Request AuthorizationRequired plan: Scheduler
In order to perform actions on behalf of a user, they must first authorize you to do so.
This will issue you a short-lived, single-use
code that you will be able to exchange for an
refresh_token for the user.
Example request URL #
The parameters are encoded in the querystring as specified in appendix B of RFC 6749. Additional linebreaks are added to the request’s path for clarity.
Request URL parameters #
response_type required #
Must always be
code as that is the only grant type supported by Cronofy.
client_id required #
client_id issued to you by Cronofy to authenticate your OAuth Client. Authenticates you as a trusted client.
redirect_uri required #
The HTTP or HTTPS URI you wish the user’s authorization request decision to be redirected to.
scope required #
The scope of the privileges you want the eventual
access_token to grant. Only one scope is currently supported:
- organizational_unit_scheduler to allow access to the user’s Cronofy Organizational Unit configuration and to create Scheduling Requests.
state optional #
A value that will be returned to you unaltered along with the user’s authorization request decision.
The OAuth 2.0 RFC recommends using this to prevent cross-site request forgery.
locale optional #
String value for the locale to use for display purposes. If not provided we will use the locale provided by their browser. In general you will not want to supply this and instead rely on the user’s browser to provide the correct locale.
Currently supported locales are:
enUS English (default)
Response URL parameters #
You will not receive a direct response to your Authorization Request, instead the user will be redirected to the
REDIRECT_URI with additional querystring parameters specified.
The responses are fully specified in section 4.1.2 of RFC 6749.
Successful response #
A short-lived, single-use
code to be used to make an Access Token Request.
Will always be 32 character
String of ASCII characters.
The value you passed for the
state within the authorization request.
Error response #
A single ASCII error code. The complete list is within section 18.104.22.168 of RFC 6749, these are the most commonly encountered:
- access_denied the user declined your request
- unsupported_response_type your request’s
- invalid_scope no valid scopes were specified in your request’s