Hey there, fellow JavaScript enthusiast! Ready to dive into the world of Acuity Scheduling integrations? Today, we're going to focus on the most crucial part of any integration: the authorization flow. Buckle up, because we're about to make your life a whole lot easier when it comes to scheduling.
Acuity Scheduling's API is a powerhouse for managing appointments, but without proper authorization, it's like having a Ferrari without the keys. We're going to build a slick auth flow that'll have your users zipping through the authorization process faster than you can say "double-booked."
Before we jump in, make sure you've got:
Let's get our hands dirty:
mkdir acuity-integration && cd acuity-integration npm init -y npm install express axios dotenv
Create a .env file in your project root:
ACUITY_CLIENT_ID=your_client_id_here
ACUITY_CLIENT_SECRET=your_client_secret_here
Remember, never share these secrets! They're like your secret recipe for the world's best cookies.
Here's where the magic happens. We'll create two main routes: one to kick off the auth process and another to handle the callback.
const express = require('express'); const axios = require('axios'); require('dotenv').config(); const app = express(); app.get('/auth', (req, res) => { const authUrl = `https://acuityscheduling.com/oauth2/authorize?response_type=code&client_id=${process.env.ACUITY_CLIENT_ID}&redirect_uri=http://localhost:3000/callback`; res.redirect(authUrl); }); app.get('/callback', async (req, res) => { const { code } = req.query; try { const response = await axios.post('https://acuityscheduling.com/oauth2/token', { grant_type: 'authorization_code', code, client_id: process.env.ACUITY_CLIENT_ID, client_secret: process.env.ACUITY_CLIENT_SECRET, redirect_uri: 'http://localhost:3000/callback' }); const { access_token, refresh_token } = response.data; // Store these tokens securely! res.send('Authorization successful!'); } catch (error) { res.status(500).send('Authorization failed'); } }); app.listen(3000, () => console.log('Server running on port 3000'));
Tokens don't last forever, so let's keep them fresh:
async function refreshToken(refresh_token) { try { const response = await axios.post('https://acuityscheduling.com/oauth2/token', { grant_type: 'refresh_token', refresh_token, client_id: process.env.ACUITY_CLIENT_ID, client_secret: process.env.ACUITY_CLIENT_SECRET }); return response.data.access_token; } catch (error) { console.error('Token refresh failed:', error); throw error; } }
Now that we're authorized, let's make some API calls:
async function getAppointments(access_token) { try { const response = await axios.get('https://acuityscheduling.com/api/v1/appointments', { headers: { Authorization: `Bearer ${access_token}` } }); return response.data; } catch (error) { console.error('Failed to fetch appointments:', error); throw error; } }
Always be prepared for the unexpected:
app.use((err, req, res, next) => { console.error(err.stack); res.status(500).send('Something broke!'); });
Security isn't just a feature, it's a lifestyle:
Manual testing is great, but automated tests are your new best friend:
const chai = require('chai'); const chaiHttp = require('chai-http'); chai.use(chaiHttp); describe('Acuity Integration', () => { it('should redirect to Acuity auth page', (done) => { chai.request(app) .get('/auth') .end((err, res) => { chai.expect(res).to.redirectTo(/acuityscheduling\.com\/oauth2\/authorize/); done(); }); }); });
And there you have it! You've just built a rock-solid authorization flow for your Acuity Scheduling integration. Remember, this is just the beginning. From here, you can expand your integration to handle appointments, manage calendars, and much more.
Keep coding, keep learning, and most importantly, keep scheduling like a boss!
