Which Graph scopes does Cronofy utilize?
Cronofy utilizes Microsoft’s Graph API to access Exchange and Office365 data about Users, Organizations, Resources and their Calendar data.
When a user is authenticating themselves via Individual Connect, Cronofy requests access to their profile and their calendar.
When using Enterprise Connect to connect your organization, Cronofy requests access to list users & resources, organization information, and calendars.
Graph Scopes (Individual Connect) #
Cronofy requests the following scopes from individuals when connecting via Individal Connect:
- User.Read to read profile information
- Calendars.ReadWrite to have full access to calendars
Graph Scopes (Enterprise Connect) #
Cronofy requests the following scopes when connecting via Enterprise Connect:
- User.Read.All to read your organization’s users’ profiles
- Organization.Read.All to read organization information
- Places.Read.All to list the rooms & resource calendars available in the organization
- Calendars.ReadWrite to have full access to user calendars
You may limit which users’ data Cronofy is able to access by following this guide.
Further reading #
Further information about the above listed scopes can be found at Microsoft Graph permissions reference