Developer FAQs

How do I verify my application for production?

In order to verify your application, please email support@cronofy.com with your Application Client ID and the possible redirect_uri values you will be using with the request authorization flow.

What if my authorization URL is dynamic?

Any dynamic values you need for your authorization process, can be passed through the process using the state parameter.

Why are my profiles disconnecting from Cronofy?

There are multiple potential reasons behind disconnections between your calendar provider and Cronofy.

Why aren’t my events appearing when I read a user’s events?

By default we don’t return events your application has created when you query the Read Events endpoint.

What should I do if I need to revoke all authorizations for my application?

It is not possible to revoke authorizations in bulk. This is a deliberate decision to avoid the possibility of revoking multiple authorizations by mistake, so the only way to revoke multiple authorizations is to use our Revoke Authorization API for every user account that needs to be revoked.

Why do I keep getting errors.unknown_or_used when requesting an access_token?

The code that is generated when a user goes through the authorization process is restricted in a number of ways. This error means one of two things:

Why do you need access to my Google Drive?

This level of authorization is required to attach files to any new events in order to process it through our API call.

How does Cronofy handle Daylight Saving Time?

Cronofy specifies all event times in UTC (Coordinated Universal Time). The UTC time defines when the event starts.

Events can also specify the timezone that they should be displayed in when shown to users. When you provide the Cronofy API with a timezone for an event, we send this information to the calendar provider, and the calendar provider will handle how best to display the event. The specified timezone does not change when the event is occuring.

This allows calendar viewers, such as Google Calendar or Microsoft Outlook, to show that events have a specified timezone, which can be useful to convey the local time of the host or the location of the event.

Why do I get invalid_grant when requesting access token?

This signifies that the code is unrecognized or has already been used, or that the redirect_uri does not match the one given when requesting the user’s authorization.

Why do I get the same account_id and refresh_token for different users?

By default when a user authorizes multiple calendar service accounts with your application the Cronofy API links those service accounts under one Cronofy account. This makes sense in production but can create some, on the face of it, odd behaviour in development.

Why do I get duplicate events?

If you’re getting duplicated events when you edit existing events, it may be because of how you’re using event_id and event_uid values.

How can events be evenly distributed across multiple recipients?

When making Availability Queries to create events for a team of people, it can be common to want to assign those events evenly.

For example, if Alice and Bob are being chosen to hold interviews and Alice has 3 more booked than Bob, we might want to make Bob more likely to be chosen. However, we don’t want to remove Alice from the Availability Query until Bob catches up, in case Alice can offer a time that Bob is not available. We still want to fall back to Alice if Bob isn’t available.

Microsoft Outlook.com API deprecation

What would be the recommended way to sync all events inside an end users calendar with my application?

By utilising Push Notifications, Read Events, and regular weekly syncs you will be certain that all events are pushed across from the Calendar Provider to your application.

Why am I getting no conferencing dial-in details on my event?

Some common issues we’ve seen for each conferencing provider.

Why do I get a CORS error : “No ‘Access-Control-Allow-Origin’ header is present on the requested resource”?

If you try to pass an access_token (either personal or generated from an authorization exchange) from a browser XMLHttp request for example you will receive an error:

No 'Access-Control-Allow-Origin' header is present on the requested resource

or

The 'Access-Control-Allow-Origin' header has a value that is not equal to the supplied origin

Will I receive notifications for events that are newly created?

Assuming you are subscribed to all events ,including external, you will receive notifications about newly created events.

How do I get my customers to add Cronofy to their list of allowed Microsoft Graph Applications?

IT Administrators might have to go through an extra step in order to add Cronofy to their list of allowed Microsoft Graph Applications. You will need to send your customers an admin consent link - found in the Credentials section of the Cronofy Portal - and have them manually approve access.

Why do access_tokens expire and how can you refresh them?

Our API expires the access_token in order to reduce the risk of your users’ calendar data being compromised. When you obtain authorization to access a user’s calendar, a refresh_token will be issued alongside the access_token to allow your application to obtain a new access_token without user involvement.

Why do I only get 20 results from an Availability query?

By default we only return 20 slots or periods from an Availability query. You can change this by using the max_results parameter.

Why doesn't Cronofy issue event ids?

We don’t issue IDs to events, instead we require that developers provide an event_idwhen upserting an event to a user’s calendar. This is then used to identify the event when making subsquent updates/deletes.

Are GCC High Tenants supported?

As GCC High is a government system, we don’t have the approval to use it for testing purposes so we cannot guarantee that it can always be connected.

However, in some cases this is possible to set up but we need to have access to your Exchange/Office365 tenant and be able to connect to it, so you would need to allow Cronofy’s access in any external connections’ security policies you might have.

To do this you will need to follow some specific steps:

What is the difference between event_id and event_uid

The event_id is only used for events that your application creates, what we call managed events. This is an ID that your application specifies. We use it as a key for an application’s managed events.

Why can't I avoid notifying attendees when updating an event?

While some calendar providers allow you to suppress notifications being sent to attendees when an event is changed, not all do.

This means any change may result in notifications, and so your application integration should account for them being sent.

Do Applications Calendars count towards synced users?

Application Calendars are billed separately to synced users/accounts. Each plan comes with an included allowance of Application Calendars and an overage rate that applies if you use more than that.

What counts as a synced user towards the pricing plan user cap?

End Users are billed per OAuth client per month. Each plan comes with an included allowance of synced users and an overage rate that applies if you use more than that.

We will count the total synced users from all applications in production under the same billing Organisational Unit (OU).

Why can I use integrated conferencing with Graph API if MS Teams is disabled for an account?

Microsoft Teams license is linked not only to a specific license held by the user, but it is also linked to a Microsoft Teams Meeting Policy, which is a global policy that is active by default for all users.

To disable Microsoft Teams for certain users, these users will need to have a new Teams Meeting Policy applied to their accounts.

Why do events in secondary Google calendars appear in my primary calendar too?

Due to the original implementation of Google Calendars, and to provide consistency with Microsoft calendar behaviour, Cronofy adds the primary calendar as the event Organizer.