Documentation
Start typing to search…

Create Calendar Delegate

Definition

The "Create Calendar Delegate" action in Google Workspace allows you to assign delegated access to a Google Calendar, enabling a user or group to manage and view the calendar based on the specified role and scope. By using this action, administrators can efficiently assign roles such as "reader," "writer," or "owner" to other users or groups for better collaboration and calendar management. This action offers flexibility with scope types (user, group, domain) to ensure proper access control based on organizational needs. It is an ideal tool for streamlining permissions and access delegation for multiple users or teams within an organization.

Key Capabilities

  • Flexible Access Control: Assign specific roles to users, groups, or domains.
  • Streamlined Calendar Management: Simplify calendar delegation for collaboration and scheduling.
  • Comprehensive Permissions: Supports different levels of access, including viewing, editing, and full ownership.

Example Use Cases

1. Delegating Calendar Access for Team Collaboration

Assign a team member or a group of employees the "writer" role for a calendar, allowing them to edit events, add new ones, and update scheduling details without being the calendar owner. This is useful for project teams who need to collaborate on shared calendars.

2. Assigning View-Only Access to Executives

Provide "reader" access to executives, allowing them to view the calendar events without making any changes. This can be used to ensure that important calendars, such as leadership meetings or board agendas, are accessible to stakeholders without giving them permission to modify the calendar.

3. Granting Full Access to Calendar for Personal Assistants

Grant "owner" permissions to a personal assistant or a manager’s delegate, allowing them to have full control over the calendar, including the ability to manage access permissions and modify all event details. This is useful when delegating the responsibility of managing someone’s calendar.

4. Managing Access Based on Organizational Roles

Assign "freeBusyReader" roles to department heads, giving them read-only access to see if calendar slots are free or busy without viewing the details of the events. This helps in coordinating meetings between multiple teams or departments.

5. Delegating Calendar Access to External Partners

Use the "domain" scope type to give external partners or vendors the "reader" or "writer" role on a specific calendar, allowing them to either view or collaborate on calendar events relevant to the partnership without exposing sensitive internal data.


Inputs

1. Connection

This field specifies the Google Workspace Administration connection that you have set up. It is used to authenticate the action and ensure proper access to your Google Calendar data.

  • Explanation: You need to upload the credential JSON file for a service account with domain-wide delegation. This allows Zenphi to access and make changes on behalf of the user within the Google Workspace environment.
  • Best Practice: Ensure the service account has appropriate permissions and domain-wide delegation enabled as per the setup guide: Create Google Workspace Administration Connection.

2. User Email

The email address of the user whose calendar is being accessed or modified.

  • Explanation: This is the primary user whose calendar will have a delegate assigned. The user must have an active Google Workspace account within the domain, and the correct permissions must be set up for delegation.
  • Best Practice: Double-check the spelling of the email and ensure that the account exists in Google Workspace.

3. Scope Type

This defines the type of scope for the delegation, which determines the extent of access granted to the calendar.

  • Explanation:
    • default: Public scope, grants access to everyone.
    • user: Limits access to a specific user’s calendar.
    • group: Restricts access to a specific Google Group.
    • domain: Grants access to everyone within a given domain.
  • Best Practice: Choose the appropriate scope type based on the level of access you wish to provide. For internal teams, the "domain" scope is ideal, while "user" or "group" are more suited for specific access levels.

4. Scope Value

The email address of a user or group, or the name of a domain depending on the selected scope type.

  • Explanation:
    • If scope type is "user", this will be the email address of the individual user.
    • If scope type is "group", this will be the email address of a Google Group.
    • If scope type is "domain", this will be the domain name (e.g., example.com).
    • If scope type is "default", this field is omitted.
  • Best Practice: Make sure the email address or domain name provided is valid and properly formatted.

5. Role

This field specifies the role granted to the user or group in relation to the calendar.

  • Explanation: The possible values are:
    • none: No access to the calendar.
    • freeBusyReader: Read access to the free/busy information only.
    • reader: Can read all events, but cannot modify them.
    • writer: Can read and modify events.
    • owner: Full control, can edit, delete events, and modify calendar settings.
  • Best Practice: Choose the role based on the level of interaction required with the calendar. For basic viewing, "reader" is sufficient, while "writer" or "owner" should be used for those who need more control.

**Outputs **

1. Id

The Identifier of the Access Control List (ACL) rule associated with the calendar delegate.

  • Explanation: Each access control rule (ACL) that governs calendar delegation has a unique ID. This ID helps in identifying and managing the specific delegation rule within Google Calendar. It is returned as part of the output after successfully creating the delegate.
  • Best Practice: Use the ID to reference or manage specific ACL rules if further actions are required, such as removing or updating the delegation.

2. Calendar Id

The identifier of the calendar to which the delegation is applied.

  • Explanation: This ID refers to the specific calendar that the delegation rule is associated with. It is unique to each Google Calendar account.
  • Best Practice: Keep track of the Calendar ID for auditing or future modifications to the delegation rule.

3. Role

The role assigned to the scope for the calendar delegate.

  • Explanation: This shows the role (e.g., owner, writer, reader) assigned to the specified user, group, or domain. The role determines the level of access they have to the calendar events.
  • Best Practice: Monitor the role to ensure that the correct level of access is granted. For example, if the delegate should only view events, ensure the role is set to "reader".

4. Scope

The extent to which calendar access is granted by the ACL rule.

  • Explanation: This refers to the scope type (e.g., default, user, group, domain) that was selected during setup. It defines who can access the calendar and at what level.
  • Best Practice: Review the scope to ensure that access is granted to the right group or domain as per organizational needs.

5. Scope Value

The email address of the user or group, or the name of the domain, depending on the scope type.

  • Explanation: This is the value that was input during the setup for the scope type. If user scope was chosen, it will show the user’s email. If group or domain was chosen, it will show the relevant group or domain name.
  • Best Practice: Ensure the correct value is returned and matches what was input, to confirm the delegation is correctly set up for the intended user, group, or domain.

Example Scenario: Creating a Calendar Delegate for a Team Member

Situation:

A company wants to give a team member, Sarah, the ability to manage the calendar of her manager, John. Sarah needs read and write access to John's calendar so she can schedule meetings on his behalf.

Steps to Set It Up:

  1. Create a Google Workspace Administration Connection:

    To start, the administrator sets up a Google Workspace Administration connection using a service account with domain-wide delegation. This ensures the system can manage John’s calendar.

  2. Action Setup:

    • User email: The administrator enters John’s email address (e.g., [email protected]).
    • Scope type: Since Sarah is an individual user, the scope type is set to user.
    • Scope value: The administrator enters Sarah’s email address (e.g., [email protected]) as the scope value.
    • Role: The administrator assigns the writer role to Sarah. This gives her the ability to read and write events on John’s calendar.

  3. Run the Flow:

    The action is executed, creating the delegate with the specified permissions. Now Sarah has access to John’s calendar with read and write permissions.

  4. Verify the Setup:

    After the action runs, the administrator can check the outputs, which include the calendar id, role, and scope, ensuring that Sarah has been granted the correct access and that the correct calendar is associated with the delegation.

Outcome:

Sarah now has the required access to John's calendar, enabling her to schedule, update, or cancel appointments on his behalf, with the role permissions specified. The organization is now able to delegate calendar management smoothly.

Updated 6 days ago