# Individual Connect

Authorization to access a user's calendars is done via the [OAuth 2.0 protocol](https://www.rfc-editor.org/rfc/rfc6749), Specifically the ["Authorization Code" version of authorization](https://www.rfc-editor.org/rfc/rfc6749#section-1.3.1) as specified in [4.1 of RFC 6749](https://www.rfc-editor.org/rfc/rfc6749#section-4.1)section).

Find out more in our [Authorization introduction](/developers/authorization/index.md).


---
[Read in HTML](/developers/api/authorization/)

## In this section

- [Request Authorization](/developers/api/authorization/request-authorization/index.md) — In order to perform actions on behalf of a user, they must first authorize you to do so.
- [Request an Access Token](/developers/api/authorization/request-token/index.md) — Access Tokens are issued as specified in section 4.1.3 of RFC 6749, authentication is performed by including your client_id and client_secret, as issued by Cronofy, within the body of the request.
- [Refresh an Access Token](/developers/api/authorization/refresh-token/index.md) — Access Tokens are refreshed as specified in section 6 of RFC 6749, authentication is performed by including your client_id and client_secret, as issued by Cronofy, within the body of the request.
- [Revoking Authorization](/developers/api/authorization/revoke/index.md) — You may wish to revoke your access on behalf of your users rather than directing them to our site, for example when they unsubscribe from your service or no longer want to use your calendar integration features.
- [Revoke a Profile](/developers/api/authorization/revoke-profile/index.md) — Allows your application to revoke access to a specific profile
- [Extended Permissions](/developers/api/authorization/extended-permissions/index.md) — As an extension of the OAuth flow users can be asked to grant unrestricted access to their calendars. This is implemented through a redirect to an additional access page.