Aotal recruitment APIs API documentation

/actions

get

get

Get html head snippet (typically an include of a stylesheet) used to style the html for a strip of buttons.

The app building the page that embeds the buttons must insert the results of this API call in its head section.

All APIs beneath here are operating on behalf of the logged in candidate.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "array",
    "items": { "$ref": "actionsForApp.json" },
    "description": "An array of actions rolled up across all producing apps"
}

Example:

[
  {
    "app": "myapp",
    "actions": [
      {
        "name": "refer",
        "uri": "https://referrals.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Refer a friend",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      },
      {
        "name": "share",
        "uri": "https://sharing.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Share this job",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      }
    ]
  }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: text/html

Example:

some html containing a strip of buttons, using only styles from the headHtml call

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)
  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "array",
    "items": { "$ref": "actionsForApp.json" },
    "description": "An array of actions rolled up across all producing apps"
}

Example:

[
  {
    "app": "myapp",
    "actions": [
      {
        "name": "refer",
        "uri": "https://referrals.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Refer a friend",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      },
      {
        "name": "share",
        "uri": "https://sharing.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Share this job",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      }
    ]
  }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "array",
    "items": { "$ref": "actionsForApp.json" },
    "description": "An array of actions rolled up across all producing apps"
}

Example:

[
  {
    "app": "myapp",
    "actions": [
      {
        "name": "refer",
        "uri": "https://referrals.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Refer a friend",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      },
      {
        "name": "share",
        "uri": "https://sharing.com/jobs/1022?tracker=106645",
        "type": "button",
        "label": "Share this job",
        "textColor": "dddddd",
        "backgroundColor": "010203",
        "disabled": false
      }
    ]
  }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: text/html

Example:

some html containing a strip of buttons, using only styles from the headHtml call

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)
  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

The name of an action button, belonging to the app that is consuming the API, that is to be marked as satisfied by someone following the link.

get

Obtain a link that a candidate can use to mark themselves as having satisfied the given action button on a job. When the candidate follows this link, they will be asked to sign in, then marked as having satisfied the pre-reqs for the given purpose (e.g. applying for a job), and then shown the message, along with a link to get back to where they started.

SoT.

Obtain a link that a candidate can use to mark themselves as having satisfied the given action button on a job. When the candidate follows this link, they will be asked to sign in, then marked as having satisfied the pre-reqs for the given purpose (e.g. applying for a job), and then shown the message, along with a link to get back to where they started.

SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)
  • actionName: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423
  • message: required (string)

    The message that will be displayed to the user on the linked web page, once they have logged in.

    Example:

    Congratulations! You can apply for this job now.
  • results: (string)

    The results paramater (if present) is a url encoded json document containing similar data as that an assessment app can set, as per actionSatisfier.json (e.g. image, a url to see the results).

HTTP status code 200

Body

Type: text/plain

Example:

https://acme.prequalify.com/jobs/10032?secret=87686kjhkg78587ykjh

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get

Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.

get

get

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Get a single, named action from a single app. Non-SoT.

The producing app might customise the button/control(s), or choose not display it at all e.g.;

  • for an apply button, display that a partial (draft) registration is already underway
  • gray the register button out if candidate logged in and already registered

Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).

One approach would be by:

  • attaching an additional digital signature to the link based on the link's other values, including the relayPage
  • verifying when the candidate follows the link that the relayPage has not been tampered with

Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.

The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.

The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)

Query Parameters

  • relayPageURL: required (string)

    A URL that the user will be redirected to.

    Example:

    https://myapp.com/kh87876
  • relayPageLabel: required (string)

    A label for the URL that the user will be redirected to, e.g. "Creative Director".

    Example:

    https://myapp.com/kh87876
  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "name": {
      "type": "string",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "type": "boolean",
      "description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
    }
  },
  "type": "object",
  "description": "the logical information needed to populate a button/control at runtime",
  "properties": {
    "name": {
      "$ref": "#/definitions/name",
      "description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
    },
    "gateState": {
      "$ref": "#/definitions/gateState"
    },
    "type": {
      "enum": [
        "image",
        "button"
      ]
    },
    "imageUri": {
      "type": "string",
      "format": "uri",
      "description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
    },
    "label": {
      "type": "string",
      "description": "a string indicating what the action will do, used as the label on its button/control"
    },
    "uri": {
      "type": "string",
      "format": "uri",
      "description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
    },
    "textColor": {
      "description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "backgroundColor": {
      "description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
      "type": "string"
    },
    "disabled": {
      "type": "boolean",
      "description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
    }
  },
  "required": [
    "name",
    "label",
    "uri",
    "disabled"
  ],
  "additionalProperties": true
}

Example:

{
  "name": "refer",
  "uri": "https://referrals.com/jobs/1022?tracker=106645",
  "type": "button",
  "label": "Refer a friend",
  "textColor": "dddddd",
  "backgroundColor": "010203",
  "disabled": false
}

HTTP status code 404

The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

General actions seen by candidates are typically embedded in page headers, e.g. "register", "share this entire site", etc.

get

get

Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.

get

get

Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).

Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.

For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.

This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.

Non-SoT.

post

post

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

Job-level actions seen by candidates are typically embedded in job details pages, e.g. "apply", "share this job", etc.

get

get

Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.

get

get

Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).

Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.

For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.

This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.

Non-SoT.

The setup page uses uiMode to understand whether the user is at a point in the UI where they are:

  • view: viewing setup details
  • edit: editing setup details

In all cases the app should apply its own security to decide whether the user is actually allowed to view/edit, this value is just a hint to make the setup page work smoothly in conjunction with the "edit mode" as set in the containing UI.

true if the setup page is setting up details for internal candidates, or false for externals

get

setup page for default values, that will affect all jobs (unless overridden at workflow level or on the job itself)

get

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)
  • uiMode: required (string)
  • internal: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "url": {
      "type": "string",
      "format": "url",
      "description": "url of the setup page, if one exists at this level (global, workflow or job)"
    },
    "setupRequiredFlag": {
      "type": "boolean",
      "description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
    }
  },
  "required": [
    "url",
    "setupRequiredFlag"
  ]
}

Example:

{
    "url": "https://myapp.com/103734845",
    "setupRequiredFlag": true
}

HTTP status code 404

There is no setup for this action at this level (i.e. it doesn't need any parameters)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

setup page for default values that will affect all jobs of the given workflow, unless overridden on the job itself

get

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)
  • uiMode: required (string)
  • internal: required (string)
  • workflow: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "url": {
      "type": "string",
      "format": "url",
      "description": "url of the setup page, if one exists at this level (global, workflow or job)"
    },
    "setupRequiredFlag": {
      "type": "boolean",
      "description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
    }
  },
  "required": [
    "url",
    "setupRequiredFlag"
  ]
}

Example:

{
    "url": "https://myapp.com/103734845",
    "setupRequiredFlag": true
}

HTTP status code 404

There is no setup for this action at this level (i.e. it doesn't need any parameters)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

setup page for values that affect only this job

get

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).

For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.

Communicating from your setup page back to the container

When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.

Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.

Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:

Window.parent.postMessage({"action": "closePanel", "verb": "ok"});

If they clicked cancel in your page, then pass "cancel" instead as the verb.

Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.

Setting default values

For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).

This API is non-SoT, on-behalf (principal == user).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • action: required (string)
  • uiMode: required (string)
  • internal: required (string)
  • job: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "url": {
      "type": "string",
      "format": "url",
      "description": "url of the setup page, if one exists at this level (global, workflow or job)"
    },
    "setupRequiredFlag": {
      "type": "boolean",
      "description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
    }
  },
  "required": [
    "url",
    "setupRequiredFlag"
  ]
}

Example:

{
    "url": "https://myapp.com/103734845",
    "setupRequiredFlag": true
}

HTTP status code 404

There is no setup for this action at this level (i.e. it doesn't need any parameters)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.

get

get

Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).

Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.

For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.

This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.

Non-SoT.

post

post

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

/applications

get

get

This API is used to fetch or query details of 1 to 100 job applications in a single call.

You should call this API either:

  • passing the "applications" parameter, to fetch a specific, known set of applications; OR
  • passing some combination of "bucket", "job", "candidate", "since" and "minID" to query an unknown number of applications, filtered to your requirements

In the second case, the total number of results may exceed the maximum (100) per API call, so you will need to paginate the results as follows (results are ordered by since asc, application ID asc):

  • first, call the API passing only your filters (i.e., not the since or minID parameters)
  • if you get back exactly 100 applications, call the API again, but this time setting since and minID paramaters to the values from the last application in the previous response
  • repeat the above until less than 100 results are returned (indicating you've fetched the final application)

SinceDate is the datelastUpdated for the application.

patch

patch

Consumed by an app, e.g. an ATS front end, to update an application, e.g. move it to a new bucket.

Consumed by an app, e.g. an ATS front end, to update an application, e.g. move it to a new bucket.

URI Parameters

  • application: required (string)

Body

Type: application/merge-patch+json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
  },
  "properties": {
    "items": {
      "$ref": "itemsWrite.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    }
  },
  "additionalProperties": false
}

Example:

{
   "bucket": 100
}

HTTP status code 200

the update was successful

post

post

The main ping for any changes to a job application. Noisy, i.e. other apps need to store previous state to work out what has actually changed.

Non-SoT.

The main ping for any changes to a job application. Noisy, i.e. other apps need to store previous state to work out what has actually changed.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "definitions": {
      "operation": {
            "enum": [
                "insert",
                "update",
                "delete"
            ]
      }
    },
    "type": "object",
    "properties": {
        "operation": {
          "$ref": "#/definitions/operation"
        }
    },
    "required": [
        "operation"
    ],
    "additionalProperties": false
}

Example:

 {
    "operation": "insert"
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

The id of the application's new bucket

post

post

Consumed by something like an ATS when an application has changed its bucket. Noise-free, i.e. when fired we know the application has changed bucket.

Non-SoT.

Consumed by something like an ATS when an application has changed its bucket. Noise-free, i.e. when fired we know the application has changed bucket.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)
  • bucket: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

A non-SoT API for pings about applications, but which is only sent to the application that sourced the application (i.e., that owns the campaign tracker attached to the application).

A non-SoT API for pings about applications, but which is only sent to the application that sourced the application (i.e., that owns the campaign tracker attached to the application).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

all items held on an application

get

Get values and (in some scenarios) metadata, for all items

Get values and (in some scenarios) metadata, for all items

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Query Parameters

  • embedMeta: (boolean)

    Pass true to have schema fragments embedded in the response when fetching items.

    Less network trips, larger overall message. Defaults to false.

    The client might set this to true for first API call, then cache the metas and pass false from then on.

HTTP status code 200

Body

Type: application/json

Schema:

{
	"$schema":"http://json-schema.org/draft-04/schema#",
	"type":"array",
	"items":{ "$ref": "itemPackageRead.json" }
}

Example:

[
{
  "item": {
    "type": "file",
    "name": "cover letter",
    "value": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509",
      "via": "dropbox.com"
    }
  },
  "meta": {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }
}
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get value and (in some scenarios), metadata for a specific item

Get value and (in some scenarios), metadata for a specific item

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)
  • item: required (string)

Query Parameters

  • embedMeta: (boolean)

    Pass true to have schema fragments embedded in the response when fetching items.

    Less network trips, larger overall message. Defaults to false.

    The client might set this to true for first API call, then cache the metas and pass false from then on.

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "meta": {
      "$ref": "itemMeta.json"
    },
    "item": {
      "$ref": "itemRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "item": {
    "type": "file",
    "name": "cover letter",
    "value": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509",
      "via": "dropbox.com"
    }
  },
  "meta": {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

Metadata for items held on the candidate

get

Get metadata for all items

Get metadata for all items

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
	"$schema":"http://json-schema.org/draft-04/schema#",
	"type":"array",
	"items":{ "$ref": "itemMeta.json" }
}

Example:

[
  {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  },
  {
    "type": "picklist",
    "name": "preferred-transport-10044",
    "title": "Preferred transport",
    "instructions": "Tell us how you'ld like to get to work",
    "nullLabel": "Choose your transport mode",
    "minChoices": 1,
    "maxChoices": 1,
    "presentation": "showOne",
    "choices": [
      {
        "name": "Plane",
        "isDefault": false
      },
      {
        "name": "Land",
        "isDefault": false,
        "choices": [
          {
            "name": "Car",
            "isDefault": false
          },
          {
            "name": "Bike",
            "isDefault": false
          }
        ]
      }
    ]
  },
  {
    "type": "section",
    "name": "section-header-1033",
    "title": "Transport questions",
    "subMetas": [
      {
        "type": "boolean",
        "name": "bike-rider-003",
        "title": "Bike rider?",
        "instructions": "Be honest. But remember, we want healthy employees."
      }
    ]
  }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get metadata for a specific item

Get metadata for a specific item

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)
  • item: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "definitions": {
    "title": {
      "type": "string",
      "description": "a short, markdown-formatted label for this item, e.g. 'Date of birth'"
    },
    "instructions": {
      "type": "string",
      "description": "markdown-formatted instructions to a person as to how to complete/interpret this item, if its not obvious from the title"
    },
    "sectionMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "section"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "subMetas": {
          "$ref": "itemMetas.json"
        }
      }
    },
    "booleanMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "boolean"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "presentation": {
          "enum": [
            "checkbox",
            "select"
          ],
          "description": "a hint as to how the item should be rendered"
        },
        "nullLabel": {
          "type": "string",
          "description": "The label that should be used for the 'no selection' choice. When present, implies presentation == select"
        },
        "defaultValue": {
          "type": "boolean",
          "description": "defaults to false if not present"
        },
        "trueLabel": {
          "type": "string",
          "description": "defaults to 'yes'"
        },
        "falseLabel": {
          "type": "string",
          "description": "defaults to 'no'"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "numberMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "number"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "precision": {
          "type": "integer"
        },
        "scale": {
          "type": "integer"
        },
        "minValue": {
          "type": "number"
        },
        "maxValue": {
          "type": "number"
        },
        "defaultValue": {
          "type": "number"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "stringMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "string"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "format": {
          "enum": [
            "singleLine",
            "multiLine",
            "markDown"
          ],
          "description": "what sort of string the item holds"
        },
        "minLength": {
          "type": "integer"
        },
        "maxLength": {
          "type": "integer"
        },
        "defaultValue": {
          "type": "string"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "dateMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "date"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "showTime": {
          "type": "boolean",
          "description": "whether time component should be shown - entered dates default to midnight if false"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present, results in a selectable UI element that equates to no selection"
        },
        "minDate": {
          "type": "string",
          "format": "date-time"
        },
        "maxDate": {
          "type": "string",
          "format": "date-time"
        },
        "defaultValue": {
          "type": "string",
          "format": "date-time"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "fileMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "file"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "purpose": {
          "enum": [
            "audio",
            "document",
            "image",
            "video"
          ]
        },
        "accept": {
          "type": "array",
          "description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
          "items": {
            "$ref": "fileDownload.json#/definitions/mediaType"
          }
        },
        "maxSize": {
          "type": "integer",
          "description": "maximum file size in bytes"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "tableMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "table"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "minRows": {
          "type": "integer"
        },
        "maxRows": {
          "type": "integer"
        },
        "columns": {
          "$ref": "#/definitions/columns"
        }
      }
    },
    "columns": {
      "type": "array",
      "items": {
        "$ref": "#"
      },
      "description": "a series of itemMetas, each representing a column within the table"
    },
    "picklistMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "picklist"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present,  and presentation == showOne, then a pseudo-choice will be injected"
        },
        "minChoices": {
          "type": "integer"
        },
        "maxChoices": {
          "type": "integer"
        },
        "presentation": {
          "enum": [
            "showOne",
            "showAll"
          ],
          "description": "showOne is only usable when maxChoices == 1"
        },
        "choices": {
          "$ref": "#/definitions/picklistChoices"
        }
      }
    },
   "picklistChoices": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/picklistChoice"
      },
      "description": "a bunch of choices that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
    },
    "picklistChoice": {
      "type": "object",
      "properties": {
        "name": {
          "type": "string",
          "description": "this choice - ideally immutable"
        },
        "isDefault": {
          "type": "boolean",
          "description": "will always be compatible with minChoices, maxChoices"
        },
        "choices": {
          "$ref": "#/definitions/picklistChoices"
        }
      }
    },
    "cascadeMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "cascade"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present,  and presentation == showOne, then a pseudo-choice will be injected"
        },
        "minChoices": {
          "type": "integer"
        },
        "maxChoices": {
          "type": "integer"
        },
        "presentation": {
          "enum": [
            "showOne",
            "showAll"
          ],
          "description": "showOne is only usable when maxChoices == 1"
        },
        "choices": {
          "$ref": "#/definitions/cascadeChoices"
        }
      }
    },
    "cascadeChoices": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/cascadeChoice"
      },
      "description": "a bunch of items that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
    },
    "cascadeChoice": {
      "type": "object",
      "properties": {
        "name": {
          "type": "string",
          "description": "this choice - ideally immutable"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "isDefault": {
          "type": "boolean",
          "description": "will always be compatible with minChoices, maxChoices"
        },
        "subItems": {
          "type": "array",
          "items": {
            "$ref": "#"
          },
          "description": "items unlocked based on a choice"
        }
      }
    }
  },
  "type": "object",
  "oneOf": [
    {
      "$ref": "#/definitions/sectionMeta"
    },
    {
      "$ref": "#/definitions/booleanMeta"
    },
    {
      "$ref": "#/definitions/numberMeta"
    },
    {
      "$ref": "#/definitions/stringMeta"
    },
    {
      "$ref": "#/definitions/dateMeta"
    },
    {
      "$ref": "#/definitions/fileMeta"
    },
    {
      "$ref": "#/definitions/picklistMeta"
    },
    {
      "$ref": "#/definitions/cascadeMeta"
    },
    {
      "$ref": "#/definitions/tableMeta"
    }
  ]
}

Example:

  {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get a sanitised and basic set of information for a job application, which the consumer is entitled to by virtue of sourcing the application (i.e., owning the campaign tracker attached to the application).

Get a sanitised and basic set of information for a job application, which the consumer is entitled to by virtue of sourcing the application (i.e., owning the campaign tracker attached to the application).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • consumer: required (string)
  • id: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

A view is a curated package of information about an application and its job, candidate, etc.

The tenant controls what data appears in a view. This allows them to e.g. only share the minimum amount of data with an app. For example, an onboarding app might need details of the applicant's salary, whereas a survey app might only need to know their email address.

These "at" APIs provide access to applications based on the phase of the recruitment process that they are in now, or have ever been in. An application's phase is determined by its bucket (every bucket is linked to a single phase). In these descriptions:

  • "entering a phase" means that an application has transitioned into a bucket of that phase, from a bucket of some other phase (or from initial creation) - i.e. moving between buckets of the same phase has no effect on these APIs
  • "exiting a phase" means that an application has transitioned out of a bucket of this phase into a bucket of some other phase.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'now' APIs return all applications:

  • that are currently in this phase; AND
  • (if since is specified), that most recently entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application most recently entered the phase.

post

post

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

A request containing a view will be sent for the 'now' case to all listeners whenever an application;

  • enters the phase

An empty request will be sent whenever an application;

  • exits the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The 'ever' APIs return all applications:

  • that have ever been in this phase; AND
  • (if since is specified), that first entered this phase after the given date; AND
  • (if minID is specified), that have id > minID

A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.

Results are ordered by sinceDate asc, applicationId asc.

sinceDate in this case is the date the application first entered the phase.

post

post

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

A request containing a view will be sent for the "ever" case to all listeners;

  • the first time (only) that an application enters the phase

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "HIREDATE",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      }
    }
  ],
  "candidate": {
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "recruiter": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Ask the view holding app to create a view instance of the given view type for this application. The response includes the key of the newly created view instance.

Ask the view holding app to create a view instance of the given view type for this application. The response includes the key of the newly created view instance.

URI Parameters

  • application: required (string)
  • viewType: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "definitions": {
    "key": {
      "type": "string"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "description": "when the view was created"
    }
  },
  "type": "object",
  "properties": {
    "key": {
      "$ref": "#/definitions/key"
    },
    "created": {
      "$ref": "#/definitions/created"
    }
  },
  "required": [
    "key",
    "created"
  ],
  "additionalProperties": false
}

Example:

{
    "key": "kjhh9879hoyutf74futyyb0978g56vfuygvu5",
    "created": "2015-11-05T13:15:30Z"
}

get

get

Get the previously created view instance.

Get the previously created view instance.

URI Parameters

  • key: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "tracker": {
      "type": "integer",
      "description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
    },
    "formFactor": {
      "enum": [
        "mobile",
        "desktop",
        "tablet",
        "other"
      ]
    },
    "source": {
      "type": "string"
    },
    "bucketMovement": {
      "type": "object",
      "properties": {
        "id": {
          "$ref": "bucket.json#/definitions/id"
        },
        "landed": {
          "type": "string",
          "format": "date-time"
        }
      },
      "additionalProperties": false,
      "required": [
        "id",
        "landed"
      ]
    },
    "bucketMovements": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/bucketMovement"
      }
    },
    "dateLastUpdated": {
      "type": "string",
      "format": "date-time"
    },
    "remuneration": {
      "type": "object",
      "description": "See HR/XML OnBoardingDeploymentType",
      "properties": {
        "amount": {
          "type": "number",
          "description": "The monetary value of the object in which the amount is associated"
        },
        "rateIntervalCode": {
          "type": "string",
          "description": "See HR/XML PayRateIntervalCodeType"
        },
        "typeCode": {
          "type": "string",
          "description": "A code classifying the type of remuneration (HR/XML)"
        }
      },
      "additionalProperties": false
    },
    "dutyEntryDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
    },
    "hireDate": {
      "type": "string",
      "format": "date-time",
      "description": "Per- HR-XML, The date on which the associated person was hired."
    },
    "onBoardedDate": {
      "type": "string",
      "format": "date-time",
      "description": "The date on which the associated person completed onboarding."
    },
    "hireDetails": {
      "type": "object",
      "properties": {
        "remuneration": {
          "$ref": "#/definitions/remuneration"
        },
        "dutyEntryDate": {
          "$ref": "#/definitions/dutyEntryDate"
        },
        "hireDate": {
          "$ref": "#/definitions/hireDate"
        },
        "onBoardedDate": {
          "$ref": "#/definitions/onBoardedDate"
        }
      },
      "additionalProperties": false
    },
    "since": {
      "type": "string",
      "format": "date-time",
      "description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
    }
  },
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "since": {
      "$ref": "#/definitions/since"
    },
    "source": {
      "$ref": "#/definitions/source"
    },
    "formFactor": {
      "$ref": "#/definitions/formFactor"
    },
    "bucketMovements": {
      "$ref": "#/definitions/bucketMovements"
    },
    "candidate": {
      "$ref": "candidateRead.json"
    },
    "job": {
      "$ref": "jobRead.json"
    },
    "bucket": {
      "$ref": "bucket.json#/definitions/id"
    },
    "tracker": {
      "$ref": "#/definitions/tracker"
    },
    "dateLastUpdated": {
      "$ref": "#/definitions/dateLastUpdated"
    },
    "hireDetails": {
      "$ref": "#/definitions/hireDetails"
    },
    "items": {
      "$ref": "itemPackagesRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "items": [
    {
      "item": {
        "name": "coverletter",
        "type": "file",
        "value": {
          "fileName": "fredcv.docx",
          "size": 3023443,
          "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
          "dateUploaded": "2015-11-05T13:15:30Z",
          "preSignedUri": "https://frodo.com/docs/198714509"
        }
      }
    }
  ],
  "source": "seek-camp0",
  "formFactor": "mobile",
  "bucketMovements": [
    {
      "id": 10034,
      "landed": "2017-05-29T01:34:30+00:00"
    },
    {
      "id": 10035,
      "landed": "2017-05-29T01:34:30+00:00"
    },
    {
      "id": 10036,
      "landed": "2017-05-29T01:34:30+00:00"
    }
  ],
  "hireDetails": {
    "hireDate": "2015-11-05T13:15:30Z"
  },
  "candidate": {
    "person": {
      "vcard": [
        "vcard",
        [
          [
            "version",
            {},
            "text",
            "4.0"
          ],
          [
            "n",
            {},
            "text",
            [
              "Gor4ven",
              "David",
              "",
              "Mr.",
              ""
            ]
          ],
          [
            "nickname",
            {},
            "text",
            "David"
          ],
          [
            "tel",
            {
              "type": "home"
            },
            "text",
            "+64212094544"
          ],
          [
            "tel",
            {
              "type": "cell"
            },
            "text",
            "+64212094544"
          ],
          [
            "adr",
            {},
            "text",
            [
              "",
              "",
              "11 Hoturoa Place, Manurewa",
              "Auckland",
              "",
              "2102",
              "NZ"
            ]
          ],
          [
            "email",
            {
              "type": "home"
            },
            "text",
            "davededo@gmail.com"
          ],
          [
            "x-socialprofile",
            {
              "type": "Facebook"
            },
            "uri",
            "https://www.facebook.com/bgorven"
          ],
          [
            "prodid",
            {},
            "text",
            "ez-vcard 0.9.6"
          ]
        ]
      ]
    },
    "internalFlag": false,
    "resumeMeta": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509"
    },
    "items": []
  },
  "job": {
    "code": "TTfg321",
    "title": "Creative Director",
    "items": [],
    "manager": {
      "person": {
        "email": "frano@gmail.com"
      }
    }
  }
}

get

get

Get a list of all available view types (i.e. pre-defined sets of information about an application)

/appStatus

get

get

Produced by apps to inform the storefront app of this app's:

  • landing page, i.e where should the user go to do on clicking "open" on the app - e.g. clicking a job board app might go to the front page of the job board
  • setup required status, i.e. whether the app is degraded or unusable due to some missing setup
  • setup page, i.e. where should the user go to adjust the app's setup

Probably only consumed by storefront apps.

SoT: non-SoT (each app has their own landing page).

When the app is generating the setup page url, the relayPage parameter indicates where the user should be redirected to after completing the setup (i.e. typically the app details page witin the storefront).

/assessments

These APIs are on behalf, allowing the identity of the user raising the assessment to be available to the hub.

get

get

Get the html for the strip of assessments (not started, underway or complete), ready to plug in next to a job applicant.

SoT.

The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /assessments/strips/headHtml.

get

get

Get html head snippet (typically an include of a stylesheet) used to style the html for the assessments strip.

The app building the page (e.g. applicant list) that embeds assessment strips must insert the results of this API call in its head section.

The head HTML API pulls in a function initializeSearchWidget() that the ATS can call, passing a single object with these fields:

  • String tenant
  • Number bucket
  • HTMLElement sortWidget (an empty DOM element that the hub will put the sort control widget in)
  • Number currentSort (indicates the assessment type currently being sorted on, so the sort control can render itself)
  • Boolean currentSortAsc (is the current sort asc or desc?)
  • Number job (the job the ATS is displaying applicants for)
  • Function callback (callback function that the hub will use to notify the ATS when a sort is requested). The callback takes params:
    • Number assessmentType (to sort by)
    • Boolean sortAsc (whether to sort asc or desc)

post

post

An app such as an ATS calls this on an app such as the assessment hub to convert a set of application IDs into a sorted set.

If there are no assessments the result is 200 with an empty array.

An app such as an ATS calls this on an app such as the assessment hub to convert a set of application IDs into a sorted set.

If there are no assessments the result is 200 with an empty array.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • assessmentType: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "array",
    "items": {
      "type": "number"
    },
    "description": "An array of ids for anything"
}

Example:

[ 1,2,3,4 ]

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "a sorted set of assessments",
  "definitions": {
    "assessmentSortItem": {
      "type": "object",
      "description": "a single application/assessment within a larger sorted set",
      "properties": {
        "application": {
          "$ref": "applicationRead.json#/definitions/id"
        },
        "assessment": {
          "$ref": "assessmentMeta.json#/definitions/id"
        },
        "assessmentStatus": {
          "$ref": "assessmentRead.json#/definitions/status"
        }
      }
    },
    "assessmentSortedSet": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/assessmentSortItem"
      }
    }
  },
  "properties": {
    "unsortable": {
      "$ref": "#/definitions/assessmentSortedSet"
    },
    "sorted": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/assessmentSortedSet"
      }
    }
  }
}

Example:

{
  "unsortable": [
    { "application": 1003 },
    { "application": 1009, "assessment": 22001, "assessmentStatus": "Error" }
  ],
  "sorted": [
    [
      { "application": 1007, "assessment": 22003, "assessmentStatus": "Complete" },
      { "application": 1019, "assessment": 22008, "assessmentStatus": "Complete" }
    ],
    [
      { "application": 1020, "assessment": 22012, "assessmentStatus": "Complete" }
    ],
    [
      { "application": 1001, "assessment": 22014, "assessmentStatus": "Complete" }
    ]
  ]
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get post

get

get details of this assessment, reflecting changes made by the app and/or the tenant.

post

Tenant creates (or reuses) an assessment of the given type, for the given job application, for example upon a candidate applying and being screened in.

SoT. Typically implemented by the assessment hub.

There is no request body. The response contains the assessment ID.

get details of this assessment, reflecting changes made by the app and/or the tenant.

URI Parameters

  • application: required (string)
  • assessmentType: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "passedFlag": {
      "title": "Pass?",
      "type": "boolean"
    },
    "status": {
      "description": "The current disposition of an assessment",
      "enum": [
        "Started",
        "In progress",
        "Complete",
        "Cancelled",
        "Opted out",
        "Error"
      ]
    },
    "userInteractionUri": {
      "type": [
        "string",
        "null"
      ],
      "format": "uri",
      "description": "when present, a uri, with all query parameters urlencoded, of a small, iframe-able web page that the user (e.g. the recruiter) uses to interact with/view the assessment"
    },
    "userInteractionMessage": {
      "type": [
        "string",
        "null"
      ],
      "description": "when present, a markdown formatted string that will be displayed to the user in the assessent popup. Any links open inside a new tab/window."
    },
    "interactionUris": {
      "type": "object",
      "properties": {
        "candidateInteractionUri": {
          "type": [
            "string",
            "null"
          ],
          "format": "uri",
          "description": "when present, a uri, with all query parameters urlencoded, that the candidate must follow to complete some part of the assessment"
        },
        "userInteractionUri": {
          "$ref": "#/definitions/userInteractionUri"
        },
        "userInteractionMessage": {
          "$ref": "#/definitions/userInteractionMessage"
        },
        "userAttentionRequired": {
          "type": "boolean",
          "description": "Signals that the assessment cannot proceed until the user provides some input. Can only be true when either userInteractionUri or userInteractionUri are non-null."
        }
      },
      "additionalProperties": false,
      "required": [
        "candidateInteractionUri",
        "userInteractionUri",
        "userAttentionRequired"
      ]
    },
    "imageUrl": {
      "description": "url of an image that will be loaded from an  app into the assessment hub to represent an assessment's status or an unstarted assessment type",
      "type": "string",
      "format": "url"
    },
    "raisers": {
      "description": "a list of every user who raised this assessment (this may be more than one, i.e. via linkages). Does not include linkages raised by the system, e.g. an assessment started because a candidate dropped into a bucket",
      "type": "array",
      "items": {
        "$ref": "person.json"
      }
    }
  },
  "type": "object",
  "properties": {
    "meta": {
      "$ref": "assessmentMeta.json"
    },
    "assessmentType": {
      "type": "integer"
    },
    "assessmentTypeKey": {
      "$ref": "assessmentType.json#/definitions/key"
    },
    "status": {
      "$ref": "#/definitions/status"
    },
    "view": {
      "type": "string",
      "description": "the key of the view instance that will give more details about the subject of this assessment (name, email address, job ID, etc.)"
    },
    "passedFlag": {
      "$ref": "#/definitions/passedFlag"
    },
    "interactionUris": {
      "$ref": "#/definitions/interactionUris"
    },
    "image": {
      "$ref": "#/definitions/imageUrl"
    },
    "raisers": {
      "$ref": "#/definitions/raisers"
    }
  },
  "additionalProperties": false,
  "required": [
    "meta",
    "assessmentType",
    "assessmentTypeKey",
    "status",
    "view",
    "interactionUris",
    "raisers"
  ]
}

Example:

{
  "meta": {
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
  },
  "assessmentType": 10022,
  "assessmentTypeKey": "maths test",
  "status": "Started",
  "view": "kjhh9879hoyutf74futyyb0978g56vfuygvu5",
  "interactionUris": {
    "candidateInteractionUri": null,
    "userInteractionUri": null,
    "userAttentionRequired": false
  },
  "raisers": [
	  {
	    "givenName": "Fred",
	    "familyName": "Bloggs",
	    "email": "fred@gmail.com"
	  }
  ]  
}

Tenant creates (or reuses) an assessment of the given type, for the given job application, for example upon a candidate applying and being screened in.

SoT. Typically implemented by the assessment hub.

There is no request body. The response contains the assessment ID.

URI Parameters

  • application: required (string)
  • assessmentType: required (string)

HTTP status code 200

the post was successful, and an existing assessment was reused.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "description": "when the object was created"
    }
  },
  "type": "object",
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "created": {
      "$ref": "#/definitions/created"
    }
  },
  "required": [
    "id",
    "created"
  ],
  "additionalProperties": false
}

Example:

{
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
}

HTTP status code 201

the post was successful, and a new assessment was created.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "description": "when the object was created"
    }
  },
  "type": "object",
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "created": {
      "$ref": "#/definitions/created"
    }
  },
  "required": [
    "id",
    "created"
  ],
  "additionalProperties": false
}

Example:

{
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
}

post

post

Tenant creates (or reuses) an assessment of the given type, for the given job application, for a logged in user, who will appear in the raisers section of the assessment. This is an on-behalf version of the similar API (without /me).

SoT. Typically implemented by the assessment hub.

There is no request body. The response contains the assessment ID.

Tenant creates (or reuses) an assessment of the given type, for the given job application, for a logged in user, who will appear in the raisers section of the assessment. This is an on-behalf version of the similar API (without /me).

SoT. Typically implemented by the assessment hub.

There is no request body. The response contains the assessment ID.

URI Parameters

  • application: required (string)
  • assessmentType: required (string)

HTTP status code 200

the post was successful, and an existing assessment was reused.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "description": "when the object was created"
    }
  },
  "type": "object",
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "created": {
      "$ref": "#/definitions/created"
    }
  },
  "required": [
    "id",
    "created"
  ],
  "additionalProperties": false
}

Example:

{
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
}

HTTP status code 201

the post was successful, and a new assessment was created.

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "definitions": {
    "id": {
      "type": "integer"
    },
    "created": {
      "type": "string",
      "format": "date-time",
      "description": "when the object was created"
    }
  },
  "type": "object",
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "created": {
      "$ref": "#/definitions/created"
    }
  },
  "required": [
    "id",
    "created"
  ],
  "additionalProperties": false
}

Example:

{
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
}

get

get

get details of this assessment, reflecting changes made by the app and/or the tenant.

get details of this assessment, reflecting changes made by the app and/or the tenant.

URI Parameters

  • id: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "passedFlag": {
      "title": "Pass?",
      "type": "boolean"
    },
    "status": {
      "description": "The current disposition of an assessment",
      "enum": [
        "Started",
        "In progress",
        "Complete",
        "Cancelled",
        "Opted out",
        "Error"
      ]
    },
    "userInteractionUri": {
      "type": [
        "string",
        "null"
      ],
      "format": "uri",
      "description": "when present, a uri, with all query parameters urlencoded, of a small, iframe-able web page that the user (e.g. the recruiter) uses to interact with/view the assessment"
    },
    "userInteractionMessage": {
      "type": [
        "string",
        "null"
      ],
      "description": "when present, a markdown formatted string that will be displayed to the user in the assessent popup. Any links open inside a new tab/window."
    },
    "interactionUris": {
      "type": "object",
      "properties": {
        "candidateInteractionUri": {
          "type": [
            "string",
            "null"
          ],
          "format": "uri",
          "description": "when present, a uri, with all query parameters urlencoded, that the candidate must follow to complete some part of the assessment"
        },
        "userInteractionUri": {
          "$ref": "#/definitions/userInteractionUri"
        },
        "userInteractionMessage": {
          "$ref": "#/definitions/userInteractionMessage"
        },
        "userAttentionRequired": {
          "type": "boolean",
          "description": "Signals that the assessment cannot proceed until the user provides some input. Can only be true when either userInteractionUri or userInteractionUri are non-null."
        }
      },
      "additionalProperties": false,
      "required": [
        "candidateInteractionUri",
        "userInteractionUri",
        "userAttentionRequired"
      ]
    },
    "imageUrl": {
      "description": "url of an image that will be loaded from an  app into the assessment hub to represent an assessment's status or an unstarted assessment type",
      "type": "string",
      "format": "url"
    },
    "raisers": {
      "description": "a list of every user who raised this assessment (this may be more than one, i.e. via linkages). Does not include linkages raised by the system, e.g. an assessment started because a candidate dropped into a bucket",
      "type": "array",
      "items": {
        "$ref": "person.json"
      }
    }
  },
  "type": "object",
  "properties": {
    "meta": {
      "$ref": "assessmentMeta.json"
    },
    "assessmentType": {
      "type": "integer"
    },
    "assessmentTypeKey": {
      "$ref": "assessmentType.json#/definitions/key"
    },
    "status": {
      "$ref": "#/definitions/status"
    },
    "view": {
      "type": "string",
      "description": "the key of the view instance that will give more details about the subject of this assessment (name, email address, job ID, etc.)"
    },
    "passedFlag": {
      "$ref": "#/definitions/passedFlag"
    },
    "interactionUris": {
      "$ref": "#/definitions/interactionUris"
    },
    "image": {
      "$ref": "#/definitions/imageUrl"
    },
    "raisers": {
      "$ref": "#/definitions/raisers"
    }
  },
  "additionalProperties": false,
  "required": [
    "meta",
    "assessmentType",
    "assessmentTypeKey",
    "status",
    "view",
    "interactionUris",
    "raisers"
  ]
}

Example:

{
  "meta": {
    "id": 100,
    "created": "2015-11-05T13:15:30Z"
  },
  "assessmentType": 10022,
  "assessmentTypeKey": "maths test",
  "status": "Started",
  "view": "kjhh9879hoyutf74futyyb0978g56vfuygvu5",
  "interactionUris": {
    "candidateInteractionUri": null,
    "userInteractionUri": null,
    "userAttentionRequired": false
  },
  "raisers": [
	  {
	    "givenName": "Fred",
	    "familyName": "Bloggs",
	    "email": "fred@gmail.com"
	  }
  ]  
}

patch

patch

Consumed by the assessment app to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). Apps may set most details and some statuses for an assessment, but cannot alter the on hold flag.

Consumed by the assessment app to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). Apps may set most details and some statuses for an assessment, but cannot alter the on hold flag.

URI Parameters

  • id: required (string)

Body

Type: application/merge-patch+json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "package of data for an assessment app to update an assessment",
  "properties": {
    "status": {
      "$ref": "assessmentRead.json#/definitions/status"
    },
    "passedFlag": {
       "$ref": "assessmentRead.json#/definitions/passedFlag"
    },
    "interactionUris": {
      "$ref": "assessmentRead.json#/definitions/interactionUris"
    },
    "image": {
      "$ref": "assessmentRead.json#/definitions/imageUrl"
    }
  },
  "additionalProperties": false
}

Example:

{
  "status": "Complete",
  "interactionUris": {
    "candidateInteractionUri": null,
    "userInteractionUri": null,
    "userAttentionRequired": false
  },
  "passedFlag": true,
  "image": "https://www.example.com/image.png"
}

HTTP status code 200

the update was successful

patch

patch

Consumed by the assessment hub, as a result of some tenant action, to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). The tenant cannot alter many details of an assessment other than to change the status.

Consumed by the assessment hub, as a result of some tenant action, to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). The tenant cannot alter many details of an assessment other than to change the status.

URI Parameters

  • id: required (string)

Body

Type: application/merge-patch+json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "package of data for the tenant (e.g. via some trusted app like an ats) to update an assessment",
  "properties": {
    "status": {
      "$ref": "assessmentRead.json#/definitions/status"
    }
  },
  "additionalProperties": false
}

HTTP status code 200

the update was successful

post

post

Alerts listeners to a change to an assessment caused by the tenant

Alerts listeners to a change to an assessment caused by the tenant

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • id: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "definitions": {
      "operation": {
            "enum": [
                "insert",
                "update",
                "delete"
            ]
      }
    },
    "type": "object",
    "properties": {
        "operation": {
          "$ref": "#/definitions/operation"
        }
    },
    "required": [
        "operation"
    ],
    "additionalProperties": false
}

Example:

 {
    "operation": "insert"
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

An app such as the assessment hub calls this on the assessment app that owns these assessments, to have them sorted.

An app such as the assessment hub calls this on the assessment app that owns these assessments, to have them sorted.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "array",
    "items": {
      "type": "number"
    },
    "description": "An array of ids for anything"
}

Example:

[ 1023,1046,1077,1122,1343,1022 ]

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "a sorted set of assessments",
  "definitions": {
    "assessmentSortItem": {
      "type": "object",
      "description": "a single application/assessment within a larger sorted set",
      "properties": {
        "application": {
          "$ref": "applicationRead.json#/definitions/id"
        },
        "assessment": {
          "$ref": "assessmentMeta.json#/definitions/id"
        },
        "assessmentStatus": {
          "$ref": "assessmentRead.json#/definitions/status"
        }
      }
    },
    "assessmentSortedSet": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/assessmentSortItem"
      }
    }
  },
  "properties": {
    "unsortable": {
      "$ref": "#/definitions/assessmentSortedSet"
    },
    "sorted": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/assessmentSortedSet"
      }
    }
  }
}

Example:

{
  "unsortable": [
    { "assessment": 1023, "assessmentStatus": "Error" }
  ],
  "sorted": [
    [
      { "assessment": 1046, "assessmentStatus": "Complete" },
      { "assessment": 1122, "assessmentStatus": "Complete" }
    ],
    [
      { "assessment": 1022, "assessmentStatus": "Complete" }
    ],
    [
      { "assessment": 1077, "assessmentStatus": "Complete" }
    ],
    [
      { "assessment": 1343, "assessmentStatus": "Complete" }
    ]
  ]
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

/assessmentTypes

get

get

Get the list of all assessment types produced by all assessment apps.

SoT.

get

get

This API is deprecated in favour of the key field returned by GET /assessments/byID/{} and will shortly be removed.

Get details of a single assessment type, by ID. The response is an array containing a single type. Typically used by the assessment hub's UI when rendering details about assessments about to be created, or that already exist.

Even when an assessment type has been deleted (i.e., is no longer passed by the assessment app) it will still be returned by this API, but with activeFlag set to false.

SoT.

This API is deprecated in favour of the key field returned by GET /assessments/byID/{} and will shortly be removed.

Get details of a single assessment type, by ID. The response is an array containing a single type. Typically used by the assessment hub's UI when rendering details about assessments about to be created, or that already exist.

Even when an assessment type has been deleted (i.e., is no longer passed by the assessment app) it will still be returned by this API, but with activeFlag set to false.

SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • id: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "assessmentTypeWithID": {
      "type": "object",
      "properties": {
        "id": {
          "type": "number"
        },
        "activeFlag": {
           "type": "boolean"
        },
        "assessmentType": {
          "$ref": "assessmentType.json"
        }
      },
      "required": [ "id", "activeFlag", "assessmentType" ]
    },
    "assessmentTypesWithID": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/assessmentTypeWithID"
      }
    },
    "appTypesWithID": {
      "type": "object",
      "properties": {
        "app": {
          "type": "string",
          "description": "Shortcode for the app that owns these assessment types"
        },
        "appName": {
          "type": "string",
          "description": "Name for the app that owns these assessment types"
        },
        "assessmentTypesWithID": {
          "$ref": "#/definitions/assessmentTypesWithID"
        }
      },
      "required": [ "app", "appName", "assessmentTypesWithID" ]
    }
  },
  "type": "array",
  "items": {
    "$ref": "#/definitions/appTypesWithID"
  }
}

Example:

[
  {
    "app": "msassess",
    "appName": "Microsoft assessment toolbox",
    "assessmentTypesWithID": [
      {
        "id": 3002,
        "activeFlag": true,
        "assessmentType": {
          "key": "mswordprof",
          "userTitle": "MS Word proficiency - basic",
          "daysToExpire": 365,
          "isPassFail": false,
          "sortable": true,
          "canReuse": true,
          "userDescription": "The MS Word proficiency test is an easy, painless way to assess ability to use this most excellent of products.",
          "image": "https://www.example.com/image.png"
        }
      }
    ]
  }
]

HTTP status code 404

no assessment type with that ID exists

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get the list of assessment types produced by an assessment app.

Non-SoT.

get

get

Get the url for the assessment type's launcher UI. The UI may adapt itself based on job and/or candidate, e.g. to ask less of internal candidates. Or it could ignore the application ID and just present its generic UI.

Get the url for the assessment type's launcher UI. The UI may adapt itself based on job and/or candidate, e.g. to ask less of internal candidates. Or it could ignore the application ID and just present its generic UI.

URI Parameters

  • key: required (string)
  • application: required (string)

HTTP status code 200

the assessment type does have a setup UI to present to the user

Body

Type: text/plain

Example:

https://myapp.com/launch/1003443455.html

HTTP status code 404

The assessment type does not have a setup UI to present to the user in this case

post

post

This API is deprecated in favour of POST /assessmentTypes/forApp/deltaPings/1 and will shortly be removed.

Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.

Non-SoT (there may be many listeners).

This API is deprecated in favour of POST /assessmentTypes/forApp/deltaPings/1 and will shortly be removed.

Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.

Non-SoT (there may be many listeners).

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.

SoT.

Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.

SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get the list of assessment types that are visible to this user, for applicants for this job and in this bucket. This can be used e.g. to populate a sorting widget - in it the user could click on a sortable assessment type to sort the applicants.

Get the list of assessment types that are visible to this user, for applicants for this job and in this bucket. This can be used e.g. to populate a sorting widget - in it the user could click on a sortable assessment type to sort the applicants.

URI Parameters

  • job: required (string)

Query Parameters

  • bucket: required (integer)

    only include assessment types that are visible to the user for applicants in the given bucket

    Example:

    1003

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "array",
  "items": {
    "$ref": "assessmentTypeVisible.json"
  }
}

Example:

[
{
    "id": 100,
    "image": "http://images.com/kih968oi",
    "userTitle": "Assess me now",
    "sortable": true
}
]

/buckets

get

get

get

get

URI Parameters

  • bucket: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "id": {
      "type": "integer"
    }
  },
  "type": "object",
  "properties": {
    "id": {
      "$ref": "#/definitions/id"
    },
    "label": {
      "type": "string"
    },
    "phase": {
      "description": "Buckets have a phase, which represents the approximate part of the recruitment process this bucket is for - for example the phase 'interview' might have several buckets (e.g. 'line manager interview', etc.).",
      "enum": [
        "new",
        "screening",
        "interview",
        "selection",
        "offer",
        "approval",
        "hire",
        "onboard",
        "decline",
        "other"
      ]
    },
    "key": {
      "type": "string"
    }
  },
  "required": [
    "id",
    "label",
    "phase"
  ],
  "additionalProperties": false
}

Example:

  {
    "id": 10023,
    "label": "Screened in",
    "phase": "new"
  }

post

post

The main ping for any changes to a bucket. Noisy, i.e. other apps need to store previous state to work out what has actually changed.

Non-SoT.

The main ping for any changes to a bucket. Noisy, i.e. other apps need to store previous state to work out what has actually changed.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • bucket: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "definitions": {
      "operation": {
            "enum": [
                "insert",
                "update",
                "delete"
            ]
      }
    },
    "type": "object",
    "properties": {
        "operation": {
          "$ref": "#/definitions/operation"
        }
    },
    "required": [
        "operation"
    ],
    "additionalProperties": false
}

Example:

 {
    "operation": "insert"
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

/candidates

Candidates are people who are in the tenant's talent world, perhaps stored in their ATS. Maybe they applied for an opening, registered in the database, were imported from some other system, etc.

post

post

This API has the same behaviour as POST /candidates/me, except that the call is not on behalf.

This API has the same behaviour as POST /candidates/me, except that the call is not on behalf.

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "candidateData": {
            "$ref": "candidateWrite.json"
        },
        "applicationData": {
            "type": "object",
            "properties": {
                "job": {
                    "type": "integer"
                },
                "applicationWrite": {
                    "$ref": "applicationWrite.json"
                }
            },
            "additionalProperties": false
        }
    },
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "candidateData": {
            "$ref": "#/definitions/candidateData"
        },
        "applicationData": {
            "$ref": "#/definitions/applicationData"
        }
    },
    "additionalProperties": false
}

Example:

{
  "candidateData": {
    "notifications": true,
    "internalFlag": true,
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resume": {
      "fileName": "fredcv.docx",
      "data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
      "via": "dropbox.com"
    },
    "categories": [
      {
        "category": 10032,
        "values": [
          1009,
          1010,
          10344
        ]
      },
      {
        "category": 10055,
        "values": [
          1085
        ]
      }
    ],
    "items": [
      {
        "name": "birthdate",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      },
      {
        "name": "keenworkerflag",
        "type": "boolean",
        "value": true
      }
    ]
  },
  "applicationData": {
    "job": 23,
    "applicationWrite": {
      "items": [
        {
          "name": "blah",
          "type": "boolean",
          "value": true
        }
      ]
    }
  }
}

HTTP status code 200

the post was successful

HTTP status code 201

the post was successful

HTTP status code 400

The consumer made a bad request. See response in RFC 7807 format for more details.

Body

Type: application/problem+json

post

post

This API has the same behaviour as POST /candidates/me/unvalidated, except that the call is not on behalf.

This API has the same behaviour as POST /candidates/me/unvalidated, except that the call is not on behalf.

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "candidateData": {
            "$ref": "candidateWrite.json"
        },
        "applicationData": {
            "type": "object",
            "properties": {
                "job": {
                    "type": "integer"
                },
                "applicationWrite": {
                    "$ref": "applicationWrite.json"
                }
            },
            "additionalProperties": false
        }
    },
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "candidateData": {
            "$ref": "#/definitions/candidateData"
        },
        "applicationData": {
            "$ref": "#/definitions/applicationData"
        }
    },
    "additionalProperties": false
}

Example:

{
  "candidateData": {
    "notifications": true,
    "internalFlag": true,
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resume": {
      "fileName": "fredcv.docx",
      "data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
      "via": "dropbox.com"
    },
    "categories": [
      {
        "category": 10032,
        "values": [
          1009,
          1010,
          10344
        ]
      },
      {
        "category": 10055,
        "values": [
          1085
        ]
      }
    ],
    "items": [
      {
        "name": "birthdate",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      },
      {
        "name": "keenworkerflag",
        "type": "boolean",
        "value": true
      }
    ]
  },
  "applicationData": {
    "job": 23,
    "applicationWrite": {
      "items": [
        {
          "name": "blah",
          "type": "boolean",
          "value": true
        }
      ]
    }
  }
}

HTTP status code 200

the post was successful

HTTP status code 201

the post was successful

HTTP status code 400

The consumer made a bad request. See response in RFC 7807 format for more details.

Body

Type: application/problem+json

get post

All APIs beneath here are operating on behalf of the logged in candidate.

get

Get the signed in candidate's details

post

Overview

These "apply APIs" are used by an apply app to create or update a candidate in the ATS (depending on whether one exists with a matching email), and optionally create a job application.

There are 4 versions of the apply APIs:

  • POST /candidates
  • POST /candidates/unvalidated
  • POST /candidates/me
  • POST /candidates/me/unvalidated

The /me (on behalf) versions of these APIs are strongly preferred for security and the best candidate experience. They require that the candidate is signed in via SSO.

The non-/unvalidated versions of these APIs are also preferred whenever possible. The /unvalidated versions should be used only if its not possible to answer all of the customer's mandatory questions.

Preparing to call the APIs

Before calling this API, the apply app will usually make an API call to fetch the edit spec (i.e. details of the application form) from the ATS.

The apply app uses this to build up an application form and show it to the candidate.

Once the candidate has completed the application form, the apply app uses one of these apply APIs to push the candidate data and job applications into the ATS.

Update semantics

When updating, merge patch semantics are used (https://tools.ietf.org/html/rfc7386). For example;

  • if resume is present in the request, it will be set
  • if present and null, any existing resume will be cleared
  • if not present, any existing resume will be left unchanged

Internal candidates

The API calls can set or update the candidate's internalFlag (i.e. indicating they are an employee).

The /me versions of the APIs do this by checking for the "internal" role in the incoming SAML assertion. If present, the candidate will be set to have internalFlag = true. If not present, false. The internal flag should not be present in API the request - a 400 error will be thrown if it is.

For the non-/me versions of the APIs, the ATS should just examine the candidate's internal flag in the request.

  • if present and true then the candidate is set to internalFlag == true
  • if present and true then the candidate is set to internalFlag == false
  • if not present, then when creating, the internalFLag will be set to false, and when updating no change will be made

Fields duplicated in the vcard

Within the person object, some fields - e,g, email, first name, last name - are duplicated, i.e. they appear both as a first class field, and also within the vcard. In the API request, either can be used to set the underlying value;

  • The underlying value will be set to whichever is not null
  • If both are null, the underlying value will be set to null
  • If both are not null and they clash, a 400 error will be thrown

Category values

When the API request contains the categories object, and there is a category present (e.g. Location), then the the candidate will be updated to exactly match the category values.

Any categories not passed in will not be changed on the candidate.

Checking eligibility to apply

When the API request includes an job application, the ATS should check that the job is active, AND that one of the following is true;

  • if the job is "open to externals", that the candidate is external
  • if the job is "open to internals", that the candidate is internal
  • if neither, that a tracker chain was passed in that has a campaign tracker for this job and with correctly matching access code

If the job is not active or none of the above are true, then the API will return 400 and no changes will be made.

File checks

The ATS must run all uploaded files through OWASP security tests:

  • extension matches actual file type
  • virus check
  • etc.

Validation

The ATS (app producing the API) must not blindly apply the incoming data. Instead it must itself first generate an editSpec for the candidate, and then check that the incoming data is a subset of what the editSpec allows/requires. This prevents attacks where e.g. the apply app tries to write to a random item. This checking must happen in both the normal and the /unvalidated forms of the APIs.

The ATS must also check that the apply app has passed the resume (if mandatory) and any mandatory data items. The /unvalidated versions of the APIs don't perform these mandatory checks.

Overview

These "apply APIs" are used by an apply app to create or update a candidate in the ATS (depending on whether one exists with a matching email), and optionally create a job application.

There are 4 versions of the apply APIs:

  • POST /candidates
  • POST /candidates/unvalidated
  • POST /candidates/me
  • POST /candidates/me/unvalidated

The /me (on behalf) versions of these APIs are strongly preferred for security and the best candidate experience. They require that the candidate is signed in via SSO.

The non-/unvalidated versions of these APIs are also preferred whenever possible. The /unvalidated versions should be used only if its not possible to answer all of the customer's mandatory questions.

Preparing to call the APIs

Before calling this API, the apply app will usually make an API call to fetch the edit spec (i.e. details of the application form) from the ATS.

The apply app uses this to build up an application form and show it to the candidate.

Once the candidate has completed the application form, the apply app uses one of these apply APIs to push the candidate data and job applications into the ATS.

Update semantics

When updating, merge patch semantics are used (https://tools.ietf.org/html/rfc7386). For example;

  • if resume is present in the request, it will be set
  • if present and null, any existing resume will be cleared
  • if not present, any existing resume will be left unchanged

Internal candidates

The API calls can set or update the candidate's internalFlag (i.e. indicating they are an employee).

The /me versions of the APIs do this by checking for the "internal" role in the incoming SAML assertion. If present, the candidate will be set to have internalFlag = true. If not present, false. The internal flag should not be present in API the request - a 400 error will be thrown if it is.

For the non-/me versions of the APIs, the ATS should just examine the candidate's internal flag in the request.

  • if present and true then the candidate is set to internalFlag == true
  • if present and true then the candidate is set to internalFlag == false
  • if not present, then when creating, the internalFLag will be set to false, and when updating no change will be made

Fields duplicated in the vcard

Within the person object, some fields - e,g, email, first name, last name - are duplicated, i.e. they appear both as a first class field, and also within the vcard. In the API request, either can be used to set the underlying value;

  • The underlying value will be set to whichever is not null
  • If both are null, the underlying value will be set to null
  • If both are not null and they clash, a 400 error will be thrown

Category values

When the API request contains the categories object, and there is a category present (e.g. Location), then the the candidate will be updated to exactly match the category values.

Any categories not passed in will not be changed on the candidate.

Checking eligibility to apply

When the API request includes an job application, the ATS should check that the job is active, AND that one of the following is true;

  • if the job is "open to externals", that the candidate is external
  • if the job is "open to internals", that the candidate is internal
  • if neither, that a tracker chain was passed in that has a campaign tracker for this job and with correctly matching access code

If the job is not active or none of the above are true, then the API will return 400 and no changes will be made.

File checks

The ATS must run all uploaded files through OWASP security tests:

  • extension matches actual file type
  • virus check
  • etc.

Validation

The ATS (app producing the API) must not blindly apply the incoming data. Instead it must itself first generate an editSpec for the candidate, and then check that the incoming data is a subset of what the editSpec allows/requires. This prevents attacks where e.g. the apply app tries to write to a random item. This checking must happen in both the normal and the /unvalidated forms of the APIs.

The ATS must also check that the apply app has passed the resume (if mandatory) and any mandatory data items. The /unvalidated versions of the APIs don't perform these mandatory checks.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "candidateData": {
            "$ref": "candidateWrite.json"
        },
        "applicationData": {
            "type": "object",
            "properties": {
                "job": {
                    "type": "integer"
                },
                "applicationWrite": {
                    "$ref": "applicationWrite.json"
                }
            },
            "additionalProperties": false
        }
    },
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "candidateData": {
            "$ref": "#/definitions/candidateData"
        },
        "applicationData": {
            "$ref": "#/definitions/applicationData"
        }
    },
    "additionalProperties": false
}

Example:

{
  "candidateData": {
    "notifications": true,
    "internalFlag": true,
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resume": {
      "fileName": "fredcv.docx",
      "data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
      "via": "dropbox.com"
    },
    "categories": [
      {
        "category": 10032,
        "values": [
          1009,
          1010,
          10344
        ]
      },
      {
        "category": 10055,
        "values": [
          1085
        ]
      }
    ],
    "items": [
      {
        "name": "birthdate",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      },
      {
        "name": "keenworkerflag",
        "type": "boolean",
        "value": true
      }
    ]
  },
  "applicationData": {
    "job": 23,
    "applicationWrite": {
      "items": [
        {
          "name": "blah",
          "type": "boolean",
          "value": true
        }
      ]
    }
  }
}

HTTP status code 200

the post was successful

HTTP status code 201

the post was successful

HTTP status code 400

The consumer made a bad request. See response in RFC 7807 format for more details.

Body

Type: application/problem+json

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

This API has the same behaviour as POST /candidates/me, except that mandatory items may be missing.

This API has the same behaviour as POST /candidates/me, except that mandatory items may be missing.

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "candidateData": {
            "$ref": "candidateWrite.json"
        },
        "applicationData": {
            "type": "object",
            "properties": {
                "job": {
                    "type": "integer"
                },
                "applicationWrite": {
                    "$ref": "applicationWrite.json"
                }
            },
            "additionalProperties": false
        }
    },
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "candidateData": {
            "$ref": "#/definitions/candidateData"
        },
        "applicationData": {
            "$ref": "#/definitions/applicationData"
        }
    },
    "additionalProperties": false
}

Example:

{
  "candidateData": {
    "notifications": true,
    "internalFlag": true,
    "person": {
      "givenName": "Fred",
      "familyName": "Bloggs",
      "email": "fred@gmail.com"
    },
    "resume": {
      "fileName": "fredcv.docx",
      "data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
      "via": "dropbox.com"
    },
    "categories": [
      {
        "category": 10032,
        "values": [
          1009,
          1010,
          10344
        ]
      },
      {
        "category": 10055,
        "values": [
          1085
        ]
      }
    ],
    "items": [
      {
        "name": "birthdate",
        "type": "date",
        "value": "2015-11-05T13:15:30Z"
      },
      {
        "name": "keenworkerflag",
        "type": "boolean",
        "value": true
      }
    ]
  },
  "applicationData": {
    "job": 23,
    "applicationWrite": {
      "items": [
        {
          "name": "blah",
          "type": "boolean",
          "value": true
        }
      ]
    }
  }
}

HTTP status code 200

the post was successful

HTTP status code 201

the post was successful

HTTP status code 400

The consumer made a bad request. See response in RFC 7807 format for more details.

Body

Type: application/problem+json

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get general information about the candidate including notifications (subscribe y/n)

get

get

Get the uri of the home page, a landing page where a logged in candidate can see anything they should know about or should do, e.g. the status of their job application, assessments they still haven't completed, etc. Often produced by an ATS.

Details of a relayPage can be passed in when the home page was reached as part of some activity. e.g. candidate applies for job and after submission is redirected to the home page, e.g. so they can complete any auto-started assessments. Passing the relayPage of the job (where they clicked Apply) causes navigation link "Back to Creative Director" to be displayed at the top of the candidate home page.

SoT. There is only one home page to send the candidate to.

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

The ID of the candidate.

get

Get the ID (database primary key) of ourselves (the currently logged in principal, who must be of principal type 'candidate').

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get candidate contact details, in the form described by rfc7095

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get metadata about the candidate's resume (size, filename, etc.)

get

get

get the document as a stream, i.e. binary document, using the appropriate mime type

get

get

get an html version of the candidate's resume

post

A separate delta ping from the main candidate one, since managing the html version may be done delayed by a downstream app. Probably only useful as non-SoT.

post
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get the categories for this candidate

post

post

Perform a normalized merge of the candidate's category values with the passed in values, and return the result. The candidate is not altered. We use a POST to allow passing a request body.

By normalizing we mean that:

  • any folder or leaf must be included (explicitly or implicitly) only once
  • the minimum possible number of folders and leaves should be included

e.g. given an example tree like this:

/a
  /b
    /d
    /e
  /c
    /f
/g
  /h
  /i

The following are correctly normalized:

/a
/b,/f
/a,/h

The following are not:

/b,/c (since /a would be more minimal)
/a,/b (since /a already implies /b)
/d,/e (since /b would be more minimal) 
/f (since /c would be more minimal)

Perform a normalized merge of the candidate's category values with the passed in values, and return the result. The candidate is not altered. We use a POST to allow passing a request body.

By normalizing we mean that:

  • any folder or leaf must be included (explicitly or implicitly) only once
  • the minimum possible number of folders and leaves should be included

e.g. given an example tree like this:

/a
  /b
    /d
    /e
  /c
    /f
/g
  /h
  /i

The following are correctly normalized:

/a
/b,/f
/a,/h

The following are not:

/b,/c (since /a would be more minimal)
/a,/b (since /a already implies /b)
/d,/e (since /b would be more minimal) 
/f (since /c would be more minimal)
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "values": {
            "type": "array",
            "items": {
                "type": "integer"
            }
        },
        "categoryActual": {
            "type": "object",
            "properties": {
                "category": {
                    "type": "integer"
                },
                "values": {
                	"$ref": "#/definitions/values"
                }
            },
            "additionalProperties": false,
            "required": [
                "category",
                "values"
            ]
        }
    },
    "type": "array",
    "items": {
        "$ref": "#/definitions/categoryActual"
    }
}

Example:

[
    {
        "category": 10032,
        "values": [
            10034,
            10036
        ]
    },
    {
        "category": 10055,
        "values": [
            1085
        ]
    }
]

HTTP status code 200

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "values": {
            "type": "array",
            "items": {
                "type": "integer"
            }
        },
        "categoryActual": {
            "type": "object",
            "properties": {
                "category": {
                    "type": "integer"
                },
                "values": {
                	"$ref": "#/definitions/values"
                }
            },
            "additionalProperties": false,
            "required": [
                "category",
                "values"
            ]
        }
    },
    "type": "array",
    "items": {
        "$ref": "#/definitions/categoryActual"
    }
}

Example:

[
    {
        "category": 10032,
        "values": [
            10034,
            10036
        ]
    },
    {
        "category": 10055,
        "values": [
            1085
        ]
    }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

The tracker (if any) that was passed in when this candidate last applied for a job (i.e. a call to POST /candidates was made with a job specified). When a candidate applies for multiple jobs over time, this helps understand what last drew them to the site.

get

get

get

get

a tracker, as passed in to the edit

a tracker, as passed in to the edit

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • application: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get candidate contact details, in the form described by rfc7095

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get candidate contact details, in the form described by rfc7095

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • network: required (string)

HTTP status code 200

Response contains candidate contact details, in the form described by rfc7095

Body

Type: application/json

HTTP status code 404

the requested data was not available from the given social network

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get metadata about the candidate's resume (size, filename, etc.)

This API is deprecated in favour of GET /candidates/me and will shortly be removed.

Get metadata about the candidate's resume (size, filename, etc.)

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • network: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "description": "details for a previously uploaded file",
    "definitions": {
        "via": {
            "type": "string",
            "description": "the mechanism via which the file was uploaded - either 'device' or the fqdn of a cloud storage platform (e.g. dropbox.com)"
        },
        "fileName": {
            "type": "string"
        },
        "mediaType": {
            "description": "keep in synch with the trait document_asStream",
            "enum": [
                "application/pdf",
                "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
                "application/msword",
                "application/rtf",
                "text/plain",
                "image/png",
                "image/jpeg",
                "image/gif",
                "text/html",
                "audio/x-mpeg-3",
                "video/x-msvideo",
                "video/mp4"
            ]
        },
        "data": {
            "type": "string",
            "media": {
                "binaryEncoding": "base64"
            }
        }
    },
    "type": "object",
    "properties": {
        "fileName": {
            "$ref": "#/definitions/fileName"
        },
        "via": {
            "$ref": "#/definitions/via"
        },
        "mediaType": {
            "$ref": "#/definitions/mediaType"
        },
        "size": {
            "type": "integer"
        },
        "md5": {
            "type": "string",
            "description": "hash of the file's binary content"
        },
        "dateUploaded": {
            "type": "string",
            "format": "date-time",
            "description": "the date and time the file was uploaded"
        },
        "preSignedUri": {
            "type": "string",
            "format": "uri",
            "description": "pre-signed link as per http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html to access the raw data. Includes file name as the trailing component so that browsers name the download correctly."
        }
    },
    "additionalProperties": false,
    "required": [
        "fileName",
        "size",
        "mediaType",
        "preSignedUri"
    ]
}

Example:

{
 "fileName": "fredcv.docx",
 "size": 3023443,
 "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
 "dateUploaded": "2015-11-05T13:15:30Z",
 "preSignedUri": "https://frodo.com/docs/198714509"
}

HTTP status code 404

the requested data was not available from the given social network

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get the document as a stream, i.e. binary document, using the appropriate mime type

get the document as a stream, i.e. binary document, using the appropriate mime type

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • network: required (string)

HTTP status code 200

Body

Type: application/pdf

Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document

Type: application/msword

Type: application/rtf

Type: text/plain

HTTP status code 404

the requested data was not available from the given social network

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

all application-scoped items held for when a candidate applies to a job

get

Get values and (in some scenarios) metadata, for all items

Get values and (in some scenarios) metadata, for all items

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Query Parameters

  • embedMeta: (boolean)

    Pass true to have schema fragments embedded in the response when fetching items.

    Less network trips, larger overall message. Defaults to false.

    The client might set this to true for first API call, then cache the metas and pass false from then on.

HTTP status code 200

Body

Type: application/json

Schema:

{
	"$schema":"http://json-schema.org/draft-04/schema#",
	"type":"array",
	"items":{ "$ref": "itemPackageRead.json" }
}

Example:

[
{
  "item": {
    "type": "file",
    "name": "cover letter",
    "value": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509",
      "via": "dropbox.com"
    }
  },
  "meta": {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }
}
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

all items held on a candidate

get

Get values and (in some scenarios) metadata, for all items

Get values and (in some scenarios) metadata, for all items

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)

Query Parameters

  • embedMeta: (boolean)

    Pass true to have schema fragments embedded in the response when fetching items.

    Less network trips, larger overall message. Defaults to false.

    The client might set this to true for first API call, then cache the metas and pass false from then on.

HTTP status code 200

Body

Type: application/json

Schema:

{
	"$schema":"http://json-schema.org/draft-04/schema#",
	"type":"array",
	"items":{ "$ref": "itemPackageRead.json" }
}

Example:

[
{
  "item": {
    "type": "file",
    "name": "cover letter",
    "value": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509",
      "via": "dropbox.com"
    }
  },
  "meta": {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }
}
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get value and (in some scenarios), metadata for a specific item

Get value and (in some scenarios), metadata for a specific item

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)
  • item: required (string)

Query Parameters

  • embedMeta: (boolean)

    Pass true to have schema fragments embedded in the response when fetching items.

    Less network trips, larger overall message. Defaults to false.

    The client might set this to true for first API call, then cache the metas and pass false from then on.

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "meta": {
      "$ref": "itemMeta.json"
    },
    "item": {
      "$ref": "itemRead.json"
    }
  },
  "additionalProperties": false
}

Example:

{
  "item": {
    "type": "file",
    "name": "cover letter",
    "value": {
      "fileName": "fredcv.docx",
      "size": 3023443,
      "mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "dateUploaded": "2015-11-05T13:15:30Z",
      "preSignedUri": "https://frodo.com/docs/198714509",
      "via": "dropbox.com"
    }
  },
  "meta": {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

Metadata for items held on the candidate

get

Get metadata for all items

Get metadata for all items

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
	"$schema":"http://json-schema.org/draft-04/schema#",
	"type":"array",
	"items":{ "$ref": "itemMeta.json" }
}

Example:

[
  {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  },
  {
    "type": "picklist",
    "name": "preferred-transport-10044",
    "title": "Preferred transport",
    "instructions": "Tell us how you'ld like to get to work",
    "nullLabel": "Choose your transport mode",
    "minChoices": 1,
    "maxChoices": 1,
    "presentation": "showOne",
    "choices": [
      {
        "name": "Plane",
        "isDefault": false
      },
      {
        "name": "Land",
        "isDefault": false,
        "choices": [
          {
            "name": "Car",
            "isDefault": false
          },
          {
            "name": "Bike",
            "isDefault": false
          }
        ]
      }
    ]
  },
  {
    "type": "section",
    "name": "section-header-1033",
    "title": "Transport questions",
    "subMetas": [
      {
        "type": "boolean",
        "name": "bike-rider-003",
        "title": "Bike rider?",
        "instructions": "Be honest. But remember, we want healthy employees."
      }
    ]
  }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get metadata for a specific item

Get metadata for a specific item

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)
  • item: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "definitions": {
    "title": {
      "type": "string",
      "description": "a short, markdown-formatted label for this item, e.g. 'Date of birth'"
    },
    "instructions": {
      "type": "string",
      "description": "markdown-formatted instructions to a person as to how to complete/interpret this item, if its not obvious from the title"
    },
    "sectionMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "section"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "subMetas": {
          "$ref": "itemMetas.json"
        }
      }
    },
    "booleanMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "boolean"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "presentation": {
          "enum": [
            "checkbox",
            "select"
          ],
          "description": "a hint as to how the item should be rendered"
        },
        "nullLabel": {
          "type": "string",
          "description": "The label that should be used for the 'no selection' choice. When present, implies presentation == select"
        },
        "defaultValue": {
          "type": "boolean",
          "description": "defaults to false if not present"
        },
        "trueLabel": {
          "type": "string",
          "description": "defaults to 'yes'"
        },
        "falseLabel": {
          "type": "string",
          "description": "defaults to 'no'"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "numberMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "number"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "precision": {
          "type": "integer"
        },
        "scale": {
          "type": "integer"
        },
        "minValue": {
          "type": "number"
        },
        "maxValue": {
          "type": "number"
        },
        "defaultValue": {
          "type": "number"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "stringMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "string"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "format": {
          "enum": [
            "singleLine",
            "multiLine",
            "markDown"
          ],
          "description": "what sort of string the item holds"
        },
        "minLength": {
          "type": "integer"
        },
        "maxLength": {
          "type": "integer"
        },
        "defaultValue": {
          "type": "string"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "dateMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "date"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "showTime": {
          "type": "boolean",
          "description": "whether time component should be shown - entered dates default to midnight if false"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present, results in a selectable UI element that equates to no selection"
        },
        "minDate": {
          "type": "string",
          "format": "date-time"
        },
        "maxDate": {
          "type": "string",
          "format": "date-time"
        },
        "defaultValue": {
          "type": "string",
          "format": "date-time"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "fileMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "file"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "purpose": {
          "enum": [
            "audio",
            "document",
            "image",
            "video"
          ]
        },
        "accept": {
          "type": "array",
          "description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
          "items": {
            "$ref": "fileDownload.json#/definitions/mediaType"
          }
        },
        "maxSize": {
          "type": "integer",
          "description": "maximum file size in bytes"
        },
        "mandatory": {
          "type": "boolean"
        }
      }
    },
    "tableMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "table"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "minRows": {
          "type": "integer"
        },
        "maxRows": {
          "type": "integer"
        },
        "columns": {
          "$ref": "#/definitions/columns"
        }
      }
    },
    "columns": {
      "type": "array",
      "items": {
        "$ref": "#"
      },
      "description": "a series of itemMetas, each representing a column within the table"
    },
    "picklistMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "picklist"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present,  and presentation == showOne, then a pseudo-choice will be injected"
        },
        "minChoices": {
          "type": "integer"
        },
        "maxChoices": {
          "type": "integer"
        },
        "presentation": {
          "enum": [
            "showOne",
            "showAll"
          ],
          "description": "showOne is only usable when maxChoices == 1"
        },
        "choices": {
          "$ref": "#/definitions/picklistChoices"
        }
      }
    },
   "picklistChoices": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/picklistChoice"
      },
      "description": "a bunch of choices that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
    },
    "picklistChoice": {
      "type": "object",
      "properties": {
        "name": {
          "type": "string",
          "description": "this choice - ideally immutable"
        },
        "isDefault": {
          "type": "boolean",
          "description": "will always be compatible with minChoices, maxChoices"
        },
        "choices": {
          "$ref": "#/definitions/picklistChoices"
        }
      }
    },
    "cascadeMeta": {
      "type": "object",
      "properties": {
        "type": {
          "enum": [
            "cascade"
          ]
        },
        "name": {
          "$ref": "itemRead.json#/definitions/name"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "instructions": {
          "$ref": "#/definitions/instructions"
        },
        "nullLabel": {
          "type": "string",
          "description": "if present,  and presentation == showOne, then a pseudo-choice will be injected"
        },
        "minChoices": {
          "type": "integer"
        },
        "maxChoices": {
          "type": "integer"
        },
        "presentation": {
          "enum": [
            "showOne",
            "showAll"
          ],
          "description": "showOne is only usable when maxChoices == 1"
        },
        "choices": {
          "$ref": "#/definitions/cascadeChoices"
        }
      }
    },
    "cascadeChoices": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/cascadeChoice"
      },
      "description": "a bunch of items that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
    },
    "cascadeChoice": {
      "type": "object",
      "properties": {
        "name": {
          "type": "string",
          "description": "this choice - ideally immutable"
        },
        "title": {
          "$ref": "#/definitions/title"
        },
        "isDefault": {
          "type": "boolean",
          "description": "will always be compatible with minChoices, maxChoices"
        },
        "subItems": {
          "type": "array",
          "items": {
            "$ref": "#"
          },
          "description": "items unlocked based on a choice"
        }
      }
    }
  },
  "type": "object",
  "oneOf": [
    {
      "$ref": "#/definitions/sectionMeta"
    },
    {
      "$ref": "#/definitions/booleanMeta"
    },
    {
      "$ref": "#/definitions/numberMeta"
    },
    {
      "$ref": "#/definitions/stringMeta"
    },
    {
      "$ref": "#/definitions/dateMeta"
    },
    {
      "$ref": "#/definitions/fileMeta"
    },
    {
      "$ref": "#/definitions/picklistMeta"
    },
    {
      "$ref": "#/definitions/cascadeMeta"
    },
    {
      "$ref": "#/definitions/tableMeta"
    }
  ]
}

Example:

  {
    "type": "file",
    "name": "cover-letter-1002",
    "title": "Cover letter",
    "instructions": "Please upload a cover letter.",
    "purpose": "document",
    "accept": [
      "application/pdf",
      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
      "application/msword",
      "application/rtf"
    ],
    "maxSize": 1000000
  }

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get the document as a stream, i.e. binary document, using the appropriate mime type

get the document as a stream, i.e. binary document, using the appropriate mime type

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)

HTTP status code 200

Body

Type: application/pdf

Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document

Type: application/msword

Type: application/rtf

Type: text/plain

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get the candidate's stars against a specific job, perhaps inherited from the jobs's master or some talent pool

Get the candidate's stars against a specific job, perhaps inherited from the jobs's master or some talent pool

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)
  • job: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

The main ping for any changes to a candidate, other than the html resume, which has its own delta ping. Only produced as non-SoT.

post
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • candidate: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Search candidates, returning recruiter-facing details. The method is a POST solely because the size and number of parameters might get too large for a GET. withResume - if present, only return candidates with (if true) or without (if false) an attached resume

Search candidates, returning recruiter-facing details. The method is a POST solely because the size and number of parameters might get too large for a GET. withResume - if present, only return candidates with (if true) or without (if false) an attached resume

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "definitions": {
        "candidate": {
            "type":"object",
            "properties": {
                "id": {
                    "type": "integer"
                }
            },
            "required": [ "id" ]
        }
    },
    "type": "array",
    "items": { "$ref": "#/definitions/candidate" },
    "additionalProperties": false
}

Example:

[
{ "id": 1 },
{ "id": 2 },
{ "id": 3 },
{ "id": 4 }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Return recruiter-facing details for a specific candidate. e.g do not contact flag

Return recruiter-facing details for a specific candidate. e.g do not contact flag

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • id: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

/careerSites

Career sites are web portals showing jobs that exist inside the tenant, as opposed to job boards, which live outside the tenant.

get

get

A rollup of the details of all careers sites produced by all apps. SoT.

get

get

Descriptions of one or more careers sites hosted by a specific app. Non-SoT.

get

get

Convenience API to generate links to a set of jobs at a given career site.

Non-SoT.

Convenience API to generate links to a set of jobs at a given career site.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • site: required (string)

Query Parameters

  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423
  • jobs: (integer)

    If present, a set of IDs (up to a max of 100) of the jobs that should be included.

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "array",
  "items": {
    "$ref": "jobLink.json"
  }
}

Example:

[
{ "job": 1024, "link": "https://superjobs.com/job1024/Creative-Director" },
{ "job": 98002, "link": "https://superjobs.com/job98002/Senior-Project-Leader" }
]

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

This API is deprecated in favour of GET /careerSites/forApp/byID/{site}/jobLinks and will shortly be removed.

Convenience API to generate a link to a specific job at a given career site.

Non-SoT.

This API is deprecated in favour of GET /careerSites/forApp/byID/{site}/jobLinks and will shortly be removed.

Convenience API to generate a link to a specific job at a given career site.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • site: required (string)
  • job: required (string)

Query Parameters

  • tracker: (integer)

    The ID of a tracker

    Example:

    1003423

HTTP status code 200

Body

Type: text/plain

Example:

https://acme.bigboard.com/jobs/10032-Creative-Director-looking-for-next-challenge

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

This API is used to generate a link to a page of search results (e.g. all Finance jobs) on a career site.

See the description of e.g. GET /jobs/all for details of search parameters and pagination techniques.

This API is used to generate a link to a page of search results (e.g. all Finance jobs) on a career site.

See the description of e.g. GET /jobs/all for details of search parameters and pagination techniques.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • site: required (string)

Query Parameters

  • categories: (string)

    the categories that jobs must have, expressed as a singly url encoded string conforming to categoriesActual.json.

    Example:

    %5B%7B%22category%22%3A%20100001999%2C%20%22values%22%3A%20%5B100115543%2C100115516%5D%7D%5D
  • keywords: (string)

    keywords that the jobs must have, expressed as a singly url encoded string

    Example:

    java%20architect
  • ltPublishDate: (date)

    a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date earlier than this will be returned.

    Example:

    2015-11-05T13:15:30Z
  • gtPublishDate: (date)

    a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.

    Example:

    2015-11-05T13:15:30Z
  • gtInternalPublishDate: (date)

    a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.

    Example:

    2015-11-05T13:15:30Z
  • gtExternalPublishDate: (date)

    a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.

    Example:

    2015-11-05T13:15:30Z
  • ltID: (number)

    if present, only include jobs with id < this value

    Example:

    1001
  • gtID: (number)

    if present, only include jobs with id > this value

    Example:

    1001
  • limit: (number - default: 100)

    if present, return a maximum of this many jobs. Maximum of 100.

    Example:

    40

HTTP status code 200

Body

Type: text/plain

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Get details for whichever career site which has been marked as the primary by the tenant. SoT.

The response is the same as for GET /careerSites, except that only the board which has been marked as the primary is included in the results.

/categories

Tenant-defined hierarchical structures used in talent management to categorize job openings, candidates and others. Includes details of inactivated nodes.

get post

get

Fetch list of categories

post

Create a single category (without any values)

Create a single category (without any values)

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "type": "object",
    "description": "details of a a single category, identified by id or key (if a well-known category)",
    "definitions": {
        "rules": {
            "type": "object",
            "properties": {
                "canMultiSelect": {
                    "type": "boolean",
                    "description": "true if an object can have multiple values for this category"
                },
                "leafSelectionOnly": {
                    "type": "boolean",
                    "description": "true if an object can have only leaf selections for this category"
                },
                "mandatory": {
		          "description": "whether a value for the category is mandatory",
		          "type": "boolean"
		        },
	            "message": {
	              	"type": "string",
	              	"description": "a message to help the candidate/user when entering values for the category - e.g. 'tell us the top 4 stores you really want to work at'"
	            }
            },
            "additionalProperties": false,
            "required": [
              	"mandatory",
                "canMultiSelect",
                "leafSelectionOnly"
            ]
        }
    },
    "properties": {
        "id": {
            "type": "integer"
        },
        "key": {
            "enum": [
                "LOCATION"
            ],
            "description": "used to identify categories that are well-known, i.e. agreed on by all apps. User-defined categories don't have a key"
        },
        "name": {
            "type": "string",
            "description": "the user visible name for this category"
        },
        "code": {
            "type": "string",
            "description": "a code for this category"
        },
        "candidateRules": {
            "$ref": "#/definitions/rules"
        },
        "jobRules": {
            "$ref": "#/definitions/rules"
        },
        "values": {
            "$ref": "categoryValues.json"
        }
    },
    "additionalProperties": false,
    "required": [
        "id",
        "name",
        "jobRules",
        "candidateRules"
    ]
}

Example:

{
  "id": 10032,
  "key": "LOCATION",
  "name": "Location",
  "jobRules": {
    "canMultiSelect": true,
    "leafSelectionOnly": false,
    "mandatory": true
  },
  "candidateRules": {
    "canMultiSelect": true,
    "leafSelectionOnly": false,
    "message": "Please choose carefully",
    "mandatory": true
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

The main ping for any changes to the categories. Useful e.g. to replicate categories into a database without polling.

Non-SoT.

The main ping for any changes to the categories. Useful e.g. to replicate categories into a database without polling.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post delete

category ID

post

Update a single category, not including its values

delete

Delete a category, along with all of its values

Update a single category, not including its values

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "type": "object",
    "description": "details of a a single category, identified by id or key (if a well-known category)",
    "definitions": {
        "rules": {
            "type": "object",
            "properties": {
                "canMultiSelect": {
                    "type": "boolean",
                    "description": "true if an object can have multiple values for this category"
                },
                "leafSelectionOnly": {
                    "type": "boolean",
                    "description": "true if an object can have only leaf selections for this category"
                },
                "mandatory": {
		          "description": "whether a value for the category is mandatory",
		          "type": "boolean"
		        },
	            "message": {
	              	"type": "string",
	              	"description": "a message to help the candidate/user when entering values for the category - e.g. 'tell us the top 4 stores you really want to work at'"
	            }
            },
            "additionalProperties": false,
            "required": [
              	"mandatory",
                "canMultiSelect",
                "leafSelectionOnly"
            ]
        }
    },
    "properties": {
        "id": {
            "type": "integer"
        },
        "key": {
            "enum": [
                "LOCATION"
            ],
            "description": "used to identify categories that are well-known, i.e. agreed on by all apps. User-defined categories don't have a key"
        },
        "name": {
            "type": "string",
            "description": "the user visible name for this category"
        },
        "code": {
            "type": "string",
            "description": "a code for this category"
        },
        "candidateRules": {
            "$ref": "#/definitions/rules"
        },
        "jobRules": {
            "$ref": "#/definitions/rules"
        },
        "values": {
            "$ref": "categoryValues.json"
        }
    },
    "additionalProperties": false,
    "required": [
        "id",
        "name",
        "jobRules",
        "candidateRules"
    ]
}

Example:

{
  "id": 10032,
  "key": "LOCATION",
  "name": "Location",
  "jobRules": {
    "canMultiSelect": true,
    "leafSelectionOnly": false,
    "mandatory": true
  },
  "candidateRules": {
    "canMultiSelect": true,
    "leafSelectionOnly": false,
    "message": "Please choose carefully",
    "mandatory": true
  }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

Delete a category, along with all of its values

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Sent to alert any listening apps that a change has been made to this category or one or more of its values. The listeners then know to call GET /categories, GET /categories/byID/{}/values to get the latest data.

Sent to alert any listening apps that a change has been made to this category or one or more of its values. The listeners then know to call GET /categories, GET /categories/byID/{}/values to get the latest data.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get post

get

Get root values and the hierarchy of values beneath. Only available nodes are returned.

post

Create or update a single category value. The category value must not contain the values element.

Data integrity rules for category values

400 must be thrown if the consumer violates any of these:

  • No parent child loops can exist (e.g. setting the parent of a node to one of its own grandchildren would not be allowed)
  • Inactive values must always be at the root (no parent), and cannot have children (i.e. they must not be in a hierarchy)
  • The remappedTo field can only be set (non-null) at the same time a node is inactivated.
  • At the time that remappedTo is set, it must refer to an active node.
  • External ID (unless null) must be unique among all values in a single category (active or not), immutable and never reused.

When a node is inactivated, all apps must remove all references to it. e.g. when the tenant inactivates (deffectively deletes) the IT node, a careers site app would unhook and maybe delete its IT testimonials.

Example operations

This test data is used throughout.

[
  {
    "id": 10034,
    "externalID": "a100",
    "parent": null,
    "name": "Wellington",
    "available": false
  },
  {
    "id": 10032,
    "externalID": "a101",
    "parent": null,
    "name": "Auckland",
    "available": true,
    "values": [
      {
        "id": 10036,
        "externalID": "a104",
        "parent": 10032,
        "name": "North Shore",
        "available": true,
        "values": [
          {
            "id": 10037,
            "externalID": "a105",
            "parent": 10036,
            "name": "Takapuna",
            "available": true
          }
        ]
      }
    ]
  }
]

The request body for the atomic API (POST /categories/byID/{}/values) must only pass a single node.

This is a valid request to POST /categories/byID/{}/values, and will change the name as well as reparenting the node:

  {
    "id": 10037,
    "parent": 10032,
    "name": "Takapuna/Milford"
  }

Create vs update

The POST operation can create nodes, or can update them as identified by id or external id. There is no delete (just updating the available flag to false).

This request will create a new root node, also named Takapuna:

  {
    "name": "Takapuna"
  }

This will create a new node called Albany, also under the North Shore parent:

  {
    "name": "Albany",
    "parent": 10036
  }

id and external id

If id is present, then an exactly matching node must exist. If the request also includes external id, that must match too.

Either of these are a valid request to update the name of the Takapuna node:

POST /categories/byID/{}/values

  {
    "id": 10037,
    "name": "Takapuna/Milford"
  }

  {
    "id": 10037,
    "externalID": "a105",
    "name": "Takapuna/Milford"
  }

This would give an error, since external id does not match.

  {
    "id": 10037,
    "externalID": "a106",
    "name": "Takapuna/Milford"
  }

If only external id is present, then if that matches an existing node, that will be an update, otherwise it will be a create.

e.g. this is a valid request to update the name of the Takapuna node.

  {
    "externalID": "a105",
    "name": "Takapuna/Milford"
  }

This will create a new node named Takapuna (since there is no existing node a1055).

  {
    "externalID": "a1055",
    "name": "Takapuna/Milford"
  }

Available flag

The available flag indicates whether a node can be used going forward - e.g. setting a node to unavailable will prevent it being used for new jobs. However old jobs may still use the category value, even if it is unavailable (see remapping).

By default, available is set to true for new nodes, e.g. this request will create a new, available root node:

  {
    "name": "Singapore"
  }

Remapping nodes

When a node is made unavailable, it can be remapped at the same time. This is a hint to apps that anything attached to that node (e.g. jobs) should be transferred across to the remap node.

For example, this request retires the Takapuna location, and will cause Takapuna jobs to be transferred to North Shore:

  {
    "id": 10037,
    "available": false,
    "remappedTo": 1036
  }

The remappedTo field can only be set at the same time as the node itself is made unavailable (i.e. in the same request).

Race conditions

Wen doing a rapid series of atomic operations on category values, e.g. test scripts, apps should think carefully about race conditions in downstream apps that are replicating the category.

For example, your app:

  • makes node 100 unavailable, and at the same time remaps it to node 102
  • a downstream app learns about this via POST /categories/byID/{}/values/byID/{}/deltaPings
  • the downstream app starts transferring its attached objects from 100 to 102
  • in the meantime, your app has already made 102 inactive and remapped to e.g. 103.

Get root values and the hierarchy of values beneath. Only available nodes are returned.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "array",
  "items": {
    "$ref": "categoryValue.json"
  }
}

Example:

[
    {
        "id": 10034,
        "name": "Wellington",
        "available": true
    },
    {
        "id": 10032,
        "name": "Auckland",
        "available": true,
        "values": [
            {
                "id": 10036,
                "name": "North Shore",
		        "available": true,
                "values": [
                    {
                        "id": 10037,
                        "name": "Takapuna",
				        "available": true
                    }
                ]
            }
        ]
    }
]

HTTP status code 400

The consumer made a bad request. See response in RFC 7807 format for more details.

Body

Type: application/problem+json

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

Create or update a single category value. The category value must not contain the values element.

Data integrity rules for category values

400 must be thrown if the consumer violates any of these:

  • No parent child loops can exist (e.g. setting the parent of a node to one of its own grandchildren would not be allowed)
  • Inactive values must always be at the root (no parent), and cannot have children (i.e. they must not be in a hierarchy)
  • The remappedTo field can only be set (non-null) at the same time a node is inactivated.
  • At the time that remappedTo is set, it must refer to an active node.
  • External ID (unless null) must be unique among all values in a single category (active or not), immutable and never reused.

When a node is inactivated, all apps must remove all references to it. e.g. when the tenant inactivates (deffectively deletes) the IT node, a careers site app would unhook and maybe delete its IT testimonials.

Example operations

This test data is used throughout.

[
  {
    "id": 10034,
    "externalID": "a100",
    "parent": null,
    "name": "Wellington",
    "available": false
  },
  {
    "id": 10032,
    "externalID": "a101",
    "parent": null,
    "name": "Auckland",
    "available": true,
    "values": [
      {
        "id": 10036,
        "externalID": "a104",
        "parent": 10032,
        "name": "North Shore",
        "available": true,
        "values": [
          {
            "id": 10037,
            "externalID": "a105",
            "parent": 10036,
            "name": "Takapuna",
            "available": true
          }
        ]
      }
    ]
  }
]

The request body for the atomic API (POST /categories/byID/{}/values) must only pass a single node.

This is a valid request to POST /categories/byID/{}/values, and will change the name as well as reparenting the node:

  {
    "id": 10037,
    "parent": 10032,
    "name": "Takapuna/Milford"
  }

Create vs update

The POST operation can create nodes, or can update them as identified by id or external id. There is no delete (just updating the available flag to false).

This request will create a new root node, also named Takapuna:

  {
    "name": "Takapuna"
  }

This will create a new node called Albany, also under the North Shore parent:

  {
    "name": "Albany",
    "parent": 10036
  }

id and external id

If id is present, then an exactly matching node must exist. If the request also includes external id, that must match too.

Either of these are a valid request to update the name of the Takapuna node:

POST /categories/byID/{}/values

  {
    "id": 10037,
    "name": "Takapuna/Milford"
  }

  {
    "id": 10037,
    "externalID": "a105",
    "name": "Takapuna/Milford"
  }

This would give an error, since external id does not match.

  {
    "id": 10037,
    "externalID": "a106",
    "name": "Takapuna/Milford"
  }

If only external id is present, then if that matches an existing node, that will be an update, otherwise it will be a create.

e.g. this is a valid request to update the name of the Takapuna node.

  {
    "externalID": "a105",
    "name": "Takapuna/Milford"
  }

This will create a new node named Takapuna (since there is no existing node a1055).

  {
    "externalID": "a1055",
    "name": "Takapuna/Milford"
  }

Available flag

The available flag indicates whether a node can be used going forward - e.g. setting a node to unavailable will prevent it being used for new jobs. However old jobs may still use the category value, even if it is unavailable (see remapping).

By default, available is set to true for new nodes, e.g. this request will create a new, available root node:

  {
    "name": "Singapore"
  }

Remapping nodes

When a node is made unavailable, it can be remapped at the same time. This is a hint to apps that anything attached to that node (e.g. jobs) should be transferred across to the remap node.

For example, this request retires the Takapuna location, and will cause Takapuna jobs to be transferred to North Shore:

  {
    "id": 10037,
    "available": false,
    "remappedTo": 1036
  }

The remappedTo field can only be set at the same time as the node itself is made unavailable (i.e. in the same request).

Race conditions

Wen doing a rapid series of atomic operations on category values, e.g. test scripts, apps should think carefully about race conditions in downstream apps that are replicating the category.

For example, your app:

  • makes node 100 unavailable, and at the same time remaps it to node 102
  • a downstream app learns about this via POST /categories/byID/{}/values/byID/{}/deltaPings
  • the downstream app starts transferring its attached objects from 100 to 102
  • in the meantime, your app has already made 102 inactive and remapped to e.g. 103.
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "sequence": {
      "type": "number",
      "description": "the sequence of this node (i.e. its order within its siblings)"
    },
    "location": {
      "type": "object",
      "description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
      "properties": {
        "lat": {
          "type": "number",
          "description": "latitude of this location"
        },
        "lng": {
          "type": "number",
          "description": "longitude of this location"
        },
        "country": {
          "description": "country, in ISO 3166-1 alpha-2 form",
          "enum": [
            "AC",
            "AD",
            "AE",
            "AF",
            "AG",
            "AI",
            "AL",
            "AM",
            "AN",
            "AO",
            "AQ",
            "AR",
            "AS",
            "AT",
            "AU",
            "AW",
            "AX",
            "AZ",
            "BA",
            "BB",
            "BD",
            "BE",
            "BF",
            "BG",
            "BH",
            "BI",
            "BJ",
            "BM",
            "BN",
            "BO",
            "BR",
            "BS",
            "BT",
            "BV",
            "BW",
            "BY",
            "BZ",
            "CA",
            "CC",
            "CD",
            "CF",
            "CG",
            "CH",
            "CI",
            "CK",
            "CL",
            "CM",
            "CN",
            "CO",
            "CR",
            "CU",
            "CV",
            "CX",
            "CY",
            "CZ",
            "DE",
            "DJ",
            "DK",
            "DM",
            "DO",
            "DZ",
            "EC",
            "EE",
            "EG",
            "ER",
            "ES",
            "ET",
            "FI",
            "FJ",
            "FK",
            "FM",
            "FO",
            "FR",
            "GA",
            "GB",
            "GD",
            "GE",
            "GF",
            "GG",
            "GH",
            "GI",
            "GL",
            "GM",
            "GN",
            "GP",
            "GQ",
            "GR",
            "GS",
            "GT",
            "GU",
            "GW",
            "GY",
            "HK",
            "HM",
            "HN",
            "HR",
            "HT",
            "HU",
            "ID",
            "IE",
            "IL",
            "IM",
            "IN",
            "IO",
            "IQ",
            "IR",
            "IS",
            "IT",
            "JE",
            "JM",
            "JO",
            "JP",
            "KE",
            "KG",
            "KH",
            "KI",
            "KM",
            "KN",
            "KP",
            "KR",
            "KW",
            "KY",
            "KZ",
            "LA",
            "LB",
            "LC",
            "LI",
            "LK",
            "LR",
            "LS",
            "LT",
            "LU",
            "LV",
            "LY",
            "MA",
            "MC",
            "MD",
            "ME",
            "MG",
            "MH",
            "MK",
            "ML",
            "MM",
            "MN",
            "MO",
            "MP",
            "MQ",
            "MR",
            "MS",
            "MT",
            "MU",
            "MV",
            "MW",
            "MX",
            "MY",
            "MZ",
            "NA",
            "NC",
            "NE",
            "NF",
            "NG",
            "NI",
            "NL",
            "NO",
            "NP",
            "NR",
            "NU",
            "NZ",
            "OM",
            "PA",
            "PE",
            "PF",
            "PG",
            "PH",
            "PK",
            "PL",
            "PM",
            "PN",
            "PR",
            "PT",
            "PW",
            "PY",
            "QA",
            "RE",
            "RO",
            "RS",
            "RU",
            "RW",
            "SA",
            "SB",
            "SC",
            "SD",
            "SE",
            "SG",
            "SH",
            "SI",
            "SJ",
            "SK",
            "SL",
            "SM",
            "SN",
            "SO",
            "SR",
            "ST",
            "SV",
            "SY",
            "SZ",
            "TA",
            "TC",
            "TD",
            "TF",
            "TG",
            "TH",
            "TJ",
            "TK",
            "TL",
            "TM",
            "TN",
            "TO",
            "TR",
            "TT",
            "TV",
            "TW",
            "TZ",
            "UA",
            "UG",
            "UM",
            "US",
            "UY",
            "UZ",
            "VA",
            "VC",
            "VE",
            "VG",
            "VI",
            "VN",
            "VU",
            "WF",
            "WS",
            "YE",
            "YT",
            "ZA",
            "ZM",
            "ZW"
          ]
        }
      },
      "required": [
        "lat",
        "lng"
      ]
    },
    "externalId": {
      "type": "string",
      "description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
    },
    "parent": {
      "type": "integer",
      "description": "The id of the value which is this node's parent (hierarchical structure)"
    },
    "remappedTo": {
      "type": "integer",
      "description": "The id of the value which took over from this node, when this node was permanently inactivated"
    }
  },
  "type": "object",
  "description": "details of a single category value",
  "properties": {
    "id": {
      "type": "integer"
    },
    "available": {
      "type": "boolean",
      "description": "whether this node can be selected (i.e. is not disabled)"
    },
    "name": {
      "type": "string",
      "description": "the user visible name for this category value"
    },
    "code": {
      "type": "string",
      "description": "a code for this category value"
    },
    "externalId": {
      "$ref": "#/definitions/externalId"
    },
    "sequence": {
      "$ref": "#/definitions/sequence"
    },
    "parent": {
      "$ref": "#/definitions/parent"
    },
    "remappedTo": {
      "$ref": "#/definitions/remappedTo"
    },
    "location": {
      "$ref": "#/definitions/location"
    },
    "values": {
      "type": "array",
      "items": {
        "$ref": "#"
      }
    }
  },
  "additionalProperties": false
}

Example:

    {
        "id": 10034,
        "name": "Wellington",
        "available": false
    }

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get unavailable and remapped nodes, using a cursor model

get unavailable and remapped nodes, using a cursor model

URI Parameters

  • category: required (string)

post

post

Used to bulk upload or update all values for a single category for the tenant in one long-running operation.

This API could be used to upload categories from an HRMS into an ATS.

The data from each category in the request is applied using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396).

The app producing the API should do something like this;

  • build up a "mapping table" that stores mappings from incoming nodes in the request to existing nodes (active or inactive) in the producer's database
    • if the request node has neither id nor external id then no mapping
    • if the request node has id, then map to the existing node with the same id (404 if not found)
      • if the request node also has external id
        • if the mapped node in the database has null external id, its external id will be updated
        • if the mapped node in the database has a different external id, throw a 400 error
    • if the request node has only external id
      • if an existing node in the database has same external id, map to that, else no mapping
    • in all cases, a node can only be mapped once, otherwise 400 error
  • now that mapping is complete, producer can do the CRUD work
    • any unmapped nodes in the request will be created
    • any mapped nodes where the database node is inactive will be made active
    • any mapped nodes in the database will be updated as required (e.g. to have new details, parent)
    • any unmapped and active nodes in the database will be inactivated

The producer's behaviour need not be atomic - the call might fail after only partially processing the values, leaving partial changes applied. In this case the upload could be re-run once the problem was resolved.

SoT.

Used to bulk upload or update all values for a single category for the tenant in one long-running operation.

This API could be used to upload categories from an HRMS into an ATS.

The data from each category in the request is applied using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396).

The app producing the API should do something like this;

  • build up a "mapping table" that stores mappings from incoming nodes in the request to existing nodes (active or inactive) in the producer's database
    • if the request node has neither id nor external id then no mapping
    • if the request node has id, then map to the existing node with the same id (404 if not found)
      • if the request node also has external id
        • if the mapped node in the database has null external id, its external id will be updated
        • if the mapped node in the database has a different external id, throw a 400 error
    • if the request node has only external id
      • if an existing node in the database has same external id, map to that, else no mapping
    • in all cases, a node can only be mapped once, otherwise 400 error
  • now that mapping is complete, producer can do the CRUD work
    • any unmapped nodes in the request will be created
    • any mapped nodes where the database node is inactive will be made active
    • any mapped nodes in the database will be updated as required (e.g. to have new details, parent)
    • any unmapped and active nodes in the database will be inactivated

The producer's behaviour need not be atomic - the call might fail after only partially processing the values, leaving partial changes applied. In this case the upload could be re-run once the problem was resolved.

SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema",
    "type": "object",
    "properties": {
        "testFlag": {
            "type": "boolean",
            "description": "true if this set is to be applied as a dry run - i.e. no changes should be made to the category values at the target"
        },
        "categoryValues": {
            "$ref": "categoryValues.json"
        }
    },
    "required": [
        "testFlag",
        "categoryValues"
    ],
    "additionalProperties": false
}

Example:

{
  "testFlag": false,
  "categoryValues": [
    {
      "id": 100042894,
      "name": "Austrailia",
      "available": true,
      "values": [
        {
          "id": 100114678,
          "name": "Northern Territory",
          "available": true
        },
        {
          "id": 100114675,
          "name": "Darwin",
          "available": true
        },
        {
          "id": 100114648,
          "name": "Melbourne",
          "available": true,
          "location": {
            "lat": -2323442334,
            "lng": -544387985,
            "country": "AU"
          }
        },
        {
          "id": 100114663,
          "name": "Perth",
          "available": true
        },
        {
          "id": 100114660,
          "name": "Queensland",
          "available": true
        },
        {
          "id": 100114645,
          "name": "NSW",
          "available": true
        },
        {
          "id": 100114669,
          "name": "Adelaide",
          "available": true
        },
        {
          "id": 100114642,
          "name": "Sydney",
          "available": true
        },
        {
          "id": 100114657,
          "name": "Gold Coast",
          "available": true
        },
        {
          "id": 100114672,
          "name": "Hobart",
          "available": true
        },
        {
          "id": 100114666,
          "name": "Western Australia",
          "available": true
        },
        {
          "id": 100114654,
          "name": "Brisbane",
          "available": true
        },
        {
          "id": 100114651,
          "name": "VIC",
          "available": true
        }
      ]
    },
    {
      "id": 100114808,
      "name": "Other",
      "available": true
    },
    {
      "id": 100042788,
      "name": "New Zealand",
      "available": true,
      "values": [
        {
          "id": 100114478,
          "name": "Christchurch",
          "available": true
        },
        {
          "id": 100114457,
          "name": "Wellington",
          "available": true
        },
        {
          "id": 100114445,
          "name": "Rotorua",
          "available": true
        },
        {
          "id": 100114427,
          "name": "Auckland",
          "available": true
        },
        {
          "id": 100114469,
          "name": "Nelson",
          "available": true
        },
        {
          "id": 100114466,
          "name": "Invercargill",
          "available": true
        },
        {
          "id": 100114448,
          "name": "Tauranga",
          "available": true
        },
        {
          "id": 100114460,
          "name": "Blenheim",
          "available": true
        },
        {
          "id": 100114451,
          "name": "Wanganui",
          "available": true
        },
        {
          "id": 100114433,
          "name": "Gisborne",
          "available": true
        },
        {
          "id": 100114454,
          "name": "Whangarei",
          "available": true
        },
        {
          "id": 100114463,
          "name": "Dunedin",
          "available": true
        },
        {
          "id": 100114472,
          "name": "Timaru",
          "available": true
        },
        {
          "id": 100114436,
          "name": "Hamilton",
          "available": true
        },
        {
          "id": 100114475,
          "name": "Queenstown",
          "available": true
        },
        {
          "id": 100114430,
          "name": "Palmerston North",
          "available": true
        },
        {
          "id": 100114439,
          "name": "Napier- Hastings",
          "available": true
        },
        {
          "id": 100114442,
          "name": "New Plymouth",
          "available": true
        }
      ]
    }
  ]
}

HTTP status code 201

the launch was successful, and the upload is underway

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "object",
  "description": "the status of a previously launched upload",
  "definitions": {
    "failureDetail": {
      "type": "object",
      "description": "details of why a single object failed the crud operation (create or whatever)",
      "properties": {
	    "code": {
	      "type": "string",
	      "description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
	    },
        "message": {
          "type": "string"
        }
      },
      "additionalProperties": false,
      "required": [
        "code",
        "message"
      ]
    },
    "crudOutcome": {
      "type": "object",
      "properties": {
        "operation": {
          "enum": [
            "Created",
            "Updated",
            "Closed"
          ]
        },
        "succeeded": {
          "type": "integer",
          "description": "how many objects in the set have so far been successfully [operation]"
        },
        "failed": {
          "type": "integer",
          "description": "how many objects in the set have so far been unsuccessfully [operation]"
        },
        "failureDetails": {
          "type": "array",
          "items": {
            "$ref": "#/definitions/failureDetail"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "operation",
        "succeeded",
        "failed"
      ]
    },
    "crudOutcomes": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/crudOutcome"
      }
    }
  },
  "properties": {
    "id": {
      "description": "id of the upload operation",
      "type": "integer"
    },
    "started": {
      "type": "string",
      "format": "date-time"
    },
    "status": {
      "enum": [
        "Queued",
        "Underway",
        "Complete",
        "Error"
      ]
    },
    "results": {
      "$ref": "#/definitions/crudOutcomes"
    }
  },
  "required": [
    "id",
    "started",
    "status",
    "results"
  ],
  "additionalProperties": false
}

Example:

{
  "id": 8754598,
  "started": "2015-11-05T13:15:30Z",
  "status": "Underway",
  "results": [
    {
      "operation": "Created",
      "succeeded": 1,
      "failed": 1,
      "failureDetails": [
        {
          "code": "AZDH55",
          "message": "missing value for location"
        }
      ]
    },
    {
      "operation": "Updated",
      "succeeded": 0,
      "failed": 0
    },
    {
      "operation": "Closed",
      "succeeded": 0,
      "failed": 0
    }
  ]
}

HTTP status code 409

Conflict - the producer has an existing, incomplete upload operation for this tenant - See response in RFC 7807 format for more details.

Body

Type: application/problem+json

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

the ID of a previously launched category values bulk upload

get

Get the status of a previously started upload operation. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.

SoT.

Get the status of a previously started upload operation. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.

SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • uploadID: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "object",
  "description": "the status of a previously launched upload",
  "definitions": {
    "failureDetail": {
      "type": "object",
      "description": "details of why a single object failed the crud operation (create or whatever)",
      "properties": {
	    "code": {
	      "type": "string",
	      "description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
	    },
        "message": {
          "type": "string"
        }
      },
      "additionalProperties": false,
      "required": [
        "code",
        "message"
      ]
    },
    "crudOutcome": {
      "type": "object",
      "properties": {
        "operation": {
          "enum": [
            "Created",
            "Updated",
            "Closed"
          ]
        },
        "succeeded": {
          "type": "integer",
          "description": "how many objects in the set have so far been successfully [operation]"
        },
        "failed": {
          "type": "integer",
          "description": "how many objects in the set have so far been unsuccessfully [operation]"
        },
        "failureDetails": {
          "type": "array",
          "items": {
            "$ref": "#/definitions/failureDetail"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "operation",
        "succeeded",
        "failed"
      ]
    },
    "crudOutcomes": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/crudOutcome"
      }
    }
  },
  "properties": {
    "id": {
      "description": "id of the upload operation",
      "type": "integer"
    },
    "started": {
      "type": "string",
      "format": "date-time"
    },
    "status": {
      "enum": [
        "Queued",
        "Underway",
        "Complete",
        "Error"
      ]
    },
    "results": {
      "$ref": "#/definitions/crudOutcomes"
    }
  },
  "required": [
    "id",
    "started",
    "status",
    "results"
  ],
  "additionalProperties": false
}

Example:

{
  "id": 8754598,
  "started": "2015-11-05T13:15:30Z",
  "status": "Underway",
  "results": [
    {
      "operation": "Created",
      "succeeded": 1,
      "failed": 1,
      "failureDetails": [
        {
          "code": "AZDH55",
          "message": "missing value for location"
        }
      ]
    },
    {
      "operation": "Updated",
      "succeeded": 0,
      "failed": 0
    },
    {
      "operation": "Closed",
      "succeeded": 0,
      "failed": 0
    }
  ]
}

HTTP status code 404

No launch with the ID is available. Perhaps it has been garbage collected.

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Alert listeners that a previously started upload operation has completed. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.

Non-SoT.

Alert listeners that a previously started upload operation has completed. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.

Non-SoT.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • uploadID: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "object",
  "description": "the status of a previously launched upload",
  "definitions": {
    "failureDetail": {
      "type": "object",
      "description": "details of why a single object failed the crud operation (create or whatever)",
      "properties": {
	    "code": {
	      "type": "string",
	      "description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
	    },
        "message": {
          "type": "string"
        }
      },
      "additionalProperties": false,
      "required": [
        "code",
        "message"
      ]
    },
    "crudOutcome": {
      "type": "object",
      "properties": {
        "operation": {
          "enum": [
            "Created",
            "Updated",
            "Closed"
          ]
        },
        "succeeded": {
          "type": "integer",
          "description": "how many objects in the set have so far been successfully [operation]"
        },
        "failed": {
          "type": "integer",
          "description": "how many objects in the set have so far been unsuccessfully [operation]"
        },
        "failureDetails": {
          "type": "array",
          "items": {
            "$ref": "#/definitions/failureDetail"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "operation",
        "succeeded",
        "failed"
      ]
    },
    "crudOutcomes": {
      "type": "array",
      "items": {
        "$ref": "#/definitions/crudOutcome"
      }
    }
  },
  "properties": {
    "id": {
      "description": "id of the upload operation",
      "type": "integer"
    },
    "started": {
      "type": "string",
      "format": "date-time"
    },
    "status": {
      "enum": [
        "Queued",
        "Underway",
        "Complete",
        "Error"
      ]
    },
    "results": {
      "$ref": "#/definitions/crudOutcomes"
    }
  },
  "required": [
    "id",
    "started",
    "status",
    "results"
  ],
  "additionalProperties": false
}

Example:

{
  "id": 8754598,
  "started": "2015-11-05T13:15:30Z",
  "status": "Underway",
  "results": [
    {
      "operation": "Created",
      "succeeded": 1,
      "failed": 1,
      "failureDetails": [
        {
          "code": "AZDH55",
          "message": "missing value for location"
        }
      ]
    },
    {
      "operation": "Updated",
      "succeeded": 0,
      "failed": 0
    },
    {
      "operation": "Closed",
      "succeeded": 0,
      "failed": 0
    }
  ]
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

get a single category node, even if it is unavailable (i.e. unlike GET /categories/byID/{}/values)

get a single category node, even if it is unavailable (i.e. unlike GET /categories/byID/{}/values)

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • id: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "sequence": {
      "type": "number",
      "description": "the sequence of this node (i.e. its order within its siblings)"
    },
    "location": {
      "type": "object",
      "description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
      "properties": {
        "lat": {
          "type": "number",
          "description": "latitude of this location"
        },
        "lng": {
          "type": "number",
          "description": "longitude of this location"
        },
        "country": {
          "description": "country, in ISO 3166-1 alpha-2 form",
          "enum": [
            "AC",
            "AD",
            "AE",
            "AF",
            "AG",
            "AI",
            "AL",
            "AM",
            "AN",
            "AO",
            "AQ",
            "AR",
            "AS",
            "AT",
            "AU",
            "AW",
            "AX",
            "AZ",
            "BA",
            "BB",
            "BD",
            "BE",
            "BF",
            "BG",
            "BH",
            "BI",
            "BJ",
            "BM",
            "BN",
            "BO",
            "BR",
            "BS",
            "BT",
            "BV",
            "BW",
            "BY",
            "BZ",
            "CA",
            "CC",
            "CD",
            "CF",
            "CG",
            "CH",
            "CI",
            "CK",
            "CL",
            "CM",
            "CN",
            "CO",
            "CR",
            "CU",
            "CV",
            "CX",
            "CY",
            "CZ",
            "DE",
            "DJ",
            "DK",
            "DM",
            "DO",
            "DZ",
            "EC",
            "EE",
            "EG",
            "ER",
            "ES",
            "ET",
            "FI",
            "FJ",
            "FK",
            "FM",
            "FO",
            "FR",
            "GA",
            "GB",
            "GD",
            "GE",
            "GF",
            "GG",
            "GH",
            "GI",
            "GL",
            "GM",
            "GN",
            "GP",
            "GQ",
            "GR",
            "GS",
            "GT",
            "GU",
            "GW",
            "GY",
            "HK",
            "HM",
            "HN",
            "HR",
            "HT",
            "HU",
            "ID",
            "IE",
            "IL",
            "IM",
            "IN",
            "IO",
            "IQ",
            "IR",
            "IS",
            "IT",
            "JE",
            "JM",
            "JO",
            "JP",
            "KE",
            "KG",
            "KH",
            "KI",
            "KM",
            "KN",
            "KP",
            "KR",
            "KW",
            "KY",
            "KZ",
            "LA",
            "LB",
            "LC",
            "LI",
            "LK",
            "LR",
            "LS",
            "LT",
            "LU",
            "LV",
            "LY",
            "MA",
            "MC",
            "MD",
            "ME",
            "MG",
            "MH",
            "MK",
            "ML",
            "MM",
            "MN",
            "MO",
            "MP",
            "MQ",
            "MR",
            "MS",
            "MT",
            "MU",
            "MV",
            "MW",
            "MX",
            "MY",
            "MZ",
            "NA",
            "NC",
            "NE",
            "NF",
            "NG",
            "NI",
            "NL",
            "NO",
            "NP",
            "NR",
            "NU",
            "NZ",
            "OM",
            "PA",
            "PE",
            "PF",
            "PG",
            "PH",
            "PK",
            "PL",
            "PM",
            "PN",
            "PR",
            "PT",
            "PW",
            "PY",
            "QA",
            "RE",
            "RO",
            "RS",
            "RU",
            "RW",
            "SA",
            "SB",
            "SC",
            "SD",
            "SE",
            "SG",
            "SH",
            "SI",
            "SJ",
            "SK",
            "SL",
            "SM",
            "SN",
            "SO",
            "SR",
            "ST",
            "SV",
            "SY",
            "SZ",
            "TA",
            "TC",
            "TD",
            "TF",
            "TG",
            "TH",
            "TJ",
            "TK",
            "TL",
            "TM",
            "TN",
            "TO",
            "TR",
            "TT",
            "TV",
            "TW",
            "TZ",
            "UA",
            "UG",
            "UM",
            "US",
            "UY",
            "UZ",
            "VA",
            "VC",
            "VE",
            "VG",
            "VI",
            "VN",
            "VU",
            "WF",
            "WS",
            "YE",
            "YT",
            "ZA",
            "ZM",
            "ZW"
          ]
        }
      },
      "required": [
        "lat",
        "lng"
      ]
    },
    "externalId": {
      "type": "string",
      "description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
    },
    "parent": {
      "type": "integer",
      "description": "The id of the value which is this node's parent (hierarchical structure)"
    },
    "remappedTo": {
      "type": "integer",
      "description": "The id of the value which took over from this node, when this node was permanently inactivated"
    }
  },
  "type": "object",
  "description": "details of a single category value",
  "properties": {
    "id": {
      "type": "integer"
    },
    "available": {
      "type": "boolean",
      "description": "whether this node can be selected (i.e. is not disabled)"
    },
    "name": {
      "type": "string",
      "description": "the user visible name for this category value"
    },
    "code": {
      "type": "string",
      "description": "a code for this category value"
    },
    "externalId": {
      "$ref": "#/definitions/externalId"
    },
    "sequence": {
      "$ref": "#/definitions/sequence"
    },
    "parent": {
      "$ref": "#/definitions/parent"
    },
    "remappedTo": {
      "$ref": "#/definitions/remappedTo"
    },
    "location": {
      "$ref": "#/definitions/location"
    },
    "values": {
      "type": "array",
      "items": {
        "$ref": "#"
      }
    }
  },
  "additionalProperties": false
}

Example:

    {
        "id": 10034,
        "name": "Wellington",
        "available": false
    }

HTTP status code 404

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Tell any app that cares that a category node has changed. The node's new state is sent in the request.

Tell any app that cares that a category node has changed. The node's new state is sent in the request.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • id: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "sequence": {
      "type": "number",
      "description": "the sequence of this node (i.e. its order within its siblings)"
    },
    "location": {
      "type": "object",
      "description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
      "properties": {
        "lat": {
          "type": "number",
          "description": "latitude of this location"
        },
        "lng": {
          "type": "number",
          "description": "longitude of this location"
        },
        "country": {
          "description": "country, in ISO 3166-1 alpha-2 form",
          "enum": [
            "AC",
            "AD",
            "AE",
            "AF",
            "AG",
            "AI",
            "AL",
            "AM",
            "AN",
            "AO",
            "AQ",
            "AR",
            "AS",
            "AT",
            "AU",
            "AW",
            "AX",
            "AZ",
            "BA",
            "BB",
            "BD",
            "BE",
            "BF",
            "BG",
            "BH",
            "BI",
            "BJ",
            "BM",
            "BN",
            "BO",
            "BR",
            "BS",
            "BT",
            "BV",
            "BW",
            "BY",
            "BZ",
            "CA",
            "CC",
            "CD",
            "CF",
            "CG",
            "CH",
            "CI",
            "CK",
            "CL",
            "CM",
            "CN",
            "CO",
            "CR",
            "CU",
            "CV",
            "CX",
            "CY",
            "CZ",
            "DE",
            "DJ",
            "DK",
            "DM",
            "DO",
            "DZ",
            "EC",
            "EE",
            "EG",
            "ER",
            "ES",
            "ET",
            "FI",
            "FJ",
            "FK",
            "FM",
            "FO",
            "FR",
            "GA",
            "GB",
            "GD",
            "GE",
            "GF",
            "GG",
            "GH",
            "GI",
            "GL",
            "GM",
            "GN",
            "GP",
            "GQ",
            "GR",
            "GS",
            "GT",
            "GU",
            "GW",
            "GY",
            "HK",
            "HM",
            "HN",
            "HR",
            "HT",
            "HU",
            "ID",
            "IE",
            "IL",
            "IM",
            "IN",
            "IO",
            "IQ",
            "IR",
            "IS",
            "IT",
            "JE",
            "JM",
            "JO",
            "JP",
            "KE",
            "KG",
            "KH",
            "KI",
            "KM",
            "KN",
            "KP",
            "KR",
            "KW",
            "KY",
            "KZ",
            "LA",
            "LB",
            "LC",
            "LI",
            "LK",
            "LR",
            "LS",
            "LT",
            "LU",
            "LV",
            "LY",
            "MA",
            "MC",
            "MD",
            "ME",
            "MG",
            "MH",
            "MK",
            "ML",
            "MM",
            "MN",
            "MO",
            "MP",
            "MQ",
            "MR",
            "MS",
            "MT",
            "MU",
            "MV",
            "MW",
            "MX",
            "MY",
            "MZ",
            "NA",
            "NC",
            "NE",
            "NF",
            "NG",
            "NI",
            "NL",
            "NO",
            "NP",
            "NR",
            "NU",
            "NZ",
            "OM",
            "PA",
            "PE",
            "PF",
            "PG",
            "PH",
            "PK",
            "PL",
            "PM",
            "PN",
            "PR",
            "PT",
            "PW",
            "PY",
            "QA",
            "RE",
            "RO",
            "RS",
            "RU",
            "RW",
            "SA",
            "SB",
            "SC",
            "SD",
            "SE",
            "SG",
            "SH",
            "SI",
            "SJ",
            "SK",
            "SL",
            "SM",
            "SN",
            "SO",
            "SR",
            "ST",
            "SV",
            "SY",
            "SZ",
            "TA",
            "TC",
            "TD",
            "TF",
            "TG",
            "TH",
            "TJ",
            "TK",
            "TL",
            "TM",
            "TN",
            "TO",
            "TR",
            "TT",
            "TV",
            "TW",
            "TZ",
            "UA",
            "UG",
            "UM",
            "US",
            "UY",
            "UZ",
            "VA",
            "VC",
            "VE",
            "VG",
            "VI",
            "VN",
            "VU",
            "WF",
            "WS",
            "YE",
            "YT",
            "ZA",
            "ZM",
            "ZW"
          ]
        }
      },
      "required": [
        "lat",
        "lng"
      ]
    },
    "externalId": {
      "type": "string",
      "description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
    },
    "parent": {
      "type": "integer",
      "description": "The id of the value which is this node's parent (hierarchical structure)"
    },
    "remappedTo": {
      "type": "integer",
      "description": "The id of the value which took over from this node, when this node was permanently inactivated"
    }
  },
  "type": "object",
  "description": "details of a single category value",
  "properties": {
    "id": {
      "type": "integer"
    },
    "available": {
      "type": "boolean",
      "description": "whether this node can be selected (i.e. is not disabled)"
    },
    "name": {
      "type": "string",
      "description": "the user visible name for this category value"
    },
    "code": {
      "type": "string",
      "description": "a code for this category value"
    },
    "externalId": {
      "$ref": "#/definitions/externalId"
    },
    "sequence": {
      "$ref": "#/definitions/sequence"
    },
    "parent": {
      "$ref": "#/definitions/parent"
    },
    "remappedTo": {
      "$ref": "#/definitions/remappedTo"
    },
    "location": {
      "$ref": "#/definitions/location"
    },
    "values": {
      "type": "array",
      "items": {
        "$ref": "#"
      }
    }
  },
  "additionalProperties": false
}

Example:

    {
        "id": 10034,
        "name": "Wellington",
        "available": false
    }

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post

Tell apps that care that a category node is about to be changed. The node's new state is sent in the request.

Each producer can pass back a markdown document rendering to a user what would happen if this change went ahead. e.g. "10 jobs would be deleted - click here to learn more.

Tell apps that care that a category node is about to be changed. The node's new state is sent in the request.

Each producer can pass back a markdown document rendering to a user what would happen if this change went ahead. e.g. "10 jobs would be deleted - click here to learn more.

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • id: required (string)

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "sequence": {
      "type": "number",
      "description": "the sequence of this node (i.e. its order within its siblings)"
    },
    "location": {
      "type": "object",
      "description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
      "properties": {
        "lat": {
          "type": "number",
          "description": "latitude of this location"
        },
        "lng": {
          "type": "number",
          "description": "longitude of this location"
        },
        "country": {
          "description": "country, in ISO 3166-1 alpha-2 form",
          "enum": [
            "AC",
            "AD",
            "AE",
            "AF",
            "AG",
            "AI",
            "AL",
            "AM",
            "AN",
            "AO",
            "AQ",
            "AR",
            "AS",
            "AT",
            "AU",
            "AW",
            "AX",
            "AZ",
            "BA",
            "BB",
            "BD",
            "BE",
            "BF",
            "BG",
            "BH",
            "BI",
            "BJ",
            "BM",
            "BN",
            "BO",
            "BR",
            "BS",
            "BT",
            "BV",
            "BW",
            "BY",
            "BZ",
            "CA",
            "CC",
            "CD",
            "CF",
            "CG",
            "CH",
            "CI",
            "CK",
            "CL",
            "CM",
            "CN",
            "CO",
            "CR",
            "CU",
            "CV",
            "CX",
            "CY",
            "CZ",
            "DE",
            "DJ",
            "DK",
            "DM",
            "DO",
            "DZ",
            "EC",
            "EE",
            "EG",
            "ER",
            "ES",
            "ET",
            "FI",
            "FJ",
            "FK",
            "FM",
            "FO",
            "FR",
            "GA",
            "GB",
            "GD",
            "GE",
            "GF",
            "GG",
            "GH",
            "GI",
            "GL",
            "GM",
            "GN",
            "GP",
            "GQ",
            "GR",
            "GS",
            "GT",
            "GU",
            "GW",
            "GY",
            "HK",
            "HM",
            "HN",
            "HR",
            "HT",
            "HU",
            "ID",
            "IE",
            "IL",
            "IM",
            "IN",
            "IO",
            "IQ",
            "IR",
            "IS",
            "IT",
            "JE",
            "JM",
            "JO",
            "JP",
            "KE",
            "KG",
            "KH",
            "KI",
            "KM",
            "KN",
            "KP",
            "KR",
            "KW",
            "KY",
            "KZ",
            "LA",
            "LB",
            "LC",
            "LI",
            "LK",
            "LR",
            "LS",
            "LT",
            "LU",
            "LV",
            "LY",
            "MA",
            "MC",
            "MD",
            "ME",
            "MG",
            "MH",
            "MK",
            "ML",
            "MM",
            "MN",
            "MO",
            "MP",
            "MQ",
            "MR",
            "MS",
            "MT",
            "MU",
            "MV",
            "MW",
            "MX",
            "MY",
            "MZ",
            "NA",
            "NC",
            "NE",
            "NF",
            "NG",
            "NI",
            "NL",
            "NO",
            "NP",
            "NR",
            "NU",
            "NZ",
            "OM",
            "PA",
            "PE",
            "PF",
            "PG",
            "PH",
            "PK",
            "PL",
            "PM",
            "PN",
            "PR",
            "PT",
            "PW",
            "PY",
            "QA",
            "RE",
            "RO",
            "RS",
            "RU",
            "RW",
            "SA",
            "SB",
            "SC",
            "SD",
            "SE",
            "SG",
            "SH",
            "SI",
            "SJ",
            "SK",
            "SL",
            "SM",
            "SN",
            "SO",
            "SR",
            "ST",
            "SV",
            "SY",
            "SZ",
            "TA",
            "TC",
            "TD",
            "TF",
            "TG",
            "TH",
            "TJ",
            "TK",
            "TL",
            "TM",
            "TN",
            "TO",
            "TR",
            "TT",
            "TV",
            "TW",
            "TZ",
            "UA",
            "UG",
            "UM",
            "US",
            "UY",
            "UZ",
            "VA",
            "VC",
            "VE",
            "VG",
            "VI",
            "VN",
            "VU",
            "WF",
            "WS",
            "YE",
            "YT",
            "ZA",
            "ZM",
            "ZW"
          ]
        }
      },
      "required": [
        "lat",
        "lng"
      ]
    },
    "externalId": {
      "type": "string",
      "description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
    },
    "parent": {
      "type": "integer",
      "description": "The id of the value which is this node's parent (hierarchical structure)"
    },
    "remappedTo": {
      "type": "integer",
      "description": "The id of the value which took over from this node, when this node was permanently inactivated"
    }
  },
  "type": "object",
  "description": "details of a single category value",
  "properties": {
    "id": {
      "type": "integer"
    },
    "available": {
      "type": "boolean",
      "description": "whether this node can be selected (i.e. is not disabled)"
    },
    "name": {
      "type": "string",
      "description": "the user visible name for this category value"
    },
    "code": {
      "type": "string",
      "description": "a code for this category value"
    },
    "externalId": {
      "$ref": "#/definitions/externalId"
    },
    "sequence": {
      "$ref": "#/definitions/sequence"
    },
    "parent": {
      "$ref": "#/definitions/parent"
    },
    "remappedTo": {
      "$ref": "#/definitions/remappedTo"
    },
    "location": {
      "$ref": "#/definitions/location"
    },
    "values": {
      "type": "array",
      "items": {
        "$ref": "#"
      }
    }
  },
  "additionalProperties": false
}

Example:

    {
        "id": 10034,
        "name": "Wellington",
        "available": false
    }

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "object",
  "description": "details of the information an app holds against a category node, e.g. the testimonials of employees in the Eastern region IT org",
  "properties": {
    "summary": {
      "type": "string",
      "description": "Details in markdown format with \n between lines, for rendering to a user interested in this node, capped at 1000 visible characters"
    }
  },
  "required": [
    "summary"
  ],
  "additionalProperties": false
}

Example:

{
  "summary": "All 10 jobs in Machine Learning will be moved to Data Sciences"
}

HTTP status code 404

no data available

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

get

get

Ask any apps that care about category nodes what information they are holding relating to this node.

Each producer can pass back a markdown document rendering to a user, e.g. an ATS might say "_10_ jobs, 287 candidates"

Ask any apps that care about category nodes what information they are holding relating to this node.

Each producer can pass back a markdown document rendering to a user, e.g. an ATS might say "_10_ jobs, 287 candidates"

Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • category: required (string)
  • id: required (string)

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema",
  "type": "object",
  "description": "details of the information an app holds against a category node, e.g. the testimonials of employees in the Eastern region IT org",
  "properties": {
    "summary": {
      "type": "string",
      "description": "Details in markdown format with \n between lines, for rendering to a user interested in this node, capped at 1000 visible characters"
    }
  },
  "required": [
    "summary"
  ],
  "additionalProperties": false
}

Example:

{
  "summary": "There are 10 jobs in Machine Learning"
}

HTTP status code 404

no data available

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

/editSpecs

Overview

The "editspec APIs" allow an apply app to ask the ATS for details of the data the candidate can/must provide - e.g. the job application form when applying for a job.

An editSpec can specify for example;

  • whether a resume can be provided, and whether it is mandatory
  • a message to be displayed to the candidate
  • a set of user-defined fields for the candidate
  • a set of user-defined fields that the candidate can/must provide that are specific to the job being applied for

Later, once the apply app has presented this application form to the candidate, and they have completed it, the apply app can push the candidate and job application(s) and related data into the ATS via POST /candidates.

Versions of the API

There are 4 versions of the editSpecs APIs:

  • POST /editSpecs/fetches/register/me
  • POST /editSpecs/fetches/apply/{job}/me
  • POST /editSpecs/fetches/register/anonymous
  • POST /editSpecs/fetches/apply/{job}/anonymous

The register versions of the API are for use when the app intends to create or update the candidate, without job applications.

The apply versions are for use when the app intends to also create job applications.

The /me (on behalf) versions of these APIs are strongly preferred for security and the best candidate experience. They require that the candidate is signed in via SSO. With the /me APIs, the application form that a candidate sees can be customised for who they are. e.g. an internal candidate might be asked "have you told your manager you're applying for other positions?".

The non-/me versions can be used when no candidate is signed in. This could be e.g.:

  • because the apply app does not use SSO (batch, import, email gateway etc.)
  • to deal with first time visitors to the career site who click "apply" (we may want to show them what the apply experience could be like, without making them sign in at this stage).

The intent - category values

The apply app can use an intent to send category values that hint to the ATS what sort of candidate is about to register, so it can serve up a sensible register form.

e.g. an employer runs a recruitment campaign to drive pilots to their careers site. These potential employees land on a pilot-specific landing page, featuring a button "Sign up for pilot careers". When the potential pilot clicks on the button, they will see the register form within the apply app.

That register form should be customised for pilots - e.g., welcome content for pilots, ask for details of their flight hours on different types of aircraft, etc.

When it calls the editSpecs API, the apply app makes this happen by passing an intent like this saying "give me the registration form for pilot";

Expertise->Pilot

At another example customer, a supermarket opening a new store buys some Facebook advertising in the region. The ads drive candidates to a specific landing page. When the candidate clicks to join, the apply app passes an intent like this to the editSpecs API:

Location->Lincoln Nebraska Expertise->Retail

Using this intent, the ATS can now customise the register form - e.g.

  • pre-set the location to Lincoln
  • display content related to Lincoln, Nebraska
  • display tax-, employment-related or EEO questions specific to Lincoln, Nebraska, and also to Retail roles

Intents are mainly useful for the register APIs. When passed to the apply APIs, the ATS can use both the job being applied for, and the intent, to customise the application form.

The tracker

If the apply app has access to a tracker, it should pass it into the editSpec API (and later, the apply API).

The tracker can allow the ATS to customise the form. For example when the a candidate was referred via the new employee referral program, the employer can ask additional/less questions.

Accessing the editSpec for invisible jobs

When the job is not visible to the candidate (e.g. internal only jobs), the editSpecs API call will fail.

The exception is when a tracker chain is passed to the API that contains the job access code.

Usually trackers like this are created by the employer to allow only selected candidates to apply, e.g. allowing only selected employees to apply for a job in a redundancy situation, allowing a late candidate to apply after the job even once it has been closed.

An apply app could also create a tracker like this in order to access the application form for a job which is not visible.

Always produced as SoT.

The methods are POST solely because parameters may get too long for a GET.

post

post
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "notification": {
            "type": "boolean"
        },
        "categories": {
            "$ref": "categoriesActual.json"
        }
    },
    "additionalProperties": false
}

Example:

{
       "tracker": 763019932
}

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "candidateMessage": {
      "type": "object",
      "properties": {
        "message": {
          "type": "string",
          "description": "a text message to the candidate regarding their proposed edit, may include links"
        },
        "level": {
          "enum": [
            "info",
            "warning",
            "error"
          ]
        }
      },
      "required": [
        "message",
        "level"
      ],
      "additionalProperties": false
    },
    "resumeRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "can a resume be uploaded at all, and can existing resume be seen",
          "type": "boolean"
        },
        "mandatory": {
          "description": "is the resume mandatory - implies visible == true",
          "type": "boolean"
        },
        "message": {
          "description": "a message to help the candidate understand about uploading a resume - e.g. 'resume optional when a video is provided'",
          "type": "string"
        },
        "accept": {
          "type": "array",
          "description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
          "items": {
            "$ref": "fileDownload.json#/definitions/mediaType"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "visible",
        "mandatory",
        "accept"
      ]
    },
    "notificationRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "is the candidate offered job notifications",
          "type": "boolean"
        },
        "selectedByDefault": {
          "description": "sets the initial state of job notifications for new candidates",
          "type": "boolean"
        },
        "message": {
          "description": "a message describing the job notification behavior that the candidate can expect",
          "type": "string"
        }
      },
      "additionalProperties": false
    },
    "vCardRule": {
      "type": "object",
      "properties": {
        "someMandatory": {
          "description": "a simple way to hint that key vcard fields (first name, last name, email address) are mandatory - probably will get replaced by more fine-grained scheme in the future",
          "type": "boolean"
        },
        "showPrefixField": {
          "description": "a simple way to hint that key vcard title field should be displayed",
          "type": "boolean"
        },
        "allowedPrefixes": {
          "type": "array",
          "description": "the allowable titles from the ATS. E.g.: [ Mr., Mrs., Ms., Dr. ]",
          "items": {
            "type": "string"
          }
        }
      },
      "required": [
        "someMandatory",
        "showPrefixField"
      ],
      "additionalProperties": false
    },
    "applicationModel": {
      "type": "object",
      "description": "rules specific to a single job application (i.e., not candidate-scoped)",
      "properties": {
        "job": {
          "type": "integer",
          "description": "the job application these rules apply to"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "additionalProperties": false
    },
    "candidateModel": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "requiredCategoryValues": {
          "$ref": "categoriesActual.json"
        },
        "resumeRule": {
          "$ref": "#/definitions/resumeRule"
        },
        "vCardRule": {
          "$ref": "#/definitions/vCardRule"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "required": [
        "resumeRule",
        "vCardRule"
      ]
    }
  },
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "tracker": {
      "type": "integer",
      "description": "just the same tracker that was passed in with the intent"
    },
    "candidateMessage": {
      "$ref": "#/definitions/candidateMessage"
    },
    "notificationRule": {
      "$ref": "#/definitions/notificationRule"
    },
    "candidateModel": {
      "$ref": "#/definitions/candidateModel"
    },
    "applicationModel": {
      "$ref": "#/definitions/applicationModel"
    }
  }
}

Example:

{
  "tracker": 763019932,
  "candidateMessage": {
    "message": "To apply, just complete this simple form. Best of luck!",
    "level": "info"
  },
  "candidateModel": {
    "vCardRule": {
      "someMandatory": true,
      "showPrefixField": false
    },
    "requiredCategoryValues": [
      {
        "category": 10032,
        "values": [
          3344
        ]
      },
      {
        "category": 10034,
        "values": [
          1001,
          1004
        ]
      }
    ],
    "resumeRule": {
      "visible": true,
      "mandatory": false,
      "accept": [
        "application/pdf",
        "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
        "application/msword",
        "application/rtf",
        "text/plain"
      ],
      "message": "Providing a resume is great, but if you don't have one, just leave us a video recording instead"
    },
    "itemsRule": [
		  {
		    "type": "picklist",
		    "name": "preferred-transport-10044",
		    "title": "Preferred transport",
		    "instructions": "Tell us how you'ld like to get to work",
		    "nullLabel": "Choose your transport mode",
		    "minChoices": 1,
		    "maxChoices": 1,
		    "presentation": "showOne",
		    "choices": [
		      {
		        "name": "Plane",
		        "isDefault": false
		      },
		      {
		        "name": "Land",
		        "isDefault": false,
		        "choices": [
		          {
		            "name": "Car",
		            "isDefault": false
		          },
		          {
		            "name": "Bike",
		            "isDefault": false
		          }
		        ]
		      }
		    ]
		  }    
    ]
  },
  "applicationModel": {
    "job": 356347,
    "itemsRule": [		  {
		    "type": "file",
		    "name": "cover-letter-1002",
		    "title": "Cover letter",
		    "instructions": "Please upload a cover letter.",
		    "purpose": "document",
		    "accept": [
		      "application/pdf",
		      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
		      "application/msword",
		      "application/rtf"
		    ],
		    "maxSize": 1000000
		  }
    ]
    
 }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

URI Parameters

  • job: required (string)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "notification": {
            "type": "boolean"
        },
        "categories": {
            "$ref": "categoriesActual.json"
        }
    },
    "additionalProperties": false
}

Example:

{
       "tracker": 763019932
}

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "candidateMessage": {
      "type": "object",
      "properties": {
        "message": {
          "type": "string",
          "description": "a text message to the candidate regarding their proposed edit, may include links"
        },
        "level": {
          "enum": [
            "info",
            "warning",
            "error"
          ]
        }
      },
      "required": [
        "message",
        "level"
      ],
      "additionalProperties": false
    },
    "resumeRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "can a resume be uploaded at all, and can existing resume be seen",
          "type": "boolean"
        },
        "mandatory": {
          "description": "is the resume mandatory - implies visible == true",
          "type": "boolean"
        },
        "message": {
          "description": "a message to help the candidate understand about uploading a resume - e.g. 'resume optional when a video is provided'",
          "type": "string"
        },
        "accept": {
          "type": "array",
          "description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
          "items": {
            "$ref": "fileDownload.json#/definitions/mediaType"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "visible",
        "mandatory",
        "accept"
      ]
    },
    "notificationRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "is the candidate offered job notifications",
          "type": "boolean"
        },
        "selectedByDefault": {
          "description": "sets the initial state of job notifications for new candidates",
          "type": "boolean"
        },
        "message": {
          "description": "a message describing the job notification behavior that the candidate can expect",
          "type": "string"
        }
      },
      "additionalProperties": false
    },
    "vCardRule": {
      "type": "object",
      "properties": {
        "someMandatory": {
          "description": "a simple way to hint that key vcard fields (first name, last name, email address) are mandatory - probably will get replaced by more fine-grained scheme in the future",
          "type": "boolean"
        },
        "showPrefixField": {
          "description": "a simple way to hint that key vcard title field should be displayed",
          "type": "boolean"
        },
        "allowedPrefixes": {
          "type": "array",
          "description": "the allowable titles from the ATS. E.g.: [ Mr., Mrs., Ms., Dr. ]",
          "items": {
            "type": "string"
          }
        }
      },
      "required": [
        "someMandatory",
        "showPrefixField"
      ],
      "additionalProperties": false
    },
    "applicationModel": {
      "type": "object",
      "description": "rules specific to a single job application (i.e., not candidate-scoped)",
      "properties": {
        "job": {
          "type": "integer",
          "description": "the job application these rules apply to"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "additionalProperties": false
    },
    "candidateModel": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "requiredCategoryValues": {
          "$ref": "categoriesActual.json"
        },
        "resumeRule": {
          "$ref": "#/definitions/resumeRule"
        },
        "vCardRule": {
          "$ref": "#/definitions/vCardRule"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "required": [
        "resumeRule",
        "vCardRule"
      ]
    }
  },
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "tracker": {
      "type": "integer",
      "description": "just the same tracker that was passed in with the intent"
    },
    "candidateMessage": {
      "$ref": "#/definitions/candidateMessage"
    },
    "notificationRule": {
      "$ref": "#/definitions/notificationRule"
    },
    "candidateModel": {
      "$ref": "#/definitions/candidateModel"
    },
    "applicationModel": {
      "$ref": "#/definitions/applicationModel"
    }
  }
}

Example:

{
  "tracker": 763019932,
  "candidateMessage": {
    "message": "To apply, just complete this simple form. Best of luck!",
    "level": "info"
  },
  "candidateModel": {
    "vCardRule": {
      "someMandatory": true,
      "showPrefixField": false
    },
    "requiredCategoryValues": [
      {
        "category": 10032,
        "values": [
          3344
        ]
      },
      {
        "category": 10034,
        "values": [
          1001,
          1004
        ]
      }
    ],
    "resumeRule": {
      "visible": true,
      "mandatory": false,
      "accept": [
        "application/pdf",
        "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
        "application/msword",
        "application/rtf",
        "text/plain"
      ],
      "message": "Providing a resume is great, but if you don't have one, just leave us a video recording instead"
    },
    "itemsRule": [
		  {
		    "type": "picklist",
		    "name": "preferred-transport-10044",
		    "title": "Preferred transport",
		    "instructions": "Tell us how you'ld like to get to work",
		    "nullLabel": "Choose your transport mode",
		    "minChoices": 1,
		    "maxChoices": 1,
		    "presentation": "showOne",
		    "choices": [
		      {
		        "name": "Plane",
		        "isDefault": false
		      },
		      {
		        "name": "Land",
		        "isDefault": false,
		        "choices": [
		          {
		            "name": "Car",
		            "isDefault": false
		          },
		          {
		            "name": "Bike",
		            "isDefault": false
		          }
		        ]
		      }
		    ]
		  }    
    ]
  },
  "applicationModel": {
    "job": 356347,
    "itemsRule": [		  {
		    "type": "file",
		    "name": "cover-letter-1002",
		    "title": "Cover letter",
		    "instructions": "Please upload a cover letter.",
		    "purpose": "document",
		    "accept": [
		      "application/pdf",
		      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
		      "application/msword",
		      "application/rtf"
		    ],
		    "maxSize": 1000000
		  }
    ]
    
 }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status code 403

Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.

post

post
Secured by oauth_2_0

OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)

Body

Type: application/json

Schema:

{
    "$schema": "http://json-schema.org/draft-04/schema#",
    "type": "object",
    "properties": {
        "tracker": {
            "type": "integer"
        },
        "notification": {
            "type": "boolean"
        },
        "categories": {
            "$ref": "categoriesActual.json"
        }
    },
    "additionalProperties": false
}

Example:

{
       "tracker": 763019932
}

HTTP status code 200

Body

Type: application/json

Schema:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "definitions": {
    "candidateMessage": {
      "type": "object",
      "properties": {
        "message": {
          "type": "string",
          "description": "a text message to the candidate regarding their proposed edit, may include links"
        },
        "level": {
          "enum": [
            "info",
            "warning",
            "error"
          ]
        }
      },
      "required": [
        "message",
        "level"
      ],
      "additionalProperties": false
    },
    "resumeRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "can a resume be uploaded at all, and can existing resume be seen",
          "type": "boolean"
        },
        "mandatory": {
          "description": "is the resume mandatory - implies visible == true",
          "type": "boolean"
        },
        "message": {
          "description": "a message to help the candidate understand about uploading a resume - e.g. 'resume optional when a video is provided'",
          "type": "string"
        },
        "accept": {
          "type": "array",
          "description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
          "items": {
            "$ref": "fileDownload.json#/definitions/mediaType"
          }
        }
      },
      "additionalProperties": false,
      "required": [
        "visible",
        "mandatory",
        "accept"
      ]
    },
    "notificationRule": {
      "type": "object",
      "properties": {
        "visible": {
          "description": "is the candidate offered job notifications",
          "type": "boolean"
        },
        "selectedByDefault": {
          "description": "sets the initial state of job notifications for new candidates",
          "type": "boolean"
        },
        "message": {
          "description": "a message describing the job notification behavior that the candidate can expect",
          "type": "string"
        }
      },
      "additionalProperties": false
    },
    "vCardRule": {
      "type": "object",
      "properties": {
        "someMandatory": {
          "description": "a simple way to hint that key vcard fields (first name, last name, email address) are mandatory - probably will get replaced by more fine-grained scheme in the future",
          "type": "boolean"
        },
        "showPrefixField": {
          "description": "a simple way to hint that key vcard title field should be displayed",
          "type": "boolean"
        },
        "allowedPrefixes": {
          "type": "array",
          "description": "the allowable titles from the ATS. E.g.: [ Mr., Mrs., Ms., Dr. ]",
          "items": {
            "type": "string"
          }
        }
      },
      "required": [
        "someMandatory",
        "showPrefixField"
      ],
      "additionalProperties": false
    },
    "applicationModel": {
      "type": "object",
      "description": "rules specific to a single job application (i.e., not candidate-scoped)",
      "properties": {
        "job": {
          "type": "integer",
          "description": "the job application these rules apply to"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "additionalProperties": false
    },
    "candidateModel": {
      "type": "object",
      "additionalProperties": false,
      "properties": {
        "requiredCategoryValues": {
          "$ref": "categoriesActual.json"
        },
        "resumeRule": {
          "$ref": "#/definitions/resumeRule"
        },
        "vCardRule": {
          "$ref": "#/definitions/vCardRule"
        },
        "itemsRule": {
          "$ref": "itemMetas.json"
        }
      },
      "required": [
        "resumeRule",
        "vCardRule"
      ]
    }
  },
  "type": "object",
  "additionalProperties": false,
  "properties": {
    "tracker": {
      "type": "integer",
      "description": "just the same tracker that was passed in with the intent"
    },
    "candidateMessage": {
      "$ref": "#/definitions/candidateMessage"
    },
    "notificationRule": {
      "$ref": "#/definitions/notificationRule"
    },
    "candidateModel": {
      "$ref": "#/definitions/candidateModel"
    },
    "applicationModel": {
      "$ref": "#/definitions/applicationModel"
    }
  }
}

Example:

{
  "tracker": 763019932,
  "candidateMessage": {
    "message": "To apply, just complete this simple form. Best of luck!",
    "level": "info"
  },
  "candidateModel": {
    "vCardRule": {
      "someMandatory": true,
      "showPrefixField": false
    },
    "requiredCategoryValues": [
      {
        "category": 10032,
        "values": [
          3344
        ]
      },
      {
        "category": 10034,
        "values": [
          1001,
          1004
        ]
      }
    ],
    "resumeRule": {
      "visible": true,
      "mandatory": false,
      "accept": [
        "application/pdf",
        "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
        "application/msword",
        "application/rtf",
        "text/plain"
      ],
      "message": "Providing a resume is great, but if you don't have one, just leave us a video recording instead"
    },
    "itemsRule": [
		  {
		    "type": "picklist",
		    "name": "preferred-transport-10044",
		    "title": "Preferred transport",
		    "instructions": "Tell us how you'ld like to get to work",
		    "nullLabel": "Choose your transport mode",
		    "minChoices": 1,
		    "maxChoices": 1,
		    "presentation": "showOne",
		    "choices": [
		      {
		        "name": "Plane",
		        "isDefault": false
		      },
		      {
		        "name": "Land",
		        "isDefault": false,
		        "choices": [
		          {
		            "name": "Car",
		            "isDefault": false
		          },
		          {
		            "name": "Bike",
		            "isDefault": false
		          }
		        ]
		      }
		    ]
		  }    
    ]
  },
  "applicationModel": {
    "job": 356347,
    "itemsRule": [		  {
		    "type": "file",
		    "name": "cover-letter-1002",
		    "title": "Cover letter",
		    "instructions": "Please upload a cover letter.",
		    "purpose": "document",
		    "accept": [
		      "application/pdf",
		      "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
		      "application/msword",
		      "application/rtf"
		    ],
		    "maxSize": 1000000
		  }
    ]
    
 }
}

Secured by oauth_2_0

Headers

  • Authorization: (string)

    Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.

HTTP status code 401

Bad or expired token. To fix, you should re-authenticate the user.

HTTP status