A guide for admins of domains on granting access to the calendars of their organization to Bookafy using Enterprise Connect
Enterprise Connect from Bookafy allows an organization to authorize a software provider access calendars on their company domain. Using Enterprise Connect the administrators of that domain retain full centralized control over which organizations can access which calendars and specifically what data in those calendars will be shared.
Enterprise Connect allows organizations to benefit from the efficiency of connected calendars without compromising on security or control.
Enterprise businesses around the world benefit from the secure calendar connectivity provided by Bookafy Enterprise Connect.
Enterprise Connect works with:
When you grant a software provider access to your calendars using Bookafy, Bookafy acts as a broker of that data between your calendar service and the software provider, only granting the software provider access to the data you have agreed to share.
When a software provider is requesting access to your calendars using Bookafy, they specify the specific level of access to calendars that they would like using Scopes. Once you’ve agreed to this Bookafy will ensure that the only data the software provider will see and the actions they can perform are those which have been agreed to.
You can see the request scopes listed when you go through the process of connecting your calendar service.
The possible scopes are:
Scopes for Accessing Calendar Accounts
Scopes for data that can be accessed and actions which can be performed against each calendar account
Bookafy takes the security of your calendar data seriously. All communications with your calendar service and with the software providers are performed via HTTPS utilizing 128-bit encryption.
All credentials and calendar data within our systems is encrypted at rest with the AES-256-GCM algorithm using a unique, randomly generated salt for each set of sensitive data. All stored data is encrypted at rest.
Bookafy has strict processes for its internal security and commissions regular 3rd party penetration testing.
The Bookafy service is continuously monitored for availability and utilisation by internal and external tools. Current and historic status reports are available upon request.
Enterprise Connect has three types of account:
Bookafy uses the OAuth 2.0 standard as the means for applications to request access to any of these accounts, each account receives its own set of credentials in the form of OAuth 2.0 access and refresh tokens. The access tokens for Service Accounts are shorter-lived due to their more sensitive nature.
The role of the service account is twofold, firstly this establishes the set of permitted scopes an application can request (see Scopes) and secondly to initiate the authorization process for other account types.
More information on our security policies and processes can be found in the Bookafy Security White Paper
Once connected, you can use your Enterprise Connect Dashboard to control which software providers can access your calendar service using Bookafy.
From here you can review and revoke access to applications, revoke access to profiles and relink any profiles.
Your software provider will provide you with a link to follow to connect your calendars with their service. This connection process is hosted by Bookafy and it allows us to gain access to your calendar service and broker that access out to your software provider.
Follow the steps in this connection process to connect your calendar service to the software provider.
Step 1: Choose your calendar service
Step 2: Configure your service
First create a user with ApplicationImpersonation role – details on how to do this can be found here: https://msdn.microsoft.com/en-us/library/office/dn722377(v=exchg.150).aspx
This role can be assigned to allow access to a subset of users and or the entire organization as desired.
Then click Connect and enter the details of the new user with the ApplicationImpersonation role
Step 3: Login to your calendar service – Office 365
Step 3: Login to your calendar service – Exchange
Step 2: Configure your service
To configure access to calendars hosted by Google an administrator of your Google Apps domain will need to first install the Bookafy application for Google Apps
Please note if a non-administrator user attempts to install the app this will be rejected.
Step 3: Login to your calendar service
Login as normal with your Google administrator account