Authorization

Why are my profiles disconnecting from Cronofy?

There are multiple potential reasons behind disconnections between your calendar provider and Cronofy.

Read More

How to acknowledge a calendar reconnection via Cronofy's API?

Profiles can become disconnected between Cronofy and the Calendar server.

Read More

Why do I keep getting errors.unknown_or_used when requesting an access_token?

The code that is generated when a user goes through the authorization process is restricted in a number of ways. This error means one of two things:

Read More

Why do I get invalid_grant when requesting access token?

This signifies that the code is unrecognized or has already been used, or that the redirect_uri does not match the one given when requesting the user’s authorization.

Read More

Why do I get the same account_id and refresh_token for different users?

By default when a user authorizes multiple calendar service accounts with your application the Cronofy API links those service accounts under one Cronofy account. This makes sense in production but can create some, on the face of it, odd behaviour in development.

Read More

Microsoft Outlook.com API deprecation

This page describes what Cronofy is doing in response to Microsoft deprecating their Outlook.com API in 2022.

Read More

Why do I get a CORS error : “No ‘Access-Control-Allow-Origin’ header is present on the requested resource”?

If you try to pass an access_token (either personal or generated from an authorization exchange) from a browser XMLHttp request for example you will receive an error:

No 'Access-Control-Allow-Origin' header is present on the requested resource

or

The 'Access-Control-Allow-Origin' header has a value that is not equal to the supplied origin
Read More

Why do access_tokens expire and how can you refresh them?

Our API expires the access_token in order to reduce the risk of your users’ calendar data being compromised. When you obtain authorization to access a user’s calendar, a refresh_token will be issued alongside the access_token to allow your application to obtain a new access_token without user involvement.

Read More

Best practices for storing and using authentication tokens

The majority of APIs Cronofy provides make use of two different authorization models: “Application level”, and “User level”. Both require you to store and make use of a secret value that you will need to securely store.

Read More

Shared calendars

The process of connecting a shared calendar will depend on whether you’re connecting the calendar individually or via an organization.

Read More