Authorization Linking ^ALPHA

Description #

By default, Cronofy implicitly links calendar accounts that authorize using the same browser. The mechanism used is a persistent cookie.

This feature allows the calling application request that the calendar account authorized to be explicitly linked to a pre-existing Cronofy account. This enables combining authorizations across different devices.

The mechanism used is the generation of a temporary link_token which is passed to the authorization page to identify the account to be linked to.

This is an experimental feature and is enabled on a per application basis. Contact support@cronofy.com if you would like access to this.

Generating a Link Token #

Using the access_token for the pre-existing account you wish to link, POST to the /v1/link_tokens endpoint.

The response will contain the link_token.

Example Request #

POST /v1/link_tokens HTTP/1.1
HOST: api.cronofy.com
Content-Type: application/json; charset=utf-8
Authorization: Bearer {ACCESS_TOKEN}

Example Response #

HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8

{
    "link_token" : "{LINK_TOKEN}"
}

Requesting a Linked Authorization #

The link_token is then passed as an additional query string parameter to the authorization request URL, eg:

https://app.cronofy.com/oauth/authorize
    ?response_type=code
    &client_id={CLIENT_ID}
    &redirect_uri={REDIRECT_URI}
    &scope={SCOPE}
    &state={STATE}
    &link_token={LINK_TOKEN}

See Request Authorization