Concepts

Core Concepts#

This page covers core concepts of the Cvent REST API


Workspaces#

Workspaces are where you start integrating with Cvent’s REST API. You can invite one or more developers to a workspace and limit the types of data they can access by setting scopes. You can have up to five workspaces in your account.


Scopes#

Scopes determine what data in your account is available in a workspace. By setting scopes, you control the data access for each developer within a workspace.


Developers#

Developers are users who can span multiple accounts and workspaces.

A Cvent account administrator can invite developers to workspaces via email. Admins can invite a developer to one or more workspaces and have a maximum of 10 unique developers associated with your account.


Call Graphs

Applications#

Applications are created inside workspaces by developers. Applications grant the developer client credentials for making REST API calls. Applications can use some or all of the scopes in a workspace.

When creating applications to integrate with Cvent, you can choose Machine to Machine or Web Application.

Machine to Machine#

Machine-to-machine applications enable direct communication between your service and Cvent to automate tasks and exchange data. You'll use the Client Credentials flow to authenticate on behalf of an application. Your API activity will be attributed to the application.

Web Application#

Web applications are meant for services accessed through web browsers. You'll use the Authorization Code flow to authenticate on behalf of a user (Cvent admin). Your API activity will be attributed to the user.


Call Graphs

Scopes#

Scopes are made available to workspaces, and developers can then create applications picking from the scopes made available to them. Scopes act as permissions and are required to make individual API calls.

If you add many scopes (~50), you'll need to generate your access token with only the scopes you need. Adding too many scopes to an access token will trigger a HTTP 431 - Request headers too large on subsequent requests.