Request Service Account Authorization

Description

In order to gain access to the calendars of a domain with an Enterprise Connect account it must be authorized by an administrator of that domain.

Example Request

https://app.cronofy.com/enterprise_connect/oauth/authorize
    ?response_type=code
    &client_id={CLIENT_ID}
    &redirect_uri={REDIRECT_URI}
    &scope={SCOPE}
    &delegated_scope={DELEGATED_SCOPE}
    &state={STATE}

Note that the URL for this method differs from that used when authorizing an individual calendar account.

Scopes

The scope of the privileges you want the Enterprise Connect account to be granted. At least one of the following scopes must be requested:

  • service_account/accounts/manage to allow authorization of accounts
  • service_account/accounts/unrestricted_access to allow elevation of access for accounts
  • service_account/resources/manage to allow authorization of resources
  • service_account/resources/unrestricted_access to allow elevation of access for resources

Delegated scopes

The scope of the privileges that can be granted when requesting access to users and resources. Examples include:

See the full scope list and documentation for more information.

Response URL parameters

You will not receive a direct response to your authorization request, instead the administrator will be redirected to the redirect_uri with additional querystring parameters specified.

The responses are fully specified in section 4.1.2 of RFC 6749.

Successful response

code  #

A short-lived, single-use code to be used to make an Access Token Request.

Will always be 32 character String of ASCII characters.

state  #

The value you passed for the state within the authorization request.

Error response

error  #

A single ASCII error code. The complete list is within section 4.1.2.1 of RFC 6749, these are the most commonly encountered:

  • access_denied the administrator declined your request
  • unsupported_response_type your request’s response_type was not code
  • invalid_scope no valid scopes were specified in your request’s scope
Search