Skip to main content

Announcing StackOne Defender: leading open-source prompt injection guard for your agent Read More

Connect

Connectors Agent Auth MCP Connector Builder

Optimize

Tool Discovery Falcon Engine

Secure

Defender
Connectors

HRIS / HCM

Employee Onboarding Employee Offboarding

Recruiting

Application Screening Interview Scheduling

Customer Support

Ticket Triage Voice Call Summarization

Sales & CRM

Deal Risk Scoring Lead Qualification

Accounting & Finance

Invoice Processing Month-End Accruals

Marketing

Campaign Reports Lead Nurture Sequences
View all use cases

Developers

Docs Changelog Status

Learn

Blog Case Studies Events Partners
Pricing
Login Book Demo Start Free

Google Calendar MCP Server
for AI Agents

Production-ready Google Calendar MCP server with 37 extensible actions — plus built-in authentication, security, and optimized execution.

Start Free Book Demo Read Docs →
Google Calendar logo
Google Calendar MCP Server
Built by StackOne StackOne

Coverage

37 Agent Actions

Create, read, update, and delete across Google Calendar — and extend your agent's capabilities with custom actions.

MCP Actions → Create Actions →

Authentication

Agent Tool Authentication

Per-user OAuth in one call. Your Google Calendar MCP server gets session-scoped tokens with zero credentials stored on your infra.

Agent Auth →

Security

Agent Protection

Every Google Calendar tool response scanned for prompt injection in milliseconds — 88.7% accuracy, all running on CPU.

Prompt Injection Defense →

Performance

Max Agent Context. Min Cost.

Free up to 96% of your agent's context window to enhance reasoning and reduce cost, on every Google Calendar call.

Tools Discovery →

What is the Google Calendar MCP Server?

A Google Calendar MCP server lets AI agents read and write Google Calendar data through the Model Context Protocol — Anthropic's open standard for connecting LLMs to external tools. StackOne's Google Calendar MCP server ships with 37 pre-built actions, fully extensible via the Connector Builder — plus managed authentication, prompt injection defense, and optimized agent context. Connect it from MCP clients like Claude Desktop, Cursor, and VS Code, or from agent frameworks like OpenAI Agents SDK, LangChain, and Vercel AI SDK.

All Google Calendar MCP Tools and Actions

Every action from Google Calendar's API, ready for your agent. Create, read, update, and delete — scoped to exactly what you need.

Events

  • Create Event

    Creates a new event on a calendar.

  • Import Event

    Imports an event. This action is used to add a private copy of an existing event to a calendar. Only events with an eventType of default may be imported.

  • List Events

    Lists events on a calendar. Supports time range, search, and pagination.

  • Get Event

    Gets an event by ID.

  • Update Event

    Updates an event using patch semantics.

  • Move Event

    Moves an event to another calendar, i.e. changes an event's organizer. Note that only default events can be moved; birthday, focusTime, fromGmail, outOfOffice and workingLocation events cannot be moved.

  • Delete Event

    Deletes an event.

Calendars

  • Create Calendar

    Creates a secondary calendar. The authenticated user for the request is made the data owner of the new calendar.

  • Get Calendar

    Gets metadata for a calendar.

  • Update Calendar

    Updates metadata for a calendar. This method supports patch semantics. Note that each patch request consumes three quota units; prefer using a get followed by an update. The field values you specify replace the existing values. Fields that you don't specify in the request remain unchanged. Array fields, if specified, overwrite the existing arrays; this discards any previous array elements.

  • Delete Calendar

    Deletes a calendar permanently.

Calendar List Entrys

  • Create Calendar List Entry

    Adds a calendar to the user's calendar list.

  • Get Calendar List Entry

    Gets a calendar from the user's calendar list.

  • Update Calendar List Entry

    Updates an existing calendar on the user's calendar list. This method supports patch semantics. The field values you specify replace the existing values. Fields that you don't specify in the request remain unchanged. Array fields, if specified, overwrite the existing arrays; this discards any previous array elements.

  • Delete Calendar List Entry

    Unsubscribes from a shared calendar by removing it from the user's calendar list.

ACL Rules

  • Create ACL Rule

    Creates an access control rule for a calendar.

  • Get ACL Rule

    Returns an access control rule.

  • Update ACL Rule

    Updates an access control rule. This method supports patch semantics. The field values you specify replace the existing values. Fields that you don't specify in the request remain unchanged.

  • Delete ACL Rule

    Deletes an access control rule.

Settings

  • List Settings

    Lists all user settings for the authenticated user.

  • Get Setting

    Gets a single user setting by ID.

Other (16)

  • List Event Instances

    Returns instances of the specified recurring event.

  • List Calendar List

    Lists the calendars in the user's calendar list.

  • List ACL

    Lists the rules in the access control list for a calendar.

  • Query Free/Busy

    Queries the free/busy information for a set of calendars within a time range.

  • Get Colors

    Returns the color definitions for calendars and events.

  • Update Event (Full)

    Updates an event. This method does not support patch semantics and always updates the entire event resource. To do a partial update, perform a get followed by an update using etags to ensure atomicity.

  • Update Calendar (Full)

    Updates metadata for a calendar. This method does not support patch semantics and always updates the entire calendar resource.

  • Update Calendar List Entry (Full)

    Updates an existing calendar on the user's calendar list. This method does not support patch semantics and always updates the entire calendar list entry.

  • Update ACL Rule (Full)

    Updates an access control rule. This method does not support patch semantics and always updates the entire ACL rule.

  • Quick Add Event

    Creates an event based on a simple text string.

  • Watch Events

    Watch for changes to Events resources.

  • Clear Calendar

    Clears a primary calendar. This action deletes all events associated with the primary calendar of an account.

  • Watch Calendar List

    Watch for changes to CalendarList resources.

  • Watch ACL

    Watch for changes to ACL resources.

  • Watch Settings

    Watch for changes to Settings resources.

  • Stop Channel

    Stop watching resources through this channel.

Set Up Your Google Calendar MCP Server in Minutes

One endpoint. Any framework. Your agent is talking to Google Calendar in under 10 lines of code.

MCP Clients

Agent Frameworks

Claude Desktop
{
  "mcpServers": {
    "stackone": {
      "command": "npx",
      "args": [
        "-y",
        "mcp-remote@latest",
        "https://api.stackone.com/mcp?x-account-id=<account_id>",
        "--header",
        "Authorization: Basic <YOUR_BASE64_TOKEN>"
      ]
    }
  }
}

More Calendar & Scheduling MCP Servers

Outlook Calendar

77+ actions

Planday

69+ actions

Zoom

54+ actions

Cal.com

52+ actions

Deputy

48+ actions

Envoy

42+ actions

Microsoft Outlook

39+ actions

All Calendar & Scheduling MCP Servers →

Google Calendar MCP Server Resources

MCP Code Mode: Keeping Tool Responses Out of Agent Context

Anthropic's code_execution processes data already in context. Custom MCP code mode keeps raw tool responses in a sandbox. 14K tokens vs 500.

11 min

Comparing BM25, TF-IDF, and Hybrid Search for MCP Tool Discovery

Benchmarking BM25, TF-IDF, and hybrid search for MCP tool discovery across 916 tools. The 80/20 TF-IDF/BM25 hybrid hits 21% Top-1 accuracy in under 1ms.

10 min

Indirect Prompt Injection Defense for MCP Tools: A Technical Guide

MCP tools that read emails, CRM records, and tickets are indirect prompt injection vectors. Here's how we built a two-tier defense that scans tool results in ~11ms.

12 min

Google Calendar MCP Server FAQ

Google Calendar MCP server vs direct API integration — what's the difference?
A Google Calendar MCP server and direct API integration serve different use cases. Direct API integration is for software-to-software — backend code calling Google Calendar. A Google Calendar MCP server is for AI agents — MCP clients like Claude and Cursor, plus framework agents built with OpenAI, LangChain, or Vercel AI — discovering and calling Google Calendar at runtime. StackOne provides both.
How does Google Calendar authentication work for AI agents?
Google Calendar authentication for AI agents works through a StackOne Connect Session. Create one via the dashboard or the SDK — you get an auth link and ready-to-paste config for Claude Desktop, Cursor, and other MCP clients. Your user authenticates their own Google Calendar account; StackOne handles token exchange, storage, and refresh. Credentials never reach the LLM, and each user is isolated via origin_owner_id.
Are Google Calendar MCP tools vulnerable to prompt injection?
Yes — Google Calendar MCP tools can be vulnerable to indirect prompt injection. Any tool that reads user-written content — documents, messages, tickets, records, or free-text fields — is a potential vector. StackOne Defender scans every tool response before it enters the agent's context — regex patterns in ~1ms, then a MiniLM classifier in ~4ms. 88.7% accuracy, CPU-only.
What is the context bloat of a Google Calendar agent and how do I avoid it?
Context bloat happens when Google Calendar tool schemas and API responses eat your Google Calendar agent's memory, preventing it from reasoning effectively. A single Google Calendar query can return a massive JSON response, and connecting multiple tools compounds the problem. Tools Discovery and Code Mode reduce context bloat — loading only relevant tools per query and keeping raw responses out of the agent's context.
Can I limit which actions my Google Calendar agent can access?
Yes — you can limit which actions your Google Calendar agent can access directly from the StackOne dashboard. Toggle actions on or off, or restrict them to specific accounts, with no code changes to your agent. Session tokens can be scoped to exact actions so if one leaks, exposure stays contained.
Can I create custom agent actions for my Google Calendar MCP server?
Yes — you can create custom agent actions for your Google Calendar MCP server using Connector Builder. It's an integration agent your coding assistant (Claude Code, Cursor, or Copilot) can invoke to research Google Calendar's API, generate production-ready connector YAML, test against the live API, and validate before you ship.
When should I NOT use a Google Calendar MCP server?
Skip a Google Calendar MCP server if your integration is purely software-to-software — direct Google Calendar API integration is simpler when no AI agent is involved. For deterministic, compliance-critical operations (financial transactions, regulatory reporting), direct API gives you predictable behavior without agent-driven decision-making. MCP shines when AI agents need to dynamically discover and call Google Calendar actions at runtime.
What AI frameworks and AI clients does the StackOne Google Calendar MCP server support?
The StackOne Google Calendar MCP server supports both. MCP clients (paste-and-go apps): Claude Desktop, Claude Code, Cursor, VS Code, Goose. Agent frameworks (code SDKs you build with): OpenAI Agents SDK, Anthropic, Vercel AI, Google ADK, CrewAI, Pydantic AI, LangChain, LangGraph, Azure AI Foundry.

Put your AI agents to work

All the tools you need to build and scale AI agent integrations, with best-in-class connectivity, execution, and security.

Start Free Book Demo