Cal.com Agentic Access
Cal.com exposes 121 API operations that an AI agent could call, of which 66 are state-changing ‘acting’ operations. This is a recommended x-agentic-access execution contract — the scope, audience, consequence tier, short-lived token constraints, and escalation each action should carry before it is handed to an autonomous agent.
By consequence: 55 read and 66 safety-critical.
66 operations are classed safety-critical and should require human-in-the-loop approval at runtime.
Contracts are classified heuristically from the provider’s OpenAPI and refresh on every APIs.io network build; audience is bound per deployment. The model follows Curity’s Access Intelligence (apidays Munich 2026). Browse every provider’s agent contracts at agentic-access.apis.io.
By consequence
Highest-consequence actions
The physical and safety-critical operations an agent could invoke — the ones that most warrant scoped tokens, tight TTLs, and escalation. Full per-operation contracts are in the source below.
| Method | Path | Consequence | Human-in-loop |
|---|---|---|---|
| POST | /v2/api-keys/refresh | safety-critical | required |
| POST | /v2/auth/oauth2/token | safety-critical | required |
| POST | /v2/bookings | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/attendees | safety-critical | required |
| DELETE | /v2/bookings/{bookingUid}/attendees/{attendeeId} | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/cancel | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/confirm | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/decline | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/guests | safety-critical | required |
| PATCH | /v2/bookings/{bookingUid}/location | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/mark-absent | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/reassign | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/reassign/{userId} | safety-critical | required |
| POST | /v2/bookings/{bookingUid}/reschedule | safety-critical | required |
| POST | /v2/calendars/connections/{connectionId}/events | safety-critical | required |
| PATCH | /v2/calendars/connections/{connectionId}/events/{eventId} | safety-critical | required |
| DELETE | /v2/calendars/connections/{connectionId}/events/{eventId} | safety-critical | required |
| POST | /v2/calendars/ics-feed/save | safety-critical | required |
| POST | /v2/calendars/{calendar}/credentials | safety-critical | required |
| POST | /v2/calendars/{calendar}/disconnect | safety-critical | required |
| PATCH | /v2/calendars/{calendar}/event/{eventUid} | safety-critical | required |
| POST | /v2/calendars/{calendar}/events | safety-critical | required |
| PATCH | /v2/calendars/{calendar}/events/{eventUid} | safety-critical | required |
| DELETE | /v2/calendars/{calendar}/events/{eventUid} | safety-critical | required |
| POST | /v2/conferencing/{app}/connect | safety-critical | required |
Source
Agentic Access
generated: '2026-07-15'
method: generated
source: openapi/cal-com-openapi.json
description: Recommended x-agentic-access execution contracts, classified heuristically from
the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind
audience per deployment. See research/curity/agentic-governance/.
summary:
operations: 121
by_action_class:
acting: 66
connected: 55
by_consequence:
safety-critical: 66
read: 55
human_in_the_loop_required: 66
operations:
- path: /v2/api-keys/refresh
method: post
operationId: ApiKeysController_refresh
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings
method: post
operationId: BookingsController_2024_08_13_createBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings
method: get
operationId: BookingsController_2024_08_13_getBookings
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/by-seat/{seatUid}
method: get
operationId: BookingsController_2024_08_13_getBookingBySeatUid
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}
method: get
operationId: BookingsController_2024_08_13_getBooking
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/recordings
method: get
operationId: BookingsController_2024_08_13_getBookingRecordings
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/transcripts
method: get
operationId: BookingsController_2024_08_13_getBookingTranscripts
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/reschedule
method: post
operationId: BookingsController_2024_08_13_rescheduleBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/cancel
method: post
operationId: BookingsController_2024_08_13_cancelBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/mark-absent
method: post
operationId: BookingsController_2024_08_13_markNoShow
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/reassign
method: post
operationId: BookingsController_2024_08_13_reassignBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/reassign/{userId}
method: post
operationId: BookingsController_2024_08_13_reassignBookingToUser
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/confirm
method: post
operationId: BookingsController_2024_08_13_confirmBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/decline
method: post
operationId: BookingsController_2024_08_13_declineBooking
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/calendar-links
method: get
operationId: BookingsController_2024_08_13_getCalendarLinks
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/references
method: get
operationId: BookingsController_2024_08_13_getBookingReferences
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/conferencing-sessions
method: get
operationId: BookingsController_2024_08_13_getVideoSessions
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/location
method: patch
operationId: BookingLocationController_2024_08_13_updateBookingLocation
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/attendees
method: get
operationId: BookingAttendeesController_2024_08_13_getBookingAttendees
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/attendees
method: post
operationId: BookingAttendeesController_2024_08_13_addAttendee
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/attendees/{attendeeId}
method: get
operationId: BookingAttendeesController_2024_08_13_getBookingAttendee
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/bookings/{bookingUid}/attendees/{attendeeId}
method: delete
operationId: BookingAttendeesController_2024_08_13_removeAttendee
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/bookings/{bookingUid}/guests
method: post
operationId: BookingGuestsController_2024_08_13_addGuests
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/connections
method: get
operationId: CalUnifiedCalendarsController_listConnections
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/connections/{connectionId}/events
method: get
operationId: CalUnifiedCalendarsController_listConnectionEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/connections/{connectionId}/events
method: post
operationId: CalUnifiedCalendarsController_createConnectionEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/connections/{connectionId}/events/{eventId}
method: get
operationId: CalUnifiedCalendarsController_getConnectionEvent
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/connections/{connectionId}/events/{eventId}
method: patch
operationId: CalUnifiedCalendarsController_updateConnectionEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/connections/{connectionId}/events/{eventId}
method: delete
operationId: CalUnifiedCalendarsController_deleteConnectionEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/connections/{connectionId}/freebusy
method: get
operationId: CalUnifiedCalendarsController_getConnectionFreeBusy
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/events/{eventUid}
method: get
operationId: CalUnifiedCalendarsController_getCalendarEventDetails
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/events/{eventUid}
method: patch
operationId: CalUnifiedCalendarsController_updateCalendarEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/{calendar}/events/{eventUid}
method: delete
operationId: CalUnifiedCalendarsController_deleteCalendarEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/{calendar}/event/{eventUid}
method: get
operationId: CalUnifiedCalendarsController_getCalendarEventDetails
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/event/{eventUid}
method: patch
operationId: CalUnifiedCalendarsController_updateCalendarEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/{calendar}/events
method: get
operationId: CalUnifiedCalendarsController_listCalendarEvents
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/events
method: post
operationId: CalUnifiedCalendarsController_createCalendarEvent
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/{calendar}/freebusy
method: get
operationId: CalUnifiedCalendarsController_getFreeBusy
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/ics-feed/save
method: post
operationId: CalendarsController_createIcsFeed
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/ics-feed/check
method: get
operationId: CalendarsController_checkIcsFeed
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/busy-times
method: get
operationId: CalendarsController_getBusyTimes
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars
method: get
operationId: CalendarsController_getCalendars
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/connect
method: get
operationId: CalendarsController_redirect
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/save
method: get
operationId: CalendarsController_save
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/credentials
method: post
operationId: CalendarsController_syncCredentials
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/calendars/{calendar}/check
method: get
operationId: CalendarsController_check
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/calendars/{calendar}/disconnect
method: post
operationId: CalendarsController_deleteCalendarCredentials
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/conferencing/{app}/connect
method: post
operationId: ConferencingController_connect
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/conferencing/{app}/oauth/auth-url
method: get
operationId: ConferencingController_redirect
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/conferencing/{app}/oauth/callback
method: get
operationId: ConferencingController_save
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/conferencing
method: get
operationId: ConferencingController_listInstalledConferencingApps
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/conferencing/{app}/default
method: post
operationId: ConferencingController_default
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/conferencing/default
method: get
operationId: ConferencingController_getDefault
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/conferencing/{app}/disconnect
method: delete
operationId: ConferencingController_disconnect
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/users
method: get
operationId: OAuthClientUsersController_getManagedUsers
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}/users
method: post
operationId: OAuthClientUsersController_createUser
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/users/{userId}
method: get
operationId: OAuthClientUsersController_getUserById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}/users/{userId}
method: patch
operationId: OAuthClientUsersController_updateUser
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/users/{userId}
method: delete
operationId: OAuthClientUsersController_deleteUser
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/users/{userId}/force-refresh
method: post
operationId: OAuthClientUsersController_forceRefresh
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth/{clientId}/refresh
method: post
operationId: OAuthFlowController_refreshTokens
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/webhooks
method: post
operationId: OAuthClientWebhooksController_createOAuthClientWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/webhooks
method: get
operationId: OAuthClientWebhooksController_getOAuthClientWebhooks
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}/webhooks
method: delete
operationId: OAuthClientWebhooksController_deleteAllOAuthClientWebhooks
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/webhooks/{webhookId}
method: patch
operationId: OAuthClientWebhooksController_updateOAuthClientWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}/webhooks/{webhookId}
method: get
operationId: OAuthClientWebhooksController_getOAuthClientWebhook
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}/webhooks/{webhookId}
method: delete
operationId: OAuthClientWebhooksController_deleteOAuthClientWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients
method: post
operationId: OAuthClientsController_createOAuthClient
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients
method: get
operationId: OAuthClientsController_getOAuthClients
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}
method: get
operationId: OAuthClientsController_getOAuthClientById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/oauth-clients/{clientId}
method: patch
operationId: OAuthClientsController_updateOAuthClient
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/oauth-clients/{clientId}
method: delete
operationId: OAuthClientsController_deleteOAuthClient
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/destination-calendars
method: put
operationId: DestinationCalendarsController_updateDestinationCalendars
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types
method: post
operationId: EventTypesController_2024_06_14_createEventType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types
method: get
operationId: EventTypesController_2024_06_14_getEventTypes
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/event-types/{eventTypeId}
method: get
operationId: EventTypesController_2024_06_14_getEventTypeById
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/event-types/{eventTypeId}
method: patch
operationId: EventTypesController_2024_06_14_updateEventType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}
method: delete
operationId: EventTypesController_2024_06_14_deleteEventType
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/webhooks
method: post
operationId: EventTypeWebhooksController_createEventTypeWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/webhooks
method: get
operationId: EventTypeWebhooksController_getEventTypeWebhooks
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/event-types/{eventTypeId}/webhooks
method: delete
operationId: EventTypeWebhooksController_deleteAllEventTypeWebhooks
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/webhooks/{webhookId}
method: patch
operationId: EventTypeWebhooksController_updateEventTypeWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/webhooks/{webhookId}
method: get
operationId: EventTypeWebhooksController_getEventTypeWebhook
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/event-types/{eventTypeId}/webhooks/{webhookId}
method: delete
operationId: EventTypeWebhooksController_deleteEventTypeWebhook
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/private-links
method: post
operationId: EventTypesPrivateLinksController_createPrivateLink
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/private-links
method: get
operationId: EventTypesPrivateLinksController_getPrivateLinks
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/event-types/{eventTypeId}/private-links/{linkId}
method: patch
operationId: EventTypesPrivateLinksController_updatePrivateLink
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/event-types/{eventTypeId}/private-links/{linkId}
method: delete
operationId: EventTypesPrivateLinksController_deletePrivateLink
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/me
method: get
operationId: MeController_getMe
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/me
method: patch
operationId: MeController_updateMe
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/auth/oauth2/clients/{clientId}
method: get
operationId: OAuth2Controller_getClient
x-agentic-access:
action-class: connected
consequence: read
subject: optional
token:
max-ttl: 3600
audit: none
- path: /v2/auth/oauth2/token
method: post
operationId: OAuth2Controller_token
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escalation:
human-in-the-loop: required
audit: required
- path: /v2/schedules
method: post
operationId: SchedulesController_2024_06_11_createSchedule
x-agentic-access:
action-class: acting
consequence: safety-critical
subject: required
audience: null
token:
max-ttl: 120
exchange: true
purpose-required: true
proof-of-possession: true
escal
# --- truncated at 32 KB (41 KB total) ---
# Full source: https://raw.githubusercontent.com/api-evangelist/cal-com/refs/heads/main/agentic-access/cal-com-agentic-access.yml