Skip to content
Kalender Sync Docs
Go to app

Approving Kalender Sync in your organisation

This page is meant to be forwarded to IT: everything an admin needs for the one-time approval of Kalender Sync. The compact overview with the clickable admin-consent link is at kalender-sync.de/it-admin.

Microsoft 365 / Entra ID

Section titled “Microsoft 365 / Entra ID”

The fast way (~2 minutes):

  1. As a Global Admin, open the admin-consent link:

    Grant admin consent for Kalender-Sync

    (Client ID for verification: f656be6d-e0c1-43a4-a4a8-e1452eaf78f3 — after confirming, Microsoft redirects to our confirmation page.)

  2. Review the requested permissions (User.Read, Calendars.ReadWrite, offline_accessdetails) and confirm.

  3. Done — consent applies tenant-wide; users can connect without further prompts.

Alternatively via the Entra portal: Enterprise Applications → Kalender-Sync → Permissions → Grant admin consent. The permissions are delegated — Kalender Sync only ever acts in the context of the signed-in user, never with application permissions on other mailboxes.

Google Workspace

Section titled “Google Workspace”

  1. Open the Admin consoleSecurity → Access and data control → API controls → App access control.

  2. “Configure new app” (or “Manage apps” → “Add app”) → search by OAuth app name or client ID:

    799110401428-vpauqp9v2ksno7vc6k2404pgg956tjit.apps.googleusercontent.com

    Alternatively search for the name “Kalender Sync”.

  3. Select the app, set the scope (entire organisation or specific organisational units) and set access to “Trusted” → confirm.

  4. From then on users can connect without being blocked — each user still grants the scopes themselves in the Google sign-in.

In the app detail view of the Admin console, IT can see exactly which services are requested (Google sign-in, Calendar) and which scopes users have granted. The requested scopes (calendar.events, calendar.calendarlist.readonly + identity) are also listed under Permissions in detail.

Facts for the compliance review

Section titled “Facts for the compliance review”
  • Hosting & database in Germany (Hetzner, Falkenstein) — security overview
  • No storage of event contents, no transfer of attendee data
  • Credentials encrypted at rest, TLS in transit
  • DPA under Art. 28 GDPR available on request — DPA & sub-processors
  • Consent revocable any time (tenant-wide or per user); users can delete their accounts and data themselves

If approval isn’t an option

Section titled “If approval isn’t an option”

Users can also bring their own calendar in as a read-only iCal feed source without any OAuth approval — no admin involvement. The options compared: My organisation blocks the connection.