OAuth Integration Guide
Understand how OAuth works in meetergo integrations and how to build OAuth-connected apps
meetergo uses OAuth 2.0 to connect with external services like calendars, video conferencing, and CRM systems. This guide explains how OAuth integrations work and how to troubleshoot connection issues.
How OAuth Works in meetergo
The OAuth Flow
When you connect an integration (like Google Calendar), this happens:
- Authorization Request: You click "Connect" and are redirected to the service (e.g., Google)
- User Consent: You grant meetergo permission to access specific data
- Authorization Code: The service sends a code back to meetergo
- Token Exchange: meetergo exchanges the code for access tokens
- Connection Stored: Tokens are securely stored for ongoing access
What meetergo Requests
Different integrations request different permissions:
Calendar Integrations
| Service | Permissions |
|---|---|
| Google Calendar | Read/write calendar events |
| Microsoft Outlook | Read/write calendar, profile info |
| Apple iCloud | CalDAV access to calendars |
Video Conferencing
| Service | Permissions |
|---|---|
| Zoom | Create and manage meetings |
| Microsoft Teams | Create meeting links |
CRM Integrations
| Service | Permissions |
|---|---|
| HubSpot | Create/update contacts, deals |
| Pipedrive | Access contacts, deals, activities |
| Salesforce | Read/write objects based on setup |
Managing OAuth Connections
View Connected Services
- Go to Settings → Integrations
- See all connected services
- Check connection status (active, expired, error)
Reconnect an Integration
If a connection expires or has issues:
- Go to Settings → Integrations
- Find the integration
- Click Reconnect or Refresh
- Re-authorize with the service
Disconnect an Integration
- Go to Settings → Integrations
- Find the integration
- Click Disconnect or Remove
- Confirm the disconnection
This revokes meetergo's access. The integration may also appear in the service's connected apps list until fully revoked there.
OAuth State Management
How meetergo Handles OAuth
meetergo uses secure OAuth state parameters to:
- Prevent CSRF attacks
- Track which user initiated the connection
- Handle the callback correctly
Token Refresh
OAuth tokens expire. meetergo automatically:
- Refreshes tokens before they expire
- Retries failed refreshes
- Notifies you if refresh fails
If automatic refresh fails, you'll need to reconnect manually.
Troubleshooting OAuth Issues
"Connection Failed" Errors
Common causes:
- Popup blocked: Allow popups from meetergo
- Third-party cookies: Enable third-party cookies
- Network issues: Check your internet connection
- Service outage: The external service may be down
"Permission Denied"
If you see permission errors:
- You may have denied required permissions
- Retry the connection and accept all requested permissions
- Check if your organization restricts the app
"Token Expired"
If tokens expire and don't refresh:
- Go to Settings → Integrations
- Disconnect the integration
- Reconnect fresh
- Re-authorize with the service
Google-Specific Issues
For Google Calendar connections:
- Ensure third-party app access is enabled in Google Workspace
- Check if your admin has restricted meetergo
- Try using a personal Google account to test
Microsoft-Specific Issues
For Outlook/Teams connections:
- Admin consent may be required for organization accounts
- Check Azure AD app permissions
- Personal vs work accounts may have different restrictions
For Developers: Building Integrations
Using meetergo's API
If building custom integrations:
- API Keys: Use API keys for server-to-server
- Webhooks: Receive events when bookings occur
- No OAuth needed: Your integration uses API keys, not OAuth
See API Documentation.
Webhook Authentication
Webhooks don't use OAuth but you should:
- Use HTTPS endpoints
- Validate payload signatures
- Implement retry handling
CRM Integration Patterns
When syncing with CRMs:
- Webhook-triggered: meetergo sends booking data via webhook
- Your server: Receives and processes the data
- CRM API: Your code calls the CRM API with your own OAuth tokens
meetergo handles the booking side; you handle the CRM side.
Security Considerations
Token Storage
meetergo stores OAuth tokens:
- Encrypted at rest
- Access controlled by your account
- Automatically refreshed
Minimal Permissions
meetergo requests only necessary permissions:
- Calendar read/write (not email)
- Meeting creation (not all Zoom data)
- Contact/deal access (not all CRM data)
Revoking Access
To fully revoke meetergo's access:
- Disconnect in meetergo
- Also revoke in the service:
- Google: myaccount.google.com → Security → Third-party apps
- Microsoft: account.microsoft.com → Privacy → Apps and services
- Zoom: zoom.us → Settings → Apps
OAuth Scopes Reference
Google Calendar
https://www.googleapis.com/auth/calendar
https://www.googleapis.com/auth/calendar.events
Microsoft Graph
Calendars.ReadWrite
User.Read
OnlineMeetings.ReadWrite
Zoom
meeting:write
user:read
FAQ
Why does meetergo need these permissions?
Each permission enables a specific feature:
- Calendar read: Check your availability
- Calendar write: Add booked meetings
- Meeting create: Generate video links
Can I limit what meetergo accesses?
You must grant the requested permissions for the integration to work. meetergo only accesses what's needed for scheduling.
Is my data shared with third parties?
meetergo doesn't share your OAuth data. Tokens are used only to provide the integration functionality.
What if my company restricts OAuth apps?
Contact your IT admin to:
- Whitelist meetergo in your OAuth policies
- Grant admin consent for the required permissions
- Enable third-party app access
Can I use personal accounts for work?
Yes, if your organization allows it. Some prefer separating personal and work calendars.
Related Articles
Was this article helpful?
Let us know if this article answered your questions.