👤 Audience
This article is for tenant admins who want to integrate their Outlook Web calendar systems (powered by Microsoft Exchange Online) with 10KC so their employees can easily book meetings with each other via 10KC platform. Learn more about the employee user experience and benefits of calendar integration here.
Note: 10KC does not integrate with Exchange On-prem calendar systems.
âś… Steps
10KC’s Enterprise Application needs to be granted permission in Azure Active Directory (Azure AD) to enable the calendar integration. This application will access the Outlook calendars of the employees to find free / busy times and create events.
-
Click on Integrations under Admin settings. Select Microsoft under Calendar provider, enter the Azure AD Tenant ID (steps to find this) and click on Save.
-
You can choose between Domain-wide integration (recommended) or Individual / Delegated integration.
-
Clicking on either option will take you to a screen to log in to your organization’s Microsoft account. After logging in to the account, you will get a prompt to give 10KC application access to the organization’s calendar.
-
Clicking on Accept will connect 10KC with your organization’s calendar system
-
You can close this tab and go back to the Integrations settings to see that calendar integration is now enabled for your 10KC account
Types of Integrations
Domain-wide (recommended)
Gives 10KC access to all member calendars without requiring the members to connect their calendars individually.
Individual / Delegated
Members need to give 10KC access to their calendars individually for them to be able to take advantage of the integration.
APIs & Permissions
-
For Domain-wide integration 10KC uses getSchedule API* to find, calculate and suggest meeting times based on organizer and attendee availability, and timezone constraints specified as parameters.
-
For Individual / Delegated integration 10KC uses findMeetingTimes* to suggest meeting times based on organizer and attendee availability, and timezone constraints specified as parameters..
-
Based on the selected time, 10KC uses create event API* to create a new event in the calendars of both the organizer and the attendee
-
10KC also uses the get event API* to only read events created by the 10KC application.
Note - Response data from 4. does not expose any confidential meeting details. A sample response can be found here.
*Microsoft Graph REST API v1.0
These API endpoints require the following calendar permissions:
-
Calendars.Read - used by 10KC app to read events in member calendars
-
Calendars.ReadWrite - used by 10KC app to create and read events in member calendars
Security Considerations
Microsoft Partner Network
10KC is a verified Microsoft Partner with access to benefits like comprehensive technical extensibility and secure foundation to build robust solutions for our customers.
Calendar Access
10KC’s calendar integration will only work for employees who use the 10KC application and explicitly grant access to their calendars. This integration will not impact any employee who is not a 10KC user.
For domain-wide integration, you can also use mail enabled security groups in AzureAD so 10KC calendar integration will only work for employees in the security group and not affect anyone else.
Data Usage
For viewing available times, 10KC uses Microsoft's getSchedule API which doesn't expose any calendar event data other than when people are free.
For creating events, 10KC uses Microsoft’s create event API which creates calendar events where data is stored in Outlook.
For reading events, 10KC used Microsoft’s get event API but only for events created by the 10KC application. Moreover, response data from this endpoint does not expose any confidential meeting details.
10KC uses calendar permissions only to optimize the user experience of the members using the 10KC application. 10KC never uses this integration for purposes unrelated to booking meetings.
Security Measures
10KC has strict security policies and we follow all best practices like annual pen-testing, annual internal audit, third party SOC2 audit and aligning with regional data privacy requirements. We take credentials very seriously, only ever using them for signed-in members booking meetings with other members.
FAQs
Click here
Comments
0 comments
Please sign in to leave a comment.