Platform / Managed Users
Force refresh tokens
Getting Started
Platform / Managed Users
Platform / Webhooks
Orgs / Attributes
Orgs / Attributes / Options
Orgs / Bookings
Orgs / Delegation Credentials
Orgs / Memberships
Orgs / Orgs
Orgs / Schedules
Orgs / Teams
Orgs / Teams / Bookings
Orgs / Teams / Event Types
Orgs / Teams / Memberships
Orgs / Teams / Routing forms / Responses
Orgs / Teams / Users / Schedules
Orgs / Users / OOO
Orgs / Users / Schedules
Orgs / Webhooks
Api Keys
Bookings
- GETGet all bookings
- POSTCreate a booking
- GETGet a booking
- POSTReschedule a booking
- POSTCancel a booking
- POSTMark a booking absence - provided authorization header refers to owner of the booking.
- POSTAutomatically reassign booking to a new host automatically - provided authorization header refers to person who reassigned the booking.
- POSTReassign a booking to a specific user specified by the :userId - provided authorization header refers to person who reassigned the booking.
- POSTConfirm booking that requires a confirmation - provided authorization header refers to owner of the booking.
- POSTDecline booking that requires a confirmation - provided authorization header refers to owner of the booking.
- GETGet 'Add to Calendar' links for a booking
Calendars
Conferencing
Destination Calendars
Event Types
Event Types / Webhooks
OAuth Clients
Organizations/Teams Conferencing
Schedules
Selected Calendars
Slots
Stripe
Teams / Event Types
Teams / Memberships
Platform / Managed Users
Force refresh tokens
If you have lost managed user access or refresh token, then you can get new ones by using OAuth credentials. Access token is valid for 60 minutes and refresh token for 1 year. Make sure to store them in your database, for example, in your User database model calAccessToken and calRefreshToken fields.
Response also contains accessTokenExpiresAt and refreshTokenExpiresAt fields, but if you decode the jwt token the payload will contain clientId (OAuth client ID), ownerId (user to whom token belongs ID), iat (issued at time) and expiresAt (when does the token expire) fields.
POST
/
v2
/
oauth-clients
/
{clientId}
/
users
/
{userId}
/
force-refresh
curl --request POST \
--url https://api.cal.com/v2/oauth-clients/{clientId}/users/{userId}/force-refresh \
--header 'x-cal-secret-key: <x-cal-secret-key>'{
"status": "success",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"accessTokenExpiresAt": 123,
"refreshTokenExpiresAt": 123
}
}Headers
OAuth client secret key
Response
200 - application/json
Available options:
success, error Example:
"success"
Was this page helpful?
curl --request POST \
--url https://api.cal.com/v2/oauth-clients/{clientId}/users/{userId}/force-refresh \
--header 'x-cal-secret-key: <x-cal-secret-key>'{
"status": "success",
"data": {
"accessToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"refreshToken": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9",
"accessTokenExpiresAt": 123,
"refreshTokenExpiresAt": 123
}
}