Calendly logoCalendly logo
Developer

When to choose between personal access tokens and OAuth 2.0 to authenticate requests

Personal access tokens

If you need to securely share data from your or your company’s Calendly account with an internal or private application that’s not for use by others outside of your company, then use personal access tokens. They are unique and not meant to be shared with public sources or reused across applications.

Use personal access tokens when you’re:

  • Testing out Calendly’s API endpoints in a local development environment

  • Building a reporting dashboard to reflect meetings your company has scheduled

  • Pushing Calendly event and invitee data into your company’s CRM

To get started, see

How to authenticate with personal access tokens.

OAuth 2.0

If you need to provide a way for Calendly members to securely share their Calendly account data with a public application you’ve built, then use OAuth 2.0. Once you register your application for authentication, you’ll receive a Client ID and Client Secret from the developer support team within one business day that you can use to authenticate your application to the Calendly API v2.

Use OAuth 2.0 when you’re authenticating:

  • An application that allows your customers to get easy access to their Calendly event type links to share as they respond to support tickets

  • An application that creates an agenda each time your customer’s clients schedule a meeting with them

  • An application that contacts your customer’s Calendly invitees

To get started, see

How to authenticate with OAuth 2.0.