Bolt.new AI and Calendly integration: Step-by-Step Guide 2025

Bolt.new does not have any built‑in “Calendly integration button.” You integrate Calendly the same way you would in any normal full‑stack app: you call Calendly’s public REST API, authenticate with a Calendly Personal Access Token or OAuth, and optionally receive data from Calendly using their webhooks. Inside bolt.new, you drop that token into environment variables and write fetch‑based API calls in server‑side code. That’s the entire mechanics — nothing magical, just standard HTTP.

 

What the integration actually looks like

 

You will use three components:

• A Calendly API token or OAuth app to authenticate requests from your bolt.new backend.
• Server-side code in bolt.new (Node.js) to call Calendly’s REST API.
• (Optional) A Calendly webhook subscription that points to a server route you expose in bolt.new.

Once these are set up, your bolt.new app can list events, create scheduling links, read invitee data, or handle “booking completed” notifications from Calendly.

 

Step-by-step: Integrating Calendly with bolt.new

 

The point is to keep Calendly secrets safe and do all API calls on the server, not the browser.

• Create a Calendly Personal Access Token (https://developer.calendly.com/api-docs) Store it as an environment variable in bolt.new like: CALENDLY_API_TOKEN
• Create a server route in bolt.new that calls Calendly’s API. Bolt.new server code uses standard Node.js. Here is a real working pattern:

 

// Example: server route in bolt.new to fetch Calendly scheduled events

import { Hono } from 'hono'    // Bolt’s default server framework
import { env } from 'hono/adapter'

const app = new Hono()

app.get('/api/calendly/events', async (c) => {
  const { CALENDLY_API_TOKEN } = env(c)

  const response = await fetch('https://api.calendly.com/scheduled_events', {
    method: 'GET',
    headers: {
      'Authorization': `Bearer ${CALENDLY_API_TOKEN}`,
      'Content-Type': 'application/json'
    }
  })

  const data = await response.json()
  return c.json(data)
})

export default app

 

This is a direct, real call to Calendly’s /scheduled\_events endpoint.

• Expose this route to your front‑end: your client (React, Svelte, plain JS) calls /api/calendly/events. The client never sees the token — only the backend uses it.

 

Optional: Receiving events from Calendly via webhooks

 

If you want Calendly to notify your bolt.new backend when someone books, reschedules, or cancels, you must create a webhook subscription.

• Create a public route in bolt.new that Calendly can POST to:

 

// Calendly webhook receiver

app.post('/webhooks/calendly', async (c) => {
  const body = await c.req.json()

  // Verify the webhook signature if you enabled signing
  // For now, just log the event:
  console.log('Calendly webhook:', body)

  return c.json({ received: true })
})

 

• Register the webhook using Calendly’s API and your server URL:

 

// Example: create a Calendly webhook subscription from bolt.new server

app.post('/api/calendly/register-webhook', async (c) => {
  const { CALENDLY_API_TOKEN, PUBLIC_URL } = env(c)

  const response = await fetch('https://api.calendly.com/webhook_subscriptions', {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${CALENDLY_API_TOKEN}`,
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({
      url: `${PUBLIC_URL}/webhooks/calendly`,  // Your bolt.new route
      events: ['invitee.created', 'invitee.canceled'],
      organization: 'https://api.calendly.com/organizations/YOUR_ORG_ID' // Replace with your real org ID
    })
  })

  const data = await response.json()
  return c.json(data)
})

 

How to test inside bolt.new

 

• Use the built-in server logs to view API responses and webhook payloads.
• Test using Calendly’s public preview tools or by scheduling actual test appointments.
• Verify CORS only applies to browser → server, not server → Calendly.

 

How to harden it for production deployments

 

• Move tokens to environment variables in your real hosting environment (Vercel, Render, Railway, etc.).
• Add webhook signature verification — Calendly provides an HMAC signature header.
• Rate limit your endpoints because Calendly enforces rate limits.

 

That’s the full, real path: Calendly + bolt.new = a normal backend integration using REST APIs, bearer tokens, and optional webhooks. Nothing proprietary or magical — just clean, secure HTTP with environment variables and server routes.