Cronofy Calendar API
Cronofy provides a real-time unified calendar sync API with sub-second change notification, an Availability Query API for scheduling across multiple participants and calendars, and embeddable scheduling UI elements — all connected via OAuth2 to Google Calendar, Outlook, Exchange, Apple Calendar, and others.
Score Breakdown
⚙ Agent Friendliness
🔒 Security
SOC2 Type II and ISO27001 certified. OAuth scope granularity is good — agents can request free/busy-only access without full calendar write permissions. Element Tokens prevent OAuth token exposure in browser contexts.
⚡ Reliability
Best When
An agent needs real-time calendar change detection and availability querying across multiple providers and participants, especially in enterprise scheduling contexts with Exchange and Microsoft 365.
Avoid When
You need email functionality alongside calendar, are building a single-provider integration, or need a low-cost solution for consumer-scale applications.
Use Cases
- • Scheduling meetings across multiple participants by querying real-time availability from all their connected calendars
- • Receiving sub-second push notifications when any connected user's calendar changes to trigger agent workflows
- • Creating, updating, and deleting calendar events across Google Calendar, Outlook, and Exchange from a single API
- • Embedding a scheduling UI (Element Token) into an application for end users to self-select available times
- • Enterprise calendar sync for large organizations needing consolidated availability across Exchange and Microsoft 365
Not For
- • Email read/send workflows — Cronofy is calendar-only, use Nylas for combined calendar and email
- • Simple single-provider calendar integration where direct Google Calendar or Microsoft Graph API is sufficient
- • Agents needing free-tier usage at scale — Cronofy pricing is enterprise-oriented
Interface
Authentication
OAuth2 for connecting end-user calendar accounts; yields a long-lived access token + refresh token per user. Element Tokens are short-lived JWTs issued server-side for embedding scheduling UI without exposing OAuth tokens to the browser. Application-level calls use the client ID and secret. Scopes control read, free/busy, and write access separately.
Pricing
Pricing is enterprise-oriented and not publicly listed for higher tiers — requires contacting sales. Developer plan is sufficient for integration testing. Cronofy targets B2B scheduling use cases so pricing reflects enterprise sales expectations.
Agent Metadata
Known Gotchas
- ⚠ Push notification channel subscriptions expire and must be renewed — agents that miss a renewal window will silently stop receiving calendar change events
- ⚠ Availability Query API results reflect provider-side free/busy data which may be stale by minutes on slow providers like Exchange on-premise
- ⚠ OAuth access tokens have a short lifetime (1 hour typical) — agents must implement refresh token rotation or face authentication failures
- ⚠ Event IDs must be application-managed (not provider-assigned) for idempotent upserts — agents that don't set event_id risk duplicates on retry
- ⚠ Real-time push notifications require a publicly accessible HTTPS endpoint — agents running locally or behind a firewall must use a tunnel or polling fallback
Alternatives
Full Evaluation Report
Detailed scoring breakdown, competitive positioning, security analysis, and improvement recommendations for Cronofy Calendar API.
Scores are editorial opinions as of 2026-03-06.