Authorization Linking ALPHA

Required plan: Emerging

Description #

By default, Cronofy implicitly links calendar accounts that authorize using the same browser. The mechanism used is a persistent cookie.

This feature allows the calling application request that the calendar account authorized to be explicitly linked to a pre-existing Cronofy account. This enables combining authorizations across different devices.

The mechanism used is the generation of a temporary link_token which is passed to the authorization page to identify the account to be linked to.

This is an experimental feature and is enabled on a per application basis.

If you would like to get access, please contact support@cronofy.com and specify the Client ID of your application.

Using the access_token for the pre-existing account you wish to link, POST to the /v1/link_tokens endpoint.

The response will contain the link_token.

Example Request #

POST /v1/link_tokens HTTP/1.1
HOST: {data_center_url}
Content-Type: application/json; charset=utf-8
Authorization: Bearer {ACCESS_TOKEN}

Example Response #

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
    "link_token" : "{LINK_TOKEN}"
}

Request parameters #

data_center_url required

The URL for the data center you want to communicate with. Possible choices are:

  • api-au.cronofy.com - πŸ‡¦πŸ‡Ί Australia
  • api-ca.cronofy.com - πŸ‡¨πŸ‡¦ Canada
  • api-de.cronofy.com - πŸ‡©πŸ‡ͺ Germany
  • api-sg.cronofy.com - πŸ‡ΈπŸ‡¬ Singapore
  • api-uk.cronofy.com - πŸ‡¬πŸ‡§ United Kingdom
  • api.cronofy.com - πŸ‡ΊπŸ‡Έ United States

Find out more about Cronofy's data centers.

Requesting a Linked Authorization #

The link_token is then passed as an additional query string parameter to the authorization request URL, eg:

https://app.cronofy.com/oauth/authorize
    ?response_type=code
    &client_id={CLIENT_ID}
    &redirect_uri={REDIRECT_URI}
    &scope={SCOPE}
    &state={STATE}
    &link_token={LINK_TOKEN}

See Request Authorization