{ "generated_at": "2026-06-12T22:05:57.128Z", "system": { "id": "topolo-calendar", "name": "Calendar", "slug": "topolo-calendar", "kind": "application", "summary": "Cloudflare-native scheduling and bookings application with public booking pages, availability, invitations, recurrence, and Google/Microsoft/CalDAV free/busy sync.", "aliases": [], "lifecycle": "active", "last_verified": "2026-06-01", "owners": [ "platform-experience" ], "repo_paths": [], "external_repo_paths": [ "Apps/shared/TopoloCalendar" ], "service_ids": [ "srv_4lfDYNsgOYTb" ], "visibility": "public", "api_contract": { "type": "curated", "source": "PlatformApplications/TopoloDocs/src/content/public/applications/calendar.mdx", "notes": "Calendar is a Worker + D1 + per-host Durable Object application. Runtime service identity resolves from the Auth-owned service slug topolo-calendar instead of checked-in concrete srv_* ids. D1 is the system of record for hosts, event types, availability rules and overrides, bookings, attendees, delivery receipts, persisted slot holds, recurrence series/exceptions, external calendar metadata, encrypted external calendar credentials, OAuth callback state, and imported external busy blocks. CalendarHostDO (keyed by host handle) serialises concurrent booking attempts, writes holds through to D1, caches availability windows, and confirms bookings only after persistence succeeds. Calendar emits `calendar.booking.invite_requested`, `calendar.booking.updated`, `calendar.booking.cancelled`, and `calendar.booking.reminder_due` through TopoloNotify; Calendar builds the RFC5545 ICS payload with stable UID, incrementing sequence, REQUEST/CANCEL methods, and TopoloNotify owns template rendering, external recipient routing, Nexus attachment forwarding, retries, dispatch audit rows, provider identity, and optional provider message ids when the provider returns one. Public booking pages (//) plus availability/hold/confirm and token-backed manage endpoints are unauthenticated by design. Public manage links support invitee view, cancel, and reschedule without a Topolo account. Admin APIs cover booking detail/edit/reschedule/cancel/resend, availability override CRUD, Google Calendar OAuth FreeBusy sync, Microsoft Graph getSchedule sync, CalDAV REPORT sync, manual/ICS busy-block import, and provider connection removal. Recurrence supports daily/weekly/monthly frequency with interval, count/until, exception dates, and 18-month materialization. Meeting sessions remain owned by Topolo Chat; `chat_meeting` bookings call Chat's internal Calendar bridge and store the returned guest URL in `meetingProviderRef`, while external meeting providers store host-configured links or instructions. The public root renders the shared Topolo LandingPage from Auth-managed Calendar landing config. The admin `/login` route renders the shared first-party Topolo login on the app origin, and signed users enter the shared `TopoloAppShell`. Calendar exposes `GET /api/widget` with the shared `@topolo/sdk` widget response contract. Admin endpoints require bearer tokens validated by @topolo/auth-middleware against the resolved Calendar service id and enforce route-level Calendar permissions." }, "primary_hosts": [ "https://calendar.topolo.app", "https://calendar.stg.topolo.us" ], "doc_paths": [ "applications/calendar", "internal/apps/calendar" ], "security_assurance": { "risk_tier": "high", "auth_boundary": "Public root landing, public booking pages, availability/hold/confirm endpoints, and token-backed invitee manage endpoints are unauthenticated by design. Calendar admin sign-in uses the shared app-origin first-party login route at /login with embedded email/password enabled through the UI Kit first-party registry, Auth config reads proxy through /api/auth/*, and one-time sso_code handoffs complete on /auth/callback. Initial /app boot retries one Auth refresh on a 401 admin context response and redirects stale sessions to /login instead of rendering token-validation failures. The signed /app workspace uses TopoloAppShell, which mounts the shared app launcher on authenticated boot so app-switcher catalog reads warm through /api/auth/* before first open and owns shared shell utilities such as theme, command palette, sidebar collapse, and BugFix reporting. Admin routes (/api/admin/*) require bearer tokens validated through Topolo Auth against the service id resolved from topolo-calendar and enforce Calendar service permissions; local JWT fallback is not permitted.", "tenant_isolation": "organization_scoped", "external_inputs": [ "browser", "api", "callback", "third_party_app", "scheduled_task" ], "sensitive_data": [ "identity", "org_data", "customer_content", "telemetry" ], "last_security_review": "2026-04-30", "security_review_status": "reviewed", "pentest_status": "passed", "evidence_doc": "internal/apps/calendar" }, "data_privacy": { "classification": "restricted", "sensitive_data_classes": [ "customer_content", "identity", "organization", "telemetry" ], "storage_locations": [ "d1", "durable_object", "external_provider" ], "encryption_at_rest": "application_layer", "encryption_in_transit": "https_only", "key_management": "versioned_platform_key_required", "retention_policy": "partial", "deletion_export_status": "planned", "logging_redaction_status": "needs_review", "privacy_review_status": "reviewed", "enterprise_ready": false, "evidence_doc": "internal/apps/calendar" }, "dependencies": [ "topolo-auth", "topolo-chat", "topolo-nexus", "topolo-notify", "applications-packages" ], "bugfix_policy": { "tier": "autonomous", "preferred_agent": "either", "require_validator": false }, "public_hub_url": "/systems/topolo-calendar", "internal_hub_url": null, "application_api_url": "/reference/apps/topolo-calendar", "generated_openapi_url": null, "machine_urls": { "system": "/machine/systems/topolo-calendar.json", "application": "/machine/applications/topolo-calendar.json" } }, "docs": { "public": [ { "id": "applications/calendar", "title": "Topolo Calendar", "summary": "Public overview of the scheduling and booking application — shareable event types, availability, invitations, and calendar-safe booking lifecycle controls.", "audience": "public", "tags": [ "calendar", "scheduling", "bookings", "ics" ], "url": "/applications/calendar", "last_verified": "2026-06-01" } ], "internal": [], "runbooks": [] }, "authority": { "owners": [ "platform-experience" ], "repo_paths": [], "service_ids": [ "srv_4lfDYNsgOYTb" ], "dependencies": [ "topolo-auth", "topolo-chat", "topolo-nexus", "topolo-notify", "applications-packages" ], "aliases": [] }, "interfaces": { "contract_type": "curated", "contract_source": "PlatformApplications/TopoloDocs/src/content/public/applications/calendar.mdx", "contract_source_exists": false, "openapi": null, "readme": null }, "auth": { "depends_on_topolo_auth": true, "api_key_scopes": [ { "id": "aks_calendar_api_keys_write", "name": "api_keys.write", "description": "Manage Calendar machine credentials", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_availability_read", "name": "availability.read", "description": "Read weekly availability rules and overrides", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_availability_write", "name": "availability.write", "description": "Update weekly availability rules and overrides", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_bookings_read", "name": "bookings.read", "description": "List and inspect bookings", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_bookings_write", "name": "bookings.write", "description": "Cancel or reschedule bookings", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_embed_issue", "name": "embed.issue", "description": "Issue embed tokens for third-party websites", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_event_types_read", "name": "event_types.read", "description": "List event types", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_event_types_write", "name": "event_types.write", "description": "Create, update, or deactivate event types", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_external_sync_write", "name": "external_sync.write", "description": "Connect or revoke external calendar sync sources", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_host_read", "name": "host.read", "description": "View host profile and handle", "resourcePattern": null, "kind": "api_key_scope" }, { "id": "aks_calendar_host_write", "name": "host.write", "description": "Create or update host profile, handle, and timezone", "resourcePattern": null, "kind": "api_key_scope" } ], "service_permissions": [ { "id": "perm_calendar_api_keys_write", "name": "api_keys:write", "description": "Manage Calendar machine credentials", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_availability_read", "name": "availability:read", "description": "Read weekly availability rules and overrides", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_availability_write", "name": "availability:write", "description": "Update weekly availability rules and overrides", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_bookings_read", "name": "bookings:read", "description": "List and inspect bookings", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_bookings_write", "name": "bookings:write", "description": "Cancel or reschedule bookings", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_embed_issue", "name": "embed:issue", "description": "Issue embed tokens for third-party websites", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_event_types_read", "name": "event_types:read", "description": "List event types", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_event_types_write", "name": "event_types:write", "description": "Create, update, or deactivate event types", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_external_sync_write", "name": "external_sync:write", "description": "Connect or revoke external calendar sync sources", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_host_read", "name": "host:read", "description": "View host profile and handle", "resourcePattern": null, "kind": "permission" }, { "id": "perm_calendar_host_write", "name": "host:write", "description": "Create or update host profile, handle, and timezone", "resourcePattern": null, "kind": "permission" } ] }, "runtime": { "primary_hosts": [ "https://calendar.topolo.app", "https://calendar.stg.topolo.us" ], "repo_entries": [], "wrangler_surfaces": [], "packages": [] }, "data": { "env_vars": [], "bindings": [], "queue_bindings": [], "storage_kinds": [], "workflow_signals": [] }, "deployment": { "commands": [], "routes": [], "environments": [], "assets_directories": [], "observability_enabled": false }, "debugging": { "failure_modes": [ "No wrangler.toml surface was discovered under the registered repo paths.", "The registered contract source is missing: PlatformApplications/TopoloDocs/src/content/public/applications/calendar.mdx", "Neither OpenAPI nor README-derived interface detail was found." ], "entrypoints": [ "PlatformApplications/TopoloDocs/src/content/public/applications/calendar.mdx" ] } }