feat: Add routing-forms record response endpoint with available slots

[hariombalhara]

What does this PR do?

Added a new API endpoint to create a routing form response(POST v2/organizations/:orgId/routing-forms/:formId/responses) and returns available booking slots for the matched event type. The response from that endpoint could be utilised to do a booking for a particular timeslot and connect that with the routingForm response

How to connect a response with booking

Send POST request to https://api.cal.com/v2/organizations/:orgId/routing-forms/:formId/responses?start=2025-06-30T18:30:00.000Z&end=2025-07-23T09:00:00Z with JSON body

{
  "email": "john@example.com",  // email is a field in Routing Form with _identifier_=_email_
}

It will return a response like

{
    "status": "success",
    "data": {
        "routing": {
            "responseId": 476,
            "teamMemberIds": [
                19,
                21,
                22,
                25,
                26
            ],
            ... more props here
        },
        "eventTypeId": 56,
        "slots": {
            "2025-07-04": [
                {
                    "start": "2025-07-04T12:00:00.000Z"
                }
			]    
         }
    }
}

The routing object and eventTypeId and any slot available in slots can be used to create a booking now through
https://api.cal.com/v2/bookings (documented here) endpoint. You can pass the routing object as is. Take a look at this loom to see it all working

Followup

A new endpoint to use the queued response identified by queuedResponseId

Video Demo (if applicable):

https://www.loom.com/share/db67e598548b42789b7072a2e9996057

Mandatory Tasks (DO NOT REMOVE)

• I have self-reviewed the code (A decent size PR without self-review might be rejected).
• I have updated the developer docs in /docs if this PR makes changes that would require a documentation change. If N/A, write N/A here and check the checkbox.
• I confirm automated tests are in place that prove my fix is effective or that my feature works.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

2 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
cal	⬜️ Ignored (Inspect)	Visit Preview		Jul 4, 2025 11:59am
cal-eu	⬜️ Ignored (Inspect)	Visit Preview		Jul 4, 2025 11:59am

[hariombalhara]

• feat: Add routing-forms record response endpoint with available slots #22239 👈 (View in Graphite)
• main

This stack of pull requests is managed by Graphite. Learn more about stacking.

[delve-auditor]

✅ No security or compliance issues detected. Reviewed everything up to 889dd32.

Security Overview

• 🔎 Scanned files: 23 changed file(s)

Detected Code Changes

Change Type	Relevant files
Enhancement	► input.service.ts     Add routing form data processing ► organizations-routing-forms-responses.controller.ts     Add endpoint for creating routing form responses ► organizations-routing-forms-responses.service.ts     Add routing form response handling ► handleResponse.ts     Add support for identifier keyed responses and CRM routing ► getRoutedUrl.ts     Add configurable CRM fetching
Configuration changes	► package.json     Update platform libraries version
Refactor	► routerGetCrmContactOwnerEmail.ts     Refactor email extraction logic ► swagger/documentation.json     Update API documentation

Reply to this PR with @delve-auditor followed by a description of what change you want and we'll auto-submit a change to this PR to implement it.

[github-actions]

E2E results are ready!

• Workflow #65936.2 latest results

[hariombalhara]

Bug-1: The response contains id of the field as they key and not the identifier. So we need to pass the one with identifier as they key here.

The one with id of the field, doesn't have the identifier anywhere and thus can't be compared with email identifier

[hariombalhara]

Logic changed as per the new response object which is identifier key based.

[hariombalhara]

Bug-2: contactOwner by default isn't null. See line 43. So, we must consider it as nullish if both email and recordType are nullish

[ThyMinimalDev]

we need to release platform libraries

[ThyMinimalDev]

if we need to control and hide fields that are not within the DTO use plainToClass combined with @Expose decorator in output DTO class

[hariombalhara]

This fixes an existing case where in case of form field validation failure, we were still returning success with empty message.

[hariombalhara]

@joeauyeung By default having this variable as false, so that we intentionally not use the fixed logic for headless router or elsewhere except API v2's new endpoint.

This keeps the behaviour same for headless router as routerGetCrmContactOwnerEmail wasn't returning any contactOwner or other details

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	memory-cache@​0.2.0
	bcryptjs@​2.4.3

View full report

[graphite-app]

Graphite Automations

"Add consumer team as reviewer" took an action on this PR • (07/04/25)

1 reviewer was added to this PR based on Keith Williams's automation.

[cubic-dev-ai]

cubic found 6 issues across 23 files. Review them in cubic.dev

_{React with 👍 or 👎 to teach cubic. Tag @cubic-dev-ai to give specific feedback.}