# Authorization


---
[Read in HTML](/developers/faqs/authorizations/)

## In this section

- [Why are my profiles disconnecting from Cronofy?](/developers/faqs/authorizations/disconnection-faqs/index.md) — There are multiple potential reasons behind disconnections between your calendar provider and Cronofy.
- [How to acknowledge a calendar reconnection via Cronofy's API?](/developers/faqs/authorizations/profile-reconnection-process/index.md) — Provides the required flow of steps for a calendar to reconnect after a previous disconnection
- [Why do I keep getting errors.unknown_or_used when requesting an access_token?](/developers/faqs/authorizations/code-unknown-or-used/index.md) — The code that is generated when a user goes through the authorization process is restricted in a number of ways.
- [Why do I get invalid_grant when requesting access token?](/developers/faqs/authorizations/invalid-grant/index.md) — This signifies that the code is unrecognized or has already been used, or that the redirect_uri does not match the one given when requesting the user's authorization.
- [Why do I get the same account_id and refresh_token for different users?](/developers/faqs/authorizations/same-account-id/index.md) — By default when a user authorizes multiple calendar service accounts with your application the Cronofy API links those service accounts under one Cronofy account. This makes sense in production but can create some, on the face of it, odd behaviour in development.
- [Microsoft Outlook.com API deprecation](/developers/faqs/authorizations/outlook-api-deprecation/index.md) — What Cronofy is doing in response to Microsoft deprecating their Outlook.com API later this year
- [Why do I get a CORS error : “No ‘Access-Control-Allow-Origin’ header is present on the requested resource”?](/developers/faqs/authorizations/cors-error/index.md) — If you try to pass an access_token (either personal or generated from an authorization exchange) from a browser XMLHttp request for example you will receive an error.
- [Why do access_tokens expire and how can you refresh them?](/developers/faqs/authorizations/access-token-expiry/index.md) — Our API expires the access_token in order to reduce the risk of your users' calendar data being compromised. When you obtain authorization to access a user's calendar, a refresh_token will be issued alongside the access_token to allow your application to obtain a new access_token without user involvement.
- [Best practices for storing and using authentication tokens](/developers/faqs/authorizations/token-best-practices/index.md) — An overview of the best practices for how to store and use access tokens and refresh tokens.
- [Shared calendars](/developers/faqs/authorizations/shared-calendars/index.md) — The availability of Shared Calendars depends on your connection method.