Individual ConnectRequired plan: Starter
Authorization to access a user’s calendars is done via the OAuth 2.0 protocol, Specifically the “Authorization Code” version of authorization as specified in 4.1 of RFC 6749section).
Find out more in our Authorization introduction.
In This Section
- Request Authorization In order to perform actions on behalf of a user, they must first authorize you to do so.
- Request an Access Token Access Tokens are issued as specified in section 4.1.3 of RFC 6749, authentication is performed by including your client_id and client_secret, as issued by Cronofy, within the body of the request.
- Refresh an Access Token Access Tokens are refreshed as specified in section 6 of RFC 6749, authentication is performed by including your client_id and client_secret, as issued by Cronofy, within the body of the request.
- Revoking Authorization You may wish to revoke your access on behalf of your users rather than directing them to our site, for example when they unsubscribe from your service or no longer want to use your calendar integration features.
- Revoke a Profile Allows your application to revoke access to a specific profile
- Extended Permissions As an extension of the OAuth flow users can be asked to grant unrestricted access to their calendars. This is implemented through a redirect to an additional access page.