Cronofy helps software providers quickly and securely gain access to the calendars of their users. Whether it’s surfacing the availability of sales team for appointment booking, organizing interviews based on the live availability of the interviewing panel or automatically organizing one to one meetings between managers and their team in a room that’s free.
Enterprise Connect Overview
Enterprise Connect from Cronofy allows an organization to authorize a software provider access calendars on their company domain. Using Enterprise Connect the administrators of that domain retain full centralized control over which organizations can access which calendars and specifically what data in those calendars will be shared.
Enterprise Connect allows organizations to benefit from the efficiency of connected calendars without compromising on security or control.
Enterprise businesses around the world benefit from the secure calendar connectivity provided by Cronofy Enterprise Connect.
Calendar Provider Support
Enterprise Connect works with:
- G-Suite (Google Apps for Business)
- Microsoft Office 365
- Microsoft Exchange (all versions 2007 SP1 or later)
How Cronofy works
When you grant a software provider access to your calendars using Cronofy, Cronofy acts as a broker of that data between your calendar service and the software provider, only granting the software provider access to the data you have agreed to share.
When a software provider is requesting access to your calendars using Cronofy, they specify the specific level of access to calendars that they would like using Scopes. Once you’ve agreed to this Cronofy will ensure that the only data the software provider will see and the actions they can perform are those which have been agreed to.
You can see the request scopes listed when you go through the process of connecting your calendar service.
The possible scopes are:
Scopes for Accessing Calendar Accounts
- manage linked accounts on your domain
- manage linked resources on your domain
- manage existing calendar events for accounts on your domain
- manage existing calendar events for resources on your domain
Scopes for data that can be accessed and actions which can be performed against each calendar account
- create new calendars
- create calendar events
- delete events that this app creates
- list your calendars
- read your account details
- read events in your calendars
- read free-busy information from your calendars
- change the participation status for an event
Cronofy takes the security of your calendar data seriously. All communications with your calendar service and with the software providers are performed via HTTPS utilizing 128-bit encryption.
All credentials and calendar data within our systems is encrypted at rest with the AES-256-GCM algorithm using a unique, randomly generated salt for each set of sensitive data. All stored data is encrypted at rest.
Cronofy has strict processes for its internal security and commissions regular 3rd party penetration testing.
The Cronofy service is continuously monitored for availability and utilisation by internal and external tools. Current and historic status reports are available at https://status.cronofy.com.
Enterprise Connect has three types of account:
- Service Account – allows for applications to request access to other account types.
- User – an account linked to a user’s calendars.
- Resource – an account linked to a resource (Room or Equipment) calendar.
Cronofy uses the OAuth 2.0 standard as the means for applications to request access to any of these accounts, each account receives its own set of credentials in the form of OAuth 2.0 access and refresh tokens. The access tokens for Service Accounts are shorter-lived due to their more sensitive nature.
The role of the service account is twofold, firstly this establishes the set of permitted scopes an application can request (see Scopes) and secondly to initiate the authorization process for other account types.
More information on our security policies and processes can be found in the Cronofy Security White Paper
Controlling access using the Enterprise Connect Dashboard
Once connected, you can use your Enterprise Connect Dashboard to control which software providers can access your calendar service using Cronofy.
From here you can review and revoke access to applications, revoke access to profiles and relink any profiles.
Granting Access to a service Provider using Enterprise Connect
Your software provider will provide you with a link to follow to connect your calendars with their service. This connection process is hosted by Cronofy and it allows us to gain access to your calendar service and broker that access out to your software provider.
Follow the steps in this connection process to connect your calendar service to the software provider.
Step 1: Choose your calendar service
Microsoft Exchange and Microsoft Office 365 users:
Step 2: Configure your service
First create a user with ApplicationImpersonation role - details on how to do this can be found here: https://msdn.microsoft.com/en-us/library/office/dn722377(v=exchg.150).aspx
This role can be assigned to allow access to a subset of users and or the entire organization as desired.
Then click Connect and enter the details of the new user with the ApplicationImpersonation role
Step 3: Login to your calendar service - Office 365
Step 3: Login to your calendar service - Exchange
Google Apps for Business users:
Step 2: Configure your service
To configure access to calendars hosted by Google an administrator of your Google Apps domain will need to first install the Cronofy application for Google Apps
Please note if a non-administrator user attempts to install the app this will be rejected.
Step 3: Login to your calendar service
Login as normal with your Google administrator account