Public API

REST API for integrating CalendarPA with Zapier, Make.com, n8n, and custom applications. Requires a Pro plan or higher.

Base URL

https://www.calendarpa.com/api/v1

All endpoints are served over HTTPS. HTTP requests are automatically upgraded.

Authentication

CalendarPA uses the OAuth 2.0 Authorization Code flow. After authorization, include the access token as a Bearer token in every request:

Authorization: Bearer cpa_at_...

OAuth 2.0 Flow

Authorize— Redirect the user to /oauth/authorize with your client_id, redirect_uri, response_type=code, and scope.
Exchange— POST the authorization code to /api/oauth/token with grant_type=authorization_code.
Refresh— When the access token expires, POST to /api/oauth/token with grant_type=refresh_token.
Revoke— POST to /api/oauth/revoke to revoke a token pair.

Scopes

Scope	Grants
bookings:read	List and get bookings
bookings:write	Create and cancel bookings
event_types:read	List and get booking types
contacts:read	List and search contacts
webhooks:manage	Subscribe and unsubscribe webhooks

Endpoints

Account

GET/v1/me

anyCurrent user info

Current user info

Bookings

GET/v1/bookings

bookings:readList bookings

List bookings

GET/v1/bookings/:id

bookings:readGet a booking

Get a booking

POST/v1/bookings

bookings:writeCreate a booking

Create a booking

POST/v1/bookings/:id/cancel

bookings:writeCancel a booking

Cancel a booking

Booking Types

GET/v1/event-types

event_types:readList booking types

List booking types

GET/v1/event-types/:id

event_types:readGet a booking type

Get a booking type

Contacts

GET/v1/contacts

contacts:readList or search contacts

List or search contacts

GET/v1/contacts/:id

contacts:readGet a contact

Get a contact

Webhooks

GET/v1/hooks

webhooks:manageList subscriptions

List subscriptions

POST/v1/hooks

webhooks:manageCreate subscription

Create subscription

DELETE/v1/hooks/:id

webhooks:manageDelete subscription

Delete subscription

Common Parameters

Parameter	Type	Description
limit	integer	Number of results to return (default 25, max 100)
cursor	string	Cursor for pagination (returned in response)
status	string	Filter bookings by status: CONFIRMED, CANCELLED, PENDING
email	string	Search contacts or bookings by invitee email

Create Booking

POST /v1/bookings

Field	Type	Required	Description
event_type_id	string	Yes	Booking type ID
start_time	string	Yes	ISO 8601 datetime (e.g., 2026-03-15T10:00:00Z)
invitee_name	string	Yes	Full name of the invitee
invitee_email	string	Yes	Email address of the invitee
invitee_timezone	string	No	IANA timezone (defaults to host timezone)
notes	string	No	Optional notes from the invitee

Example Request

curl -X POST https://www.calendarpa.com/api/v1/bookings \
  -H "Authorization: Bearer cpa_at_..." \
  -H "Content-Type: application/json" \
  -d '{
    "event_type_id": "et_xyz789",
    "start_time": "2026-03-15T10:00:00Z",
    "invitee_name": "Jane Smith",
    "invitee_email": "jane@example.com",
    "invitee_timezone": "America/New_York"
  }'

Webhook Events

Subscribe to real-time notifications when events occur in your CalendarPA account. Create subscriptions via POST /v1/hooks.

Event	Description
BOOKING_CREATED	A new booking is confirmed
BOOKING_CANCELLED	A booking is cancelled
BOOKING_RESCHEDULED	A booking is rescheduled
BOOKING_APPROVED	A pending booking is approved
BOOKING_DENIED	A pending booking is denied
CONTACT_CREATED	A new contact is created
CONTACT_UPDATED	A contact is updated

Webhook Signing

Every webhook delivery includes an HMAC-SHA256 signature for verification:

Header	Description
X-CalendarPA-Signature	sha256=<hex digest>
X-CalendarPA-Event	Event name (e.g., BOOKING_CREATED)
X-CalendarPA-Delivery	Unique delivery ID
X-CalendarPA-Timestamp	Unix timestamp of delivery

Rate Limits

Endpoint	Limit
All `/v1/*` endpoints	1,000 requests / minute
OAuth token exchange	20 requests / minute
Webhook subscriptions	10 requests / minute

Rate-limited requests return 429 Too Many Requests. Maximum 25 active webhook subscriptions per account.

Error Responses

All errors return a JSON body with an error field:

{
  "error": "Unauthorized",
  "code": "INVALID_TOKEN"
}

Status	Meaning
400	Invalid request (validation error)
401	Missing or invalid access token
403	Insufficient scope or plan
404	Resource not found
429	Rate limit exceeded
500	Internal server error

Third-Party Integrations

CalendarPA integrates with popular automation platforms out of the box:

Zapier— 7 triggers, 2 actions, and 2 searches. Connect CalendarPA to 7,000+ apps.
Make.com — Use CalendarPA as an HTTP module with OAuth2 authentication.
n8n — Use the generic OAuth2 API node with CalendarPA endpoints.

Need Help?

If you have questions about the API or need help with your integration, contact our support team at [email protected]