Which Graph scopes does Cronofy utilize?

Cronofy utilizes Microsoft’s Graph API to access Exchange and Office365 data about Users, Organizations, Resources and their Calendar data.

When a user is authenticating themselves via Individual Connect, Cronofy requests access to their profile and their calendar.

When using Enterprise Connect to connect your organization, Cronofy requests access to list users & resources, organization information, and calendars.

Graph Scopes (Individual Connect) #

Cronofy requests the following scopes from individuals when connecting via Individal Connect:

  • User.Read to read profile information
  • Calendars.ReadWrite to have full access to calendars

Graph Scopes (Enterprise Connect) #

Cronofy requests the following scopes when connecting via Enterprise Connect:

  • User.Read.All to read your organization’s users’ profiles
  • Organization.Read.All to read organization information
  • Places.Read.All to list the rooms & resource calendars available in the organization
  • Calendars.ReadWrite to have full access to user calendars

You may limit which users’ data Cronofy is able to access by following this guide.

Further reading #

Further information about the above listed scopes can be found at Microsoft Graph permissions reference