Skip to main content
POST
/
v2
/
event-types
/
{eventTypeId}
/
private-links
Create a private link for an event type
curl --request POST \
  --url https://api.cal.com/v2/event-types/{eventTypeId}/private-links \
  --header 'Authorization: <authorization>' \
  --header 'Content-Type: application/json' \
  --header 'cal-api-version: <cal-api-version>' \
  --data '
{
  "expiresAt": "2024-12-31T23:59:59.000Z",
  "maxUsageCount": 10
}
'
import requests

url = "https://api.cal.com/v2/event-types/{eventTypeId}/private-links"

payload = {
"expiresAt": "2024-12-31T23:59:59.000Z",
"maxUsageCount": 10
}
headers = {
"cal-api-version": "<cal-api-version>",
"Authorization": "<authorization>",
"Content-Type": "application/json"
}

response = requests.post(url, json=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {
'cal-api-version': '<cal-api-version>',
Authorization: '<authorization>',
'Content-Type': 'application/json'
},
body: JSON.stringify({expiresAt: '2024-12-31T23:59:59.000Z', maxUsageCount: 10})
};

fetch('https://api.cal.com/v2/event-types/{eventTypeId}/private-links', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.cal.com/v2/event-types/{eventTypeId}/private-links",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => json_encode([
'expiresAt' => '2024-12-31T23:59:59.000Z',
'maxUsageCount' => 10
]),
CURLOPT_HTTPHEADER => [
"Authorization: <authorization>",
"Content-Type: application/json",
"cal-api-version: <cal-api-version>"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.cal.com/v2/event-types/{eventTypeId}/private-links"

payload := strings.NewReader("{\n \"expiresAt\": \"2024-12-31T23:59:59.000Z\",\n \"maxUsageCount\": 10\n}")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("cal-api-version", "<cal-api-version>")
req.Header.Add("Authorization", "<authorization>")
req.Header.Add("Content-Type", "application/json")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.cal.com/v2/event-types/{eventTypeId}/private-links")
.header("cal-api-version", "<cal-api-version>")
.header("Authorization", "<authorization>")
.header("Content-Type", "application/json")
.body("{\n \"expiresAt\": \"2024-12-31T23:59:59.000Z\",\n \"maxUsageCount\": 10\n}")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.cal.com/v2/event-types/{eventTypeId}/private-links")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["cal-api-version"] = '<cal-api-version>'
request["Authorization"] = '<authorization>'
request["Content-Type"] = 'application/json'
request.body = "{\n \"expiresAt\": \"2024-12-31T23:59:59.000Z\",\n \"maxUsageCount\": 10\n}"

response = http.request(request)
puts response.read_body
{
  "status": "success",
  "data": {
    "linkId": "abc123def456",
    "eventTypeId": 123,
    "isExpired": false,
    "bookingUrl": "https://cal.com/d/abc123def456",
    "expiresAt": "2025-12-31T23:59:59.000Z"
  }
}

Headers

cal-api-version
string
default:2024-09-04
required

Must be set to 2024-09-04. Returns the full booking URL including org slug and event slug.

Authorization
string
required

value must be Bearer <token> where <token> is api key prefixed with cal_, managed user access token, or OAuth access token

Path Parameters

eventTypeId
number
required

Body

application/json
expiresAt
string<date-time>

Expiration date for time-based links

Example:

"2024-12-31T23:59:59.000Z"

maxUsageCount
number
default:1

Maximum number of times the link can be used. Pass -1 to opt out of the count cap (the link is then gated only by expiresAt, or unbounded if that is also unset). If omitted and expiresAt is not provided, defaults to 1 (one time use).

Example:

10

Response

201 - application/json
status
string
required

Response status

Example:

"success"

data
object
required

Created private link data (either time-based or usage-based)