page (essentially its “system prompt”).
- Access — explicit database and page permissions. This ensures the agent only sees and acts where it’s supposed to.
Unlike personal agents, Custom Agents can:
- Run autonomously without manual prompting.
- Be shared across the entire team.
- Act with surgical precision on databases they’ve been granted access to.
Our Live Use Case: Turning Call Transcripts into Action
At Notioners, one of our biggest portion of the so-called ‘busy work’ has always been extracting and processing tasks from client call transcripts.
Here’s how we’re transforming this workflow with Custom Agents in Notion 3.0:
- Transcript Capture
- Client calls are recorded via a notetaking tool (e.g., Grain, Fathom or Notion Meetings itself).
- The transcript is automatically pushed into our Transcripts Database in Notion (using a connector like Zapier/Make).
- Agent Trigger
- A Custom Agent named Action Item Extractor is set to fire whenever a new transcript page is created in the Transcripts DB.
- Agent Instructions
- Parse the transcript body.
- Identify explicit action items (“We need to…”, “Next step is…”, “Please send…”).
- For each item, create a new row in the Tasks Database.
- Automated Assignment Rules
- Assignee → Automatically set the right Notioners consultant (or the client)
- Watched by → A Person property. Anybody who needs to have access to this task is tagged here (see database row permissions below)
- Organisation (Relation) → Cross-referenced against our Clients DB. The agent scans the transcript for the client’s name, matches it to the Organisation property, and links it.
- Task Title → Generated as a concise summary.
- Task Body → Includes the exact text snippet from the transcript for traceability.
- Execution
Within seconds of a call ending, every action item is in the Client Portal as task from the Task DB: correctly titled, assigned, and accessible from the client via granular permissions on databases. No manual extraction. No human error.
This is the true promise of Notion 3.0: agents that act as operational teammates, continuously trimming away manual busywork and keeping your system in sync with reality.
Granular Database Permissions: A Breakthrough in accessibility to Databases
For years, permissions in Notion were “all or nothing.” Share a database with a client or contractor, and they could see everything (or nothing at all).
With Granular Database Permissions (Row-Level Access), you can now:
- Set the base access for a database (e.g., “Can view” or “No access”).
- Layer rules on top that grant higher permissions at the row level based on a Person property.
Example rule:
“If theOwner
Can edit
Why This Matters
- Client Portals → Share a single Tasks DB with multiple clients. Each client only sees tasks assigned to their organisation.
- HR Databases → Employees can view or edit only their own records.
- Freelancer Access → Contractors can check off only the tasks they own: no visibility into other projects.
Key Technical Principles
- Highest Permission Wins → If a user has multiple overlapping permissions (e.g., group + row rule), they always receive the most permissive one.
- Use Groups Wherever Possible → Manage at the group level (HR, Leadership, Clients) instead of juggling individuals.
- Forms for New Entries → Users with only row access cannot use the “New” button. Solution: route entry creation through a Form, which automatically sets the “Created by” or “Owner” property, triggering the row-level permission rule.
Example: Contractor Editing Their Own Tasks
- Base permission: Can view for all.
- Rule: If Assignee = Contractor, grant Can edit.
- Result: Contractors can update their own tasks but cannot touch anyone else’s.
This was the #2 most requested feature by the community (second only to offline mode), and now it’s live .
Why These Two Features Together Change the Game
Individually, Custom Agents and Granular Permissions are powerful. Combined, they are transformative.
Imagine:
- Your Custom Agent processes a new transcript, generates tasks, and links them to the client organisation.
- The Granular Permissions rules ensure that only the client sees their tasks, only the assignee sees their work, and contractors cannot peek at other projects.
- The system scales from 3 users to 300 without losing control, security, or efficiency.
For companies who’ve hesitated to move fully into Notion due to security or scalability concerns, these two updates remove the final barriers.
Conclusion: A New Era of Workflows
What we saw live at Make with Notion 2025 wasn’t just incremental progress. It was the formal arrival of Notion as a secure, autonomous workspace platform.
- Custom Agents turn Notion into a proactive teammate.
- Granular Permissions unlock secure, scalable collaboration.
For Notioners, this is validation of the direction we’ve always believed in: bespoke, enterprise-ready systems that reduce friction, automate work, and respect granular access boundaries.
We’re already re-architecting client systems to take advantage of these features—and if you’re curious how they could reshape your workflows, let’s talk.