Aotal recruitment APIs API documentation
/actions
Get html head snippet (typically an include of a stylesheet) used to style the html for a strip of buttons.
The app building the page that embeds the buttons must insert the results of this API call in its head section.
get /actions/byCandidate/headHtml
Get html head snippet (typically an include of a stylesheet) used to style the html for a strip of buttons.
The app building the page that embeds the buttons must insert the results of this API call in its head section.
All APIs beneath here are operating on behalf of the logged in candidate.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/me/assessments/general
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/me/general
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/me/general/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- accountManagerFilter: (boolean)
Deprecated - use the purpose filter instead. When present and true, filters the actions to only include actions that are account managers.
- includePurposes: (string)
When present, only actions that have one of these purposes will be returned. By default all actions are returned. Must not be combined with excludePurposes.
Example:
includePurposes=createAccount,blah
- excludePurposes: (string)
When present, all actions that do not have one of these purposes will be returned. By default all actions are returned. Must not be combined with includePurposes.
Example:
excludePurposes=createAccount,blah
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/me/general/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/me/jobs/{job}
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/me/jobs/{job}/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/me/jobs/{job}/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/me/search
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/me/search/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/me/search/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/anonymous/assessments/general
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/anonymous/assessments/forApplication/{application}
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/anonymous/general
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/anonymous/general/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- accountManagerFilter: (boolean)
Deprecated - use the purpose filter instead. When present and true, filters the actions to only include actions that are account managers.
- includePurposes: (string)
When present, only actions that have one of these purposes will be returned. By default all actions are returned. Must not be combined with excludePurposes.
Example:
includePurposes=createAccount,blah
- excludePurposes: (string)
When present, all actions that do not have one of these purposes will be returned. By default all actions are returned. Must not be combined with includePurposes.
Example:
excludePurposes=createAccount,blah
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/anonymous/general/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/anonymous/jobs/{job}
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/anonymous/jobs/{job}/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/anonymous/jobs/{job}/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The name of an action button, belonging to the app that is consuming the API, that is to be marked as satisfied by someone following the link.
Obtain a link that a candidate can use to mark themselves as having satisfied the given action button on a job. When the candidate follows this link, they will be asked to sign in, then marked as having satisfied the pre-reqs for the given purpose (e.g. applying for a job), and then shown the message, along with a link to get back to where they started.
SoT.
get /actions/byCandidate/anonymous/jobs/{job}/satisfyLink/{actionName}
Obtain a link that a candidate can use to mark themselves as having satisfied the given action button on a job. When the candidate follows this link, they will be asked to sign in, then marked as having satisfied the pre-reqs for the given purpose (e.g. applying for a job), and then shown the message, along with a link to get back to where they started.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
- actionName: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
- message: required (string)
The message that will be displayed to the user on the linked web page, once they have logged in.
Example:
Congratulations! You can apply for this job now.
- results: (string)
The results paramater (if present) is a url encoded json document containing similar data as that an assessment app can set, as per actionSatisfier.json (e.g. image, a url to see the results).
HTTP status code 200
Body
Type: text/plain
Example:
https://acme.prequalify.com/jobs/10032?secret=87686kjhkg78587ykjh
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
get /actions/byCandidate/anonymous/search
Get an array which is a rollup of all applicable candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "actionsForApp.json" },
"description": "An array of actions rolled up across all producing apps"
}
Example:
[
{
"app": "myapp",
"actions": [
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
},
{
"name": "share",
"uri": "https://sharing.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Share this job",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
get /actions/byCandidate/anonymous/search/asHtml
Get the html for the strip of buttons, ready to plug into a job details page as viewed by the candidate. SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /actions/byCandidate/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/html
Example:
some html containing a strip of buttons, using only styles from the headHtml call
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
get /actions/byCandidate/anonymous/search/byName/{action}/byApp
Get a single, named action from a single app. Non-SoT.
The producing app might customise the button/control(s), or choose not display it at all e.g.;
- for an apply button, display that a partial (draft) registration is already underway
- gray the register button out if candidate logged in and already registered
Security considerations: If the producing app attaches the incoming relayPage paramater to the button's link, then it should protect itelf from Open Redirection attacks as described at https://www.owasp.org/index.php/Testing_for_Client_Side_URL_Redirect_(OTG-CLIENT-004).
One approach would be by:
- attaching an additional digital signature to the link based on the link's other values, including the relayPage
- verifying when the candidate follows the link that the relayPage has not been tampered with
Another approach would be not putting the relayPage in the link at all, but instead storing it and putting a key into the link.
The commonly used approach of whitelisting is not useful as there is no common repository of all of the valid domains in use by all apps that a tenant may have installed and that may include this action.
The default type of the action is 'button'. If the type 'image' is used then the 'imageUri' property is used to specify the location of the image.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"name": {
"type": "string",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"type": "boolean",
"description": "for actions that are apply gates, true if the gate has been passed for this specific candidate + job, false if it was failed - this field should only be present when there is a result"
}
},
"type": "object",
"description": "the logical information needed to populate a button/control at runtime",
"properties": {
"name": {
"$ref": "#/definitions/name",
"description": "fixed name for this action, containing only lower case alpha, digits and '-' characters, length <= 30"
},
"gateState": {
"$ref": "#/definitions/gateState"
},
"type": {
"enum": [
"image",
"button"
]
},
"imageUri": {
"type": "string",
"format": "uri",
"description": "the url of an image to be displayed for this action (i.e. instead of a dynamically set up button)"
},
"label": {
"type": "string",
"description": "a string indicating what the action will do, used as the label on its button/control"
},
"uri": {
"type": "string",
"format": "uri",
"description": "the url that the button/control will redirect the user to when pressed, or use to populate an iframe inside a modal"
},
"textColor": {
"description": "the color that the button's text should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"backgroundColor": {
"description": "the color that the button's background should be rendered in, in 6 character hex format without leading #, e.g. 00ff00",
"type": "string"
},
"disabled": {
"type": "boolean",
"description": "true if the button/control should appear disabled, i.e. the action can be seen but not performed"
}
},
"required": [
"name",
"label",
"uri",
"disabled"
],
"additionalProperties": true
}
Example:
{
"name": "refer",
"uri": "https://referrals.com/jobs/1022?tracker=106645",
"type": "button",
"label": "Refer a friend",
"textColor": "dddddd",
"backgroundColor": "010203",
"disabled": false
}
HTTP status code 404
The app has chosen not to render the button. Maybe the object's state prevents the action. Maybe the action is an apply gate and the candidate achieved a pass - 404 is considered the same as a pass.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
General actions seen by candidates are typically embedded in page headers, e.g. "register", "share this entire site", etc.
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
get /actions/byCandidate/general/possibles
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"actionProductionsForApp": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "the app that can produce these actions"
},
"actionProductions": {
"$ref": "actionProductions.json"
}
},
"additionalProperties": false,
"required": [
"app",
"actionProductions"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/actionProductionsForApp"
}
}
Example:
[
{
"app": "superapply",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
},
{
"app": "legacyats",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
get /actions/byCandidate/general/possibles/byApp
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"purpose": {
"description": "values are: createAccount - this action can create the candidate's account. Applies only to general actions. apply - this action can apply for a job. Applies only to job actions. editDetails - this action can edit candidate details. Applies only to general actions.",
"enum": [
"createAccount",
"editDetails",
"apply"
]
},
"gateForElement": {
"type": "object",
"description": "a purpose that (e.g. 'apply') that this button is a gate for.",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
}
},
"allowAdditionalProperties": false,
"required": [
"purpose"
]
},
"semantics": {
"description": "details about the semantics of this action that can be used by other apps. For example, knowledge that the action is used to apply for jobs may be useful if we want to (e.g.) prevent the user from applying unless they have completed some pre-qualification stage",
"type": "object",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
},
"gateFor": {
"type": "array",
"items": {
"$ref": "#/definitions/gateForElement"
}
}
},
"allowAdditionalProperties": false
},
"possibleAction": {
"type": "object",
"properties": {
"actionName": {
"type": "string",
"description": "A fixed name of this action, containing only lower case alpha, digits and '-' characters, length <= 30. The actionName should be unique within this app and scope, i.e. an app should never return more than one action with the same actionName as a possible job action."
},
"displayName": {
"type": "string",
"description": "The displayName displayed to the user at setup time (e.g. to enable or disable the button)."
},
"description": {
"type": "string",
"description": "A description of what this action does"
},
"availableToInternals": {
"type": "boolean"
},
"availableToExternals": {
"type": "boolean"
},
"mayRequireSetupFlag": {
"type": "boolean",
"description": "true if this action may provide a setup page (i.e. require some setup before it can be used)"
},
"semantics": {
"$ref": "#/definitions/semantics"
}
},
"allowAdditionalProperties": false,
"required": [
"actionName",
"availableToInternals",
"availableToExternals",
"mayRequireSetupFlag"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/possibleAction"
}
}
Example:
[
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
post /actions/byCandidate/general/possibles/byApp/deltaPings
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Job-level actions seen by candidates are typically embedded in job details pages, e.g. "apply", "share this job", etc.
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
get /actions/byCandidate/job/possibles
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"actionProductionsForApp": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "the app that can produce these actions"
},
"actionProductions": {
"$ref": "actionProductions.json"
}
},
"additionalProperties": false,
"required": [
"app",
"actionProductions"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/actionProductionsForApp"
}
}
Example:
[
{
"app": "superapply",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
},
{
"app": "legacyats",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
get /actions/byCandidate/job/possibles/byApp
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"purpose": {
"description": "values are: createAccount - this action can create the candidate's account. Applies only to general actions. apply - this action can apply for a job. Applies only to job actions. editDetails - this action can edit candidate details. Applies only to general actions.",
"enum": [
"createAccount",
"editDetails",
"apply"
]
},
"gateForElement": {
"type": "object",
"description": "a purpose that (e.g. 'apply') that this button is a gate for.",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
}
},
"allowAdditionalProperties": false,
"required": [
"purpose"
]
},
"semantics": {
"description": "details about the semantics of this action that can be used by other apps. For example, knowledge that the action is used to apply for jobs may be useful if we want to (e.g.) prevent the user from applying unless they have completed some pre-qualification stage",
"type": "object",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
},
"gateFor": {
"type": "array",
"items": {
"$ref": "#/definitions/gateForElement"
}
}
},
"allowAdditionalProperties": false
},
"possibleAction": {
"type": "object",
"properties": {
"actionName": {
"type": "string",
"description": "A fixed name of this action, containing only lower case alpha, digits and '-' characters, length <= 30. The actionName should be unique within this app and scope, i.e. an app should never return more than one action with the same actionName as a possible job action."
},
"displayName": {
"type": "string",
"description": "The displayName displayed to the user at setup time (e.g. to enable or disable the button)."
},
"description": {
"type": "string",
"description": "A description of what this action does"
},
"availableToInternals": {
"type": "boolean"
},
"availableToExternals": {
"type": "boolean"
},
"mayRequireSetupFlag": {
"type": "boolean",
"description": "true if this action may provide a setup page (i.e. require some setup before it can be used)"
},
"semantics": {
"$ref": "#/definitions/semantics"
}
},
"allowAdditionalProperties": false,
"required": [
"actionName",
"availableToInternals",
"availableToExternals",
"mayRequireSetupFlag"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/possibleAction"
}
}
Example:
[
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The setup page uses uiMode to understand whether the user is at a point in the UI where they are:
- view: viewing setup details
- edit: editing setup details
In all cases the app should apply its own security to decide whether the user is actually allowed to view/edit, this value is just a hint to make the setup page work smoothly in conjunction with the "edit mode" as set in the containing UI.
true if the setup page is setting up details for internal candidates, or false for externals
setup page for default values, that will affect all jobs (unless overridden at workflow level or on the job itself)
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
get /actions/byCandidate/job/possibles/byApp/byName/{action}/{uiMode}/{internal}/setupPage
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
- uiMode: required (string)
- internal: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"url": {
"type": "string",
"format": "url",
"description": "url of the setup page, if one exists at this level (global, workflow or job)"
},
"setupRequiredFlag": {
"type": "boolean",
"description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
}
},
"required": [
"url",
"setupRequiredFlag"
]
}
Example:
{
"url": "https://myapp.com/103734845",
"setupRequiredFlag": true
}
HTTP status code 404
There is no setup for this action at this level (i.e. it doesn't need any parameters)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/actions/byCandidate/job/possibles/byApp/byName/{action}/{uiMode}/{internal}/setupPage/forWorkflow/{workflow} get
setup page for default values that will affect all jobs of the given workflow, unless overridden on the job itself
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
get /actions/byCandidate/job/possibles/byApp/byName/{action}/{uiMode}/{internal}/setupPage/forWorkflow/{workflow}
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
- uiMode: required (string)
- internal: required (string)
- workflow: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"url": {
"type": "string",
"format": "url",
"description": "url of the setup page, if one exists at this level (global, workflow or job)"
},
"setupRequiredFlag": {
"type": "boolean",
"description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
}
},
"required": [
"url",
"setupRequiredFlag"
]
}
Example:
{
"url": "https://myapp.com/103734845",
"setupRequiredFlag": true
}
HTTP status code 404
There is no setup for this action at this level (i.e. it doesn't need any parameters)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/actions/byCandidate/job/possibles/byApp/byName/{action}/{uiMode}/{internal}/setupPage/forJob/{job} get
setup page for values that affect only this job
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
get /actions/byCandidate/job/possibles/byApp/byName/{action}/{uiMode}/{internal}/setupPage/forJob/{job}
API to get a link to a page hosted by your app that the user can use to to set up defaults or values for this action (button).
For example if your app is an employee referral program app, and the button is "refer to a friend", then the setup page, when attaching the button to a job, could be used to set the referral amount.
Communicating from your setup page back to the container
When the user drags your button (e.g. in switchgear) onto a job, they will see your setup page, iframed within the page.
Your setup page should display a UI to capture any data you need from the user, and also the OK and Cancel buttons.
Once the user has provided enough data in your page, then you can light up your OK button. When the user clicks OK, you signal to the container like this:
Window.parent.postMessage({"action": "closePanel", "verb": "ok"});
If they clicked cancel in your page, then pass "cancel" instead as the verb.
Once you signal OK, the "attach button" operation will be completed. If you signal cancel, the operation will be cancelled and the button won't be attached.
Setting default values
For actions relating to jobs like this, a setup page can also be used to set defaults (at either the global or workflow level).
This API is non-SoT, on-behalf (principal == user).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- action: required (string)
- uiMode: required (string)
- internal: required (string)
- job: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"url": {
"type": "string",
"format": "url",
"description": "url of the setup page, if one exists at this level (global, workflow or job)"
},
"setupRequiredFlag": {
"type": "boolean",
"description": "true if setup is currently required *and can be performed* at this level (global, workflow or job)"
}
},
"required": [
"url",
"setupRequiredFlag"
]
}
Example:
{
"url": "https://myapp.com/103734845",
"setupRequiredFlag": true
}
HTTP status code 404
There is no setup for this action at this level (i.e. it doesn't need any parameters)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
post /actions/byCandidate/job/possibles/byApp/deltaPings
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Search-scoped actions seen by candidates are typically embedded in job search results pages, e.g. "tell me when new jobs like this arrive", etc.
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
get /actions/byCandidate/search/possibles
Get an array which is a rollup of all possible candidate-facing actions from all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"actionProductionsForApp": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "the app that can produce these actions"
},
"actionProductions": {
"$ref": "actionProductions.json"
}
},
"additionalProperties": false,
"required": [
"app",
"actionProductions"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/actionProductionsForApp"
}
}
Example:
[
{
"app": "superapply",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
},
{
"app": "legacyats",
"actionProductions": [
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
get /actions/byCandidate/search/possibles/byApp
Your app should produce this API to return an array with an element for every different button that your app might ever provide (i.e., the superset of all of your app's possible buttons).
Typically this will be called by a coordinating app at significant times, such as after the tenant is rebooted, or after your app has signalled a change to its buttons by calling the deltaPings API. That coordinating app can then present all possible buttons to some administrator, who can then flip some config switches to dictate which buttons should be shown in different situations.
For example, the customer might want to only show a "refer a friend" button for their sales jobs, not their call center jobs.
This API is for all possible buttons - at runtime, a different API will be called on your app to ask for actual details (color, label, disabled, etc.) of each actual button. For example, your app might declare with this API that it produces a "share" button, but then at runtime it might decide not to show the "share" button if it sees that the logged in candidate has exceeded some quota for sharing.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"purpose": {
"description": "values are: createAccount - this action can create the candidate's account. Applies only to general actions. apply - this action can apply for a job. Applies only to job actions. editDetails - this action can edit candidate details. Applies only to general actions.",
"enum": [
"createAccount",
"editDetails",
"apply"
]
},
"gateForElement": {
"type": "object",
"description": "a purpose that (e.g. 'apply') that this button is a gate for.",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
}
},
"allowAdditionalProperties": false,
"required": [
"purpose"
]
},
"semantics": {
"description": "details about the semantics of this action that can be used by other apps. For example, knowledge that the action is used to apply for jobs may be useful if we want to (e.g.) prevent the user from applying unless they have completed some pre-qualification stage",
"type": "object",
"properties": {
"purpose": {
"$ref": "#/definitions/purpose"
},
"gateFor": {
"type": "array",
"items": {
"$ref": "#/definitions/gateForElement"
}
}
},
"allowAdditionalProperties": false
},
"possibleAction": {
"type": "object",
"properties": {
"actionName": {
"type": "string",
"description": "A fixed name of this action, containing only lower case alpha, digits and '-' characters, length <= 30. The actionName should be unique within this app and scope, i.e. an app should never return more than one action with the same actionName as a possible job action."
},
"displayName": {
"type": "string",
"description": "The displayName displayed to the user at setup time (e.g. to enable or disable the button)."
},
"description": {
"type": "string",
"description": "A description of what this action does"
},
"availableToInternals": {
"type": "boolean"
},
"availableToExternals": {
"type": "boolean"
},
"mayRequireSetupFlag": {
"type": "boolean",
"description": "true if this action may provide a setup page (i.e. require some setup before it can be used)"
},
"semantics": {
"$ref": "#/definitions/semantics"
}
},
"allowAdditionalProperties": false,
"required": [
"actionName",
"availableToInternals",
"availableToExternals",
"mayRequireSetupFlag"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/possibleAction"
}
}
Example:
[
{
"actionName": "apply",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": true
},
{
"actionName": "share",
"availableToInternals": true,
"availableToExternals": true,
"mayRequireSetupFlag": false
},
{
"actionName": "refer",
"availableToInternals": true,
"availableToExternals": false,
"mayRequireSetupFlag": true
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
post /actions/byCandidate/search/possibles/byApp/deltaPings
Alert any app that cares that the set of actions produced by this app has changed. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/advertisements
Produced by a Job Board App to post a new advertisement to that Job Board. Non-SoT.
post /advertisements/byApp
Produced by a Job Board App to post a new advertisement to that Job Board. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "Advertisement details to be sent through to the Job Board",
"properties": {
"advertisementId":{
"type":"string"
},
"applicationURL":{
"type":"string",
"format": "uri"
},
"title":{
"type":"string"
},
"referenceCode":{
"type":"string"
},
"shortSummary":{
"type":"string"
},
"description":{
"type":"string"
},
"recruiterName":{
"type":"string"
},
"recruiterEmail":{
"type":"string"
},
"advertisementFields": {
"$ref": "itemsWrite.json"
}
},
"additionalProperties": false
}
HTTP status code 200
the post was successful, and the created advertisementRead is returned
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "Advertisement details to be sent through to the Job Board",
"properties": {
"advertisementId": {
"type": "string"
},
"advertisementLink": {
"type": "string",
"format": "uri"
},
"status": {
"enum": [
"open",
"expired"
]
},
"applicationURL":{
"type":"string",
"format": "uri"
},
"title":{
"type":"string"
},
"referenceCode":{
"type":"string"
},
"postedBy":{
"type":"string"
},
"datePosted":{
"type":"integer"
},
"expiredBy":{
"type":"string"
},
"dateExpired":{
"type":"integer"
},
"shortSummary":{
"type":"string"
},
"description":{
"type":"string"
},
"recruiterName":{
"type":"string"
},
"recruiterEmail":{
"type":"string"
},
"advertisementFields": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Produced by a Job Board App to allow the Job Board Hub to fetch the advertisement details. Non-SoT.
Produced by a Job Board App to allow the Job Board Hub to update or expire an advertisement. Non-SoT.
get /advertisements/byID/{advertisementId}/byApp
Produced by a Job Board App to allow the Job Board Hub to fetch the advertisement details. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- advertisementId: required (string)
HTTP status code 200
Advertisement read that contains all the advertisement information
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "Advertisement details to be sent through to the Job Board",
"properties": {
"advertisementId": {
"type": "string"
},
"advertisementLink": {
"type": "string",
"format": "uri"
},
"status": {
"enum": [
"open",
"expired"
]
},
"applicationURL":{
"type":"string",
"format": "uri"
},
"title":{
"type":"string"
},
"referenceCode":{
"type":"string"
},
"postedBy":{
"type":"string"
},
"datePosted":{
"type":"integer"
},
"expiredBy":{
"type":"string"
},
"dateExpired":{
"type":"integer"
},
"shortSummary":{
"type":"string"
},
"description":{
"type":"string"
},
"recruiterName":{
"type":"string"
},
"recruiterEmail":{
"type":"string"
},
"advertisementFields": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
patch /advertisements/byID/{advertisementId}/byApp
Produced by a Job Board App to allow the Job Board Hub to update or expire an advertisement. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- advertisementId: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"action": {
"enum": [
"update",
"expire"
]
},
"applicationURL": {
"type": "string",
"format": "uri"
},
"title": {
"type": "string"
},
"referenceCode": {
"type": "string"
},
"shortSummary": {
"type": "string"
},
"description": {
"type": "string"
},
"recruiterName": {
"type": "string"
},
"recruiterEmail": {
"type": "string"
},
"advertisementFields": {
"$ref": "itemsWrite.json"
}
},
"additionalProperties": false
}
HTTP status code 200
Advertisement read that contains all the advertisement information
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "Advertisement details to be sent through to the Job Board",
"properties": {
"advertisementId": {
"type": "string"
},
"advertisementLink": {
"type": "string",
"format": "uri"
},
"status": {
"enum": [
"open",
"expired"
]
},
"applicationURL":{
"type":"string",
"format": "uri"
},
"title":{
"type":"string"
},
"referenceCode":{
"type":"string"
},
"postedBy":{
"type":"string"
},
"datePosted":{
"type":"integer"
},
"expiredBy":{
"type":"string"
},
"dateExpired":{
"type":"integer"
},
"shortSummary":{
"type":"string"
},
"description":{
"type":"string"
},
"recruiterName":{
"type":"string"
},
"recruiterEmail":{
"type":"string"
},
"advertisementFields": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Produced by a Job Board App to allow the Job Board Hub to post through IDs of advertisements to find out the status of the specified advertisements. Non-SoT.
post /advertisements/status/byApp
Produced by a Job Board App to allow the Job Board Hub to post through IDs of advertisements to find out the status of the specified advertisements. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"advertisement": {
"type":"object",
"properties": {
"id": {
"type": "string"
}
},
"required": [ "id" ]
}
},
"type": "array",
"items": { "$ref": "#/definitions/advertisement" },
"additionalProperties": false
}
HTTP status code 200
Advertisement status objects that contains the current status of the advertisement
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": {
"$ref": "advertisementStatusMeta.json"
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/applications
This API is used to fetch or query details of 1 to 100 job applications in a single call.
You should call this API either:
- passing the "applications" parameter, to fetch a specific, known set of applications; OR
- passing some combination of "bucket", "job", "candidate", "since" and "minID" to query an unknown number of applications, filtered to your requirements
In the second case, the total number of results may exceed the maximum (100) per API call, so you will need to paginate the results as follows (results are ordered by since asc, application ID asc):
- first, call the API passing only your filters (i.e., not the since or minID parameters)
- if you get back exactly 100 applications, call the API again, but this time setting since and minID paramaters to the values from the last application in the previous response
- repeat the above until less than 100 results are returned (indicating you've fetched the final application)
SinceDate is the datelastUpdated for the application.
get /applications
This API is used to fetch or query details of 1 to 100 job applications in a single call.
You should call this API either:
- passing the "applications" parameter, to fetch a specific, known set of applications; OR
- passing some combination of "bucket", "job", "candidate", "since" and "minID" to query an unknown number of applications, filtered to your requirements
In the second case, the total number of results may exceed the maximum (100) per API call, so you will need to paginate the results as follows (results are ordered by since asc, application ID asc):
- first, call the API passing only your filters (i.e., not the since or minID parameters)
- if you get back exactly 100 applications, call the API again, but this time setting since and minID paramaters to the values from the last application in the previous response
- repeat the above until less than 100 results are returned (indicating you've fetched the final application)
SinceDate is the datelastUpdated for the application.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
- applications: (integer)
If present, a set of IDs (up to a max of 100) of the applications that should be included.
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
- bucket: (integer)
if present, only include applications that are currently in this bucket
Example:
1003
- interimSparseFlag: (boolean)
If true, indicates that the response should only include a subset of data. This is an interim feature that will be deprecated in the future, when a better mechanism (e.g. GraphQL) is added.
Example:
true
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The main ping for any changes to a job application. Noisy, i.e. other apps need to store previous state to work out what has actually changed.
Non-SoT.
post /applications/byID/{application}/deltaPings
The main ping for any changes to a job application. Noisy, i.e. other apps need to store previous state to work out what has actually changed.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"operation": {
"enum": [
"insert",
"update",
"delete"
]
}
},
"type": "object",
"properties": {
"operation": {
"$ref": "#/definitions/operation"
}
},
"required": [
"operation"
],
"additionalProperties": false
}
Example:
{
"operation": "insert"
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The id of the application's new bucket
Consumed by something like an ATS when an application has changed its bucket. Noise-free, i.e. when fired we know the application has changed bucket.
Non-SoT.
post /applications/byID/{application}/bucket/{bucket}/deltaPings
Consumed by something like an ATS when an application has changed its bucket. Noise-free, i.e. when fired we know the application has changed bucket.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
- bucket: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A non-SoT API for pings about applications, but which is only sent to the application that sourced the application (i.e., that owns the campaign tracker attached to the application).
post /applications/byID/{application}/bySourcingApp/deltaPings
A non-SoT API for pings about applications, but which is only sent to the application that sourced the application (i.e., that owns the campaign tracker attached to the application).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
all items held on an application
Get values and (in some scenarios) metadata, for all items
get /applications/byID/{application}/items
Get values and (in some scenarios) metadata, for all items
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref": "itemPackageRead.json" }
}
Example:
[
{
"item": {
"type": "file",
"name": "cover letter",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509",
"via": "dropbox.com"
}
},
"meta": {
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get value and (in some scenarios), metadata for a specific item
get /applications/byID/{application}/items/byName/{item}
Get value and (in some scenarios), metadata for a specific item
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
- item: required (string)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"meta": {
"$ref": "itemMeta.json"
},
"item": {
"$ref": "itemRead.json"
}
},
"additionalProperties": false
}
Example:
{
"item": {
"type": "file",
"name": "cover letter",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509",
"via": "dropbox.com"
}
},
"meta": {
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Metadata for items held on the candidate
Get metadata for all items
get /applications/byID/{application}/items/itemMetas
Get metadata for all items
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref": "itemMeta.json" }
}
Example:
[
{
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
},
{
"type": "picklist",
"name": "preferred-transport-10044",
"title": "Preferred transport",
"instructions": "Tell us how you'ld like to get to work",
"nullLabel": "Choose your transport mode",
"minChoices": 1,
"maxChoices": 1,
"presentation": "showOne",
"choices": [
{
"name": "Plane",
"isDefault": false
},
{
"name": "Land",
"isDefault": false,
"choices": [
{
"name": "Car",
"isDefault": false
},
{
"name": "Bike",
"isDefault": false
}
]
}
]
},
{
"type": "section",
"name": "section-header-1033",
"title": "Transport questions",
"subMetas": [
{
"type": "boolean",
"name": "bike-rider-003",
"title": "Bike rider?",
"instructions": "Be honest. But remember, we want healthy employees."
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get metadata for a specific item
get /applications/byID/{application}/items/itemMetas/byName/{item}
Get metadata for a specific item
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
- item: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"definitions": {
"title": {
"type": "string",
"description": "a short, markdown-formatted label for this item, e.g. 'Date of birth'"
},
"subtitle": {
"type": "string"
},
"description": {
"type": "string",
"description": "markdown-formatted description to a person as to what this option is used for if it's not clear from the title"
},
"instructions": {
"type": "string",
"description": "markdown-formatted instructions to a person as to how to complete/interpret this item, if it's not obvious from the title"
},
"footer": {
"type": "string"
},
"elementId": {
"type": "string",
"description": "It will be used as the id attribute of the form element. This will be the values of payloadElements and reRenderElements in the callback object"
},
"callback": {
"type": "object",
"description": "The callback object dictates where the additional info will be taken from and how it should render the form elements on the page",
"properties": {
"apiUri" : {
"type": "string",
"format": "uri",
"description": "the API endpoint to be called"
},
"method" : {
"enum": ["GET","POST"]
},
"formEvent" : {
"enum": ["onChange"]
},
"reRenderWholePage" : {
"type": "boolean",
"description": "If this is set to true, all the elements on the page should be re-rendered"
},
"payloadElements" : {
"type": "array",
"description": "It is only applicable to GET method. The values of the elements should be included in the request",
"items": {
"$ref": "#/definitions/elementId"
}
},
"autoComplete": {
"type": "boolean",
"description": "If this is set to true, this input field will be treated as auto complete field. It only applies to string question type and singleLine format and it only applicable to GET method"
}
},
"additionalProperties": false,
"required": [
"apiUri",
"method"
]
},
"sectionMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"section"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"subMetas": {
"$ref": "itemMetas.json"
}
}
},
"booleanMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"boolean"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"presentation": {
"enum": [
"checkbox",
"select"
],
"description": "a hint as to how the item should be rendered"
},
"nullLabel": {
"type": "string",
"description": "The label that should be used for the 'no selection' choice. When present, implies presentation == select"
},
"defaultValue": {
"type": "boolean",
"description": "defaults to false if not present"
},
"trueLabel": {
"type": "string",
"description": "defaults to 'yes'"
},
"falseLabel": {
"type": "string",
"description": "defaults to 'no'"
},
"mandatory": {
"type": "boolean"
}
}
},
"numberMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"number"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"precision": {
"type": "integer"
},
"scale": {
"type": "integer"
},
"minValue": {
"type": "number"
},
"maxValue": {
"type": "number"
},
"defaultValue": {
"type": "number"
},
"mandatory": {
"type": "boolean"
}
}
},
"stringMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"string"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"format": {
"enum": [
"singleLine",
"multiLine",
"markDown"
],
"description": "what sort of string the item holds"
},
"minLength": {
"type": "integer"
},
"maxLength": {
"type": "integer"
},
"defaultValue": {
"type": "string"
},
"mandatory": {
"type": "boolean"
},
"pattern": {
"type": "string"
},
"hidden": {
"type": "boolean",
"description": "If this is set to true, user wouldn't see this item from UI."
}
}
},
"dateMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"date"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"showTime": {
"type": "boolean",
"description": "whether time component should be shown - entered dates default to midnight if false"
},
"nullLabel": {
"type": "string",
"description": "if present, results in a selectable UI element that equates to no selection"
},
"minDate": {
"type": "string",
"format": "date-time"
},
"maxDate": {
"type": "string",
"format": "date-time"
},
"defaultValue": {
"type": "string",
"format": "date-time"
},
"mandatory": {
"type": "boolean"
}
}
},
"fileMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"file"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"purpose": {
"enum": [
"audio",
"document",
"image",
"video"
]
},
"accept": {
"type": "array",
"description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
"items": {
"$ref": "fileDownload.json#/definitions/mediaType"
}
},
"maxSize": {
"type": "integer",
"description": "maximum file size in bytes"
},
"mandatory": {
"type": "boolean"
}
}
},
"tableMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"table"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"minRows": {
"type": "integer"
},
"maxRows": {
"type": "integer"
},
"columns": {
"$ref": "#/definitions/columns"
}
}
},
"columns": {
"type": "array",
"items": {
"$ref": "#"
},
"description": "a series of itemMetas, each representing a column within the table"
},
"picklistMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"picklist"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"nullLabel": {
"type": "string",
"description": "if present, and presentation == showOne, then a pseudo-choice will be injected"
},
"minChoices": {
"type": "integer"
},
"maxChoices": {
"type": "integer"
},
"presentation": {
"enum": [
"showOne",
"showMulti",
"showAll"
],
"description": "showOne is only usable when maxChoices == 1"
},
"choices": {
"$ref": "#/definitions/picklistChoices"
}
}
},
"picklistChoices": {
"type": "array",
"items": {
"$ref": "#/definitions/picklistChoice"
},
"description": "a bunch of choices that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
},
"picklistChoice": {
"type": "object",
"properties": {
"id": {
"type": "integer",
"description": "an unique id for picklist choice"
},
"title": {
"$ref": "#/definitions/title"
},
"name": {
"type": "string",
"description": "this choice - ideally immutable"
},
"isDefault": {
"type": "boolean",
"description": "will always be compatible with minChoices, maxChoices"
},
"choices": {
"$ref": "#/definitions/picklistChoices"
}
}
},
"cascadeMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"cascade"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"nullLabel": {
"type": "string",
"description": "if present, and presentation == showOne, then a pseudo-choice will be injected"
},
"minChoices": {
"type": "integer"
},
"maxChoices": {
"type": "integer"
},
"presentation": {
"enum": [
"showOne",
"showAll",
"showCards"
],
"description": "showOne is only usable when maxChoices == 1. If it's showCards, maxChoices must be 1 and it will display all options as card components."
},
"choices": {
"$ref": "#/definitions/cascadeChoices"
}
}
},
"cascadeChoices": {
"type": "array",
"items": {
"$ref": "#/definitions/cascadeChoice"
},
"description": "a bunch of items that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
},
"cascadeChoice": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "this choice - ideally immutable"
},
"title": {
"$ref": "#/definitions/title"
},
"subtitle": {
"$ref": "#/definitions/subtitle",
"description": "It's only usable when presentation of cascade item is showCards"
},
"description": {
"$ref": "#/definitions/description",
"description": "It's only usable when presentation of cascade item is showCards"
},
"footer": {
"$ref": "#/definitions/footer",
"description": "It's only usable when presentation of cascade item is showCards"
},
"level": {
"type": "number",
"description": "defines the colour of the card components when the presentation of cascade item is showCards. Starts at zero."
},
"isDisabled": {
"type": "boolean",
"description": "will disable this cascade choice on the UI"
},
"isDefault": {
"type": "boolean",
"description": "will always be compatible with minChoices, maxChoices"
},
"subItems": {
"type": "array",
"items": {
"$ref": "#"
},
"description": "items unlocked based on a choice"
}
}
}
},
"type": "object",
"oneOf": [
{
"$ref": "#/definitions/sectionMeta"
},
{
"$ref": "#/definitions/booleanMeta"
},
{
"$ref": "#/definitions/numberMeta"
},
{
"$ref": "#/definitions/stringMeta"
},
{
"$ref": "#/definitions/dateMeta"
},
{
"$ref": "#/definitions/fileMeta"
},
{
"$ref": "#/definitions/picklistMeta"
},
{
"$ref": "#/definitions/cascadeMeta"
},
{
"$ref": "#/definitions/tableMeta"
}
]
}
Example:
{
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get a sanitised and basic set of information for a job application, which the consumer is entitled to by virtue of sourcing the application (i.e., owning the campaign tracker attached to the application).
get /applications/bySourcingApp/{consumer}/{id}/sourcerDetails
Get a sanitised and basic set of information for a job application, which the consumer is entitled to by virtue of sourcing the application (i.e., owning the campaign tracker attached to the application).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- consumer: required (string)
- id: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A view is a curated package of information about an application and its job, candidate, etc.
The tenant controls what data appears in a view. This allows them to e.g. only share the minimum amount of data with an app. For example, an onboarding app might need details of the applicant's salary, whereas a survey app might only need to know their email address.
These "at" APIs provide access to applications based on the phase of the recruitment process that they are in now, or have ever been in. An application's phase is determined by its bucket (every bucket is linked to a single phase). In these descriptions:
- "entering a phase" means that an application has transitioned into a bucket of that phase, from a bucket of some other phase (or from initial creation) - i.e. moving between buckets of the same phase has no effect on these APIs
- "exiting a phase" means that an application has transitioned out of a bucket of this phase into a bucket of some other phase.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/new/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/new/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/new/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/new/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/screening/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/screening/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/screening/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/screening/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/interview/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/interview/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/interview/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/interview/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/selection/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/selection/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/selection/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/selection/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/offer/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/offer/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/offer/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/offer/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/approval/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/approval/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/approval/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/approval/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/hire/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/hire/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/hire/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/hire/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/onboard/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/onboard/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/onboard/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/onboard/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/decline/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/decline/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/decline/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/decline/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
get /applications/views/at/other/now
The 'now' APIs return all applications:
- that are currently in this phase; AND
- (if since is specified), that most recently entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application most recently entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
post /applications/views/at/other/now/byID/{application}/pushes
A request containing a view will be sent for the 'now' case to all listeners whenever an application;
- enters the phase
An empty request will be sent whenever an application;
- exits the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
get /applications/views/at/other/ever
The 'ever' APIs return all applications:
- that have ever been in this phase; AND
- (if since is specified), that first entered this phase after the given date; AND
- (if minID is specified), that have id > minID
A maximum of 100 applications will be returned by a single call to the API. If this maximum number is returned, the client should fetch again, specifying both sinceDate and minID, as there may be more results.
Results are ordered by sinceDate asc, applicationId asc.
sinceDate in this case is the date the application first entered the phase.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- job: (integer)
if present, only include applications for this job
Example:
10033433
- candidate: (integer)
if present, only include applications for this candidate
Example:
1002443
- minID: (number)
if present, only include applications with id > this value
Example:
1001
- since: (date)
A date string in ISO 8601 format such as "2015-11-05T13:15:30Z". If present, only applications with their significant date > this value will be returned.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref":"applicationRead.json" }
}
Example:
[
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10037,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
]
HTTP status code 404
there are no applications matching the filters
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
post /applications/views/at/other/ever/byID/{application}/pushes
A request containing a view will be sent for the "ever" case to all listeners;
- the first time (only) that an application enters the phase
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "HIREDATE",
"type": "date",
"value": "2015-11-05T13:15:30Z"
}
}
],
"candidate": {
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"recruiter": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Ask the view holding app to create a view instance of the given view type for this application. The response includes the key of the newly created view instance.
post /applications/views/byApplication/{application}/byViewType/{viewType}
Ask the view holding app to create a view instance of the given view type for this application. The response includes the key of the newly created view instance.
URI Parameters
- application: required (string)
- viewType: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"key": {
"type": "string"
},
"created": {
"type": "string",
"format": "date-time",
"description": "when the view was created"
}
},
"type": "object",
"properties": {
"key": {
"$ref": "#/definitions/key"
},
"created": {
"$ref": "#/definitions/created"
}
},
"required": [
"key",
"created"
],
"additionalProperties": false
}
Example:
{
"key": "kjhh9879hoyutf74futyyb0978g56vfuygvu5",
"created": "2015-11-05T13:15:30Z"
}
Get the previously created view instance.
get /applications/views/byKey/{key}
Get the previously created view instance.
URI Parameters
- key: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"tracker": {
"type": "integer",
"description": "The tracker, if any, associated with this application. This is fixed at the time that application is made."
},
"formFactor": {
"enum": [
"mobile",
"desktop",
"tablet",
"other"
]
},
"source": {
"type": "string"
},
"bucketMovement": {
"type": "object",
"properties": {
"id": {
"$ref": "bucket.json#/definitions/id"
},
"landed": {
"type": "string",
"format": "date-time"
}
},
"additionalProperties": false,
"required": [
"id",
"landed"
]
},
"bucketMovements": {
"type": "array",
"items": {
"$ref": "#/definitions/bucketMovement"
}
},
"dateLastUpdated": {
"type": "string",
"format": "date-time"
},
"remuneration": {
"type": "object",
"description": "See HR/XML OnBoardingDeploymentType",
"properties": {
"amount": {
"type": "number",
"description": "The monetary value of the object in which the amount is associated"
},
"rateIntervalCode": {
"type": "string",
"description": "See HR/XML PayRateIntervalCodeType"
},
"typeCode": {
"type": "string",
"description": "A code classifying the type of remuneration (HR/XML)"
}
},
"additionalProperties": false
},
"dutyEntryDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, the date the employee or human resource actually begins work or enters on duty"
},
"hireDate": {
"type": "string",
"format": "date-time",
"description": "Per- HR-XML, The date on which the associated person was hired."
},
"onBoardedDate": {
"type": "string",
"format": "date-time",
"description": "The date on which the associated person completed onboarding."
},
"hireDetails": {
"type": "object",
"properties": {
"remuneration": {
"$ref": "#/definitions/remuneration"
},
"dutyEntryDate": {
"$ref": "#/definitions/dutyEntryDate"
},
"hireDate": {
"$ref": "#/definitions/hireDate"
},
"onBoardedDate": {
"$ref": "#/definitions/onBoardedDate"
}
},
"additionalProperties": false
},
"since": {
"type": "string",
"format": "date-time",
"description": "If this application was fetched via a filter, the date-time when the application satisfied the filter (e.g., in a call to GET /applications/at/interview/ever, this would be the date the application first entered the interview phase"
}
},
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"since": {
"$ref": "#/definitions/since"
},
"source": {
"$ref": "#/definitions/source"
},
"formFactor": {
"$ref": "#/definitions/formFactor"
},
"bucketMovements": {
"$ref": "#/definitions/bucketMovements"
},
"candidate": {
"$ref": "candidateRead.json"
},
"job": {
"$ref": "jobRead.json"
},
"bucket": {
"$ref": "bucket.json#/definitions/id"
},
"tracker": {
"$ref": "#/definitions/tracker"
},
"dateLastUpdated": {
"$ref": "#/definitions/dateLastUpdated"
},
"hireDetails": {
"$ref": "#/definitions/hireDetails"
},
"items": {
"$ref": "itemPackagesRead.json"
}
},
"additionalProperties": false
}
Example:
{
"items": [
{
"item": {
"name": "coverletter",
"type": "file",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
}
}
],
"source": "seek-camp0",
"formFactor": "mobile",
"bucketMovements": [
{
"id": 10034,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10035,
"landed": "2017-05-29T01:34:30+00:00"
},
{
"id": 10036,
"landed": "2017-05-29T01:34:30+00:00"
}
],
"hireDetails": {
"hireDate": "2015-11-05T13:15:30Z"
},
"candidate": {
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
},
"job": {
"code": "TTfg321",
"title": "Creative Director",
"items": [],
"manager": {
"person": {
"email": "frano@gmail.com"
}
}
}
}
Get a list of all available view types (i.e. pre-defined sets of information about an application)
get /applications/viewTypes
Get a list of all available view types (i.e. pre-defined sets of information about an application)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": { "$ref": "applicationViewType.json" },
"description": "An array of all of the application views"
}
Example:
[
{
"id": 1002,
"label": "basic view, with CV and salary details",
"defaultFlag": false
},
{
"id": 1003,
"label": "short view, email only",
"defaultFlag": true
}
]
/appStatus
Produced by apps to inform the storefront app of this app's:
- landing page, i.e where should the user go to do on clicking "open" on the app - e.g. clicking a job board app might go to the front page of the job board
- setup required status, i.e. whether the app is degraded or unusable due to some missing setup
- setup page, i.e. where should the user go to adjust the app's setup
Probably only consumed by storefront apps.
SoT: non-SoT (each app has their own landing page).
When the app is generating the setup page url, the relayPage parameter indicates where the user should be redirected to after completing the setup (i.e. typically the app details page witin the storefront).
get /appStatus
Produced by apps to inform the storefront app of this app's:
- landing page, i.e where should the user go to do on clicking "open" on the app - e.g. clicking a job board app might go to the front page of the job board
- setup required status, i.e. whether the app is degraded or unusable due to some missing setup
- setup page, i.e. where should the user go to adjust the app's setup
Probably only consumed by storefront apps.
SoT: non-SoT (each app has their own landing page).
When the app is generating the setup page url, the relayPage parameter indicates where the user should be redirected to after completing the setup (i.e. typically the app details page witin the storefront).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"domain": {
"type": "string",
"description": "A complete domain name, used by this app (as installed by this tenant), with optional wildcard, e.g. https://*.myapp.com. If the wildcard * is used, it must be followed by a dot."
}
},
"properties": {
"landingPage": {
"type": "string",
"format": "uri",
"description": "a (probably tenant-specific) url of the landing page for this app. The landing page is where the user is led to after clicking [open] in the UI."
},
"settingsPage": {
"type": "string",
"format": "uri",
"description": "a url of a settings page for this app. The setup page is where the user is led to after clicking [settings] in the UI. After setup is complete the app should redirect the user back to the passed in relayPage."
},
"setupRequired": {
"type": "boolean",
"description": "true if the app is unusable or degraded due to lack of some setup. When true, this causes the setup required indicator to appear next to the app in the UI. When true, the app should provide a value for settingsPage."
},
"domainsUsed": {
"type": "array",
"description": "An array of domains that your app uses. The tenant's IT team can view this, rolled up with all other installed apps, in order to add to Trusted Sites in bulk.",
"items": {
"$ref": "#/definitions/domain"
}
}
},
"additionalProperties": false,
"required": [ "setupRequired" ]
}
Example:
{
"landingPage": "https://acme.myapp.com/kjyi769gukogh",
"settingsPage": "https://acme.myapp.com/stup",
"setupRequired": true,
"domainsUsed": [
"http://*/myapp.com",
"https://*/myapp.com"
]
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/assessments
These APIs are on behalf, allowing the identity of the user raising the assessment to be available to the hub.
Get the html for the strip of assessments (not started, underway or complete), ready to plug in next to a job applicant.
SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /assessments/strips/headHtml.
get /assessments/strips/me/forApplications/asHtml
Get the html for the strip of assessments (not started, underway or complete), ready to plug in next to a job applicant.
SoT.
The app building the page that embeds this strip must in its head section pull in style sheet, javascript, etc. as obtained via a call to GET /assessments/strips/headHtml.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- applications: (integer)
If present, a set of IDs (up to a max of 100) of the applications that should be included.
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "assessmentStrip.json"
}
}
Example:
[
{
"application": 1,
"strip": "<div>blah 0</div>"
},
{
"application": 22,
"strip": "<div>blah</div>"
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get html head snippet (typically an include of a stylesheet) used to style the html for the assessments strip.
The app building the page (e.g. applicant list) that embeds assessment strips must insert the results of this API call in its head section.
The head HTML API pulls in a function initializeSearchWidget() that the ATS can call, passing a single object with these fields:
- String tenant
- Number bucket
- HTMLElement sortWidget (an empty DOM element that the hub will put the sort control widget in)
- Number currentSort (indicates the assessment type currently being sorted on, so the sort control can render itself)
- Boolean currentSortAsc (is the current sort asc or desc?)
- Number job (the job the ATS is displaying applicants for)
- Function callback (callback function that the hub will use to notify the ATS when a sort is requested). The callback takes params:
- Number assessmentType (to sort by)
- Boolean sortAsc (whether to sort asc or desc)
get /assessments/strips/headHtml
Get html head snippet (typically an include of a stylesheet) used to style the html for the assessments strip.
The app building the page (e.g. applicant list) that embeds assessment strips must insert the results of this API call in its head section.
The head HTML API pulls in a function initializeSearchWidget() that the ATS can call, passing a single object with these fields:
- String tenant
- Number bucket
- HTMLElement sortWidget (an empty DOM element that the hub will put the sort control widget in)
- Number currentSort (indicates the assessment type currently being sorted on, so the sort control can render itself)
- Boolean currentSortAsc (is the current sort asc or desc?)
- Number job (the job the ATS is displaying applicants for)
- Function callback (callback function that the hub will use to notify the ATS when a sort is requested). The callback takes params:
- Number assessmentType (to sort by)
- Boolean sortAsc (whether to sort asc or desc)
An app such as an ATS calls this on an app such as the assessment hub to convert a set of application IDs into a sorted set.
If there are no assessments the result is 200 with an empty array.
post /assessments/strips/byAssessmentType/{assessmentType}/forApplications/fetches
An app such as an ATS calls this on an app such as the assessment hub to convert a set of application IDs into a sorted set.
If there are no assessments the result is 200 with an empty array.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- assessmentType: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": {
"type": "number"
},
"description": "An array of ids for anything"
}
Example:
[ 1,2,3,4 ]
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "a sorted set of assessments",
"definitions": {
"assessmentSortItem": {
"type": "object",
"description": "a single application/assessment within a larger sorted set",
"properties": {
"application": {
"$ref": "applicationRead.json#/definitions/id"
},
"assessment": {
"$ref": "assessmentMeta.json#/definitions/id"
},
"assessmentStatus": {
"$ref": "assessmentRead.json#/definitions/status"
}
}
},
"assessmentSortedSet": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentSortItem"
}
}
},
"properties": {
"unsortable": {
"$ref": "#/definitions/assessmentSortedSet"
},
"sorted": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentSortedSet"
}
}
}
}
Example:
{
"unsortable": [
{ "application": 1003 },
{ "application": 1009, "assessment": 22001, "assessmentStatus": "Error" }
],
"sorted": [
[
{ "application": 1007, "assessment": 22003, "assessmentStatus": "Complete" },
{ "application": 1019, "assessment": 22008, "assessmentStatus": "Complete" }
],
[
{ "application": 1020, "assessment": 22012, "assessmentStatus": "Complete" }
],
[
{ "application": 1001, "assessment": 22014, "assessmentStatus": "Complete" }
]
]
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get details of this assessment, reflecting changes made by the app and/or the tenant.
Tenant creates (or reuses) an assessment of the given type, for the given job application, for example upon a candidate applying and being screened in.
SoT. Typically implemented by the assessment hub.
There is no request body. The response contains the assessment ID.
get /assessments/byApplication/{application}/byAssessmentType/{assessmentType}
get details of this assessment, reflecting changes made by the app and/or the tenant.
URI Parameters
- application: required (string)
- assessmentType: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"passedFlag": {
"title": "Pass?",
"type": "boolean"
},
"id": {
"type": "integer"
},
"status": {
"description": "The current disposition of an assessment",
"enum": [
"Started",
"In progress",
"Complete",
"Cancelled",
"Opted out",
"Error"
]
},
"userInteractionUri": {
"type": [
"string",
"null"
],
"format": "uri",
"description": "when present, a uri, with all query parameters urlencoded, of a small, iframe-able web page that the user (e.g. the recruiter) uses to interact with/view the assessment"
},
"userInteractionMessage": {
"type": [
"string",
"null"
],
"description": "when present, a markdown formatted string that will be displayed to the user in the assessent popup. Any links open inside a new tab/window."
},
"interactionUris": {
"type": "object",
"properties": {
"candidateInteractionUri": {
"type": [
"string",
"null"
],
"format": "uri",
"description": "when present, a uri, with all query parameters urlencoded, that the candidate must follow to complete some part of the assessment"
},
"userInteractionUri": {
"$ref": "#/definitions/userInteractionUri"
},
"userInteractionMessage": {
"$ref": "#/definitions/userInteractionMessage"
},
"userAttentionRequired": {
"type": "boolean",
"description": "Signals that the assessment cannot proceed until the user provides some input. Can only be true when either userInteractionUri or userInteractionUri are non-null."
}
},
"additionalProperties": false,
"required": [
"candidateInteractionUri",
"userInteractionUri",
"userAttentionRequired"
]
},
"imageUrl": {
"description": "url of an image that will be loaded from an app into the assessment hub to represent an assessment's status or an unstarted assessment type",
"type": "string",
"format": "url"
},
"raisers": {
"description": "a list of every user who raised this assessment (this may be more than one, i.e. via linkages). Does not include linkages raised by the system, e.g. an assessment started because a candidate dropped into a bucket",
"type": "array",
"items": {
"$ref": "person.json"
}
}
},
"type": "object",
"properties": {
"meta": {
"$ref": "assessmentMeta.json"
},
"assessmentType": {
"$ref": "#/definitions/id"
},
"assessmentTypeKey": {
"$ref": "assessmentType.json#/definitions/key"
},
"status": {
"$ref": "#/definitions/status"
},
"view": {
"type": "string",
"description": "the key of the view instance that will give more details about the subject of this assessment (name, email address, job ID, etc.)"
},
"passedFlag": {
"$ref": "#/definitions/passedFlag"
},
"interactionUris": {
"$ref": "#/definitions/interactionUris"
},
"image": {
"$ref": "#/definitions/imageUrl"
},
"raisers": {
"$ref": "#/definitions/raisers"
}
},
"additionalProperties": false,
"required": [
"meta",
"assessmentType",
"assessmentTypeKey",
"status",
"view",
"interactionUris",
"raisers"
]
}
Example:
{
"meta": {
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2025-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": null,
"userInteractionUri": null,
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
}
]
}
post /assessments/byApplication/{application}/byAssessmentType/{assessmentType}
Tenant creates (or reuses) an assessment of the given type, for the given job application, for example upon a candidate applying and being screened in.
SoT. Typically implemented by the assessment hub.
There is no request body. The response contains the assessment ID.
URI Parameters
- application: required (string)
- assessmentType: required (string)
HTTP status code 200
the post was successful, and an existing assessment was reused.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"id": {
"type": "integer"
},
"created": {
"type": "string",
"format": "date-time",
"description": "when the object was created"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"application": {
"$ref": "#/definitions/id"
},
"candidate": {
"$ref": "#/definitions/id"
},
"job": {
"$ref": "#/definitions/id"
},
"created": {
"$ref": "#/definitions/created"
}
},
"required": [
"id",
"created"
],
"additionalProperties": false
}
Example:
{
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
}
HTTP status code 201
the post was successful, and a new assessment was created.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"id": {
"type": "integer"
},
"created": {
"type": "string",
"format": "date-time",
"description": "when the object was created"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"application": {
"$ref": "#/definitions/id"
},
"candidate": {
"$ref": "#/definitions/id"
},
"job": {
"$ref": "#/definitions/id"
},
"created": {
"$ref": "#/definitions/created"
}
},
"required": [
"id",
"created"
],
"additionalProperties": false
}
Example:
{
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
}
Tenant creates (or reuses) an assessment of the given type, for the given job application, for a logged in user, who will appear in the raisers section of the assessment. This is an on-behalf version of the similar API (without /me).
SoT. Typically implemented by the assessment hub.
There is no request body. The response contains the assessment ID.
post /assessments/byApplication/{application}/byAssessmentType/{assessmentType}/me
Tenant creates (or reuses) an assessment of the given type, for the given job application, for a logged in user, who will appear in the raisers section of the assessment. This is an on-behalf version of the similar API (without /me).
SoT. Typically implemented by the assessment hub.
There is no request body. The response contains the assessment ID.
URI Parameters
- application: required (string)
- assessmentType: required (string)
HTTP status code 200
the post was successful, and an existing assessment was reused.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"id": {
"type": "integer"
},
"created": {
"type": "string",
"format": "date-time",
"description": "when the object was created"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"application": {
"$ref": "#/definitions/id"
},
"candidate": {
"$ref": "#/definitions/id"
},
"job": {
"$ref": "#/definitions/id"
},
"created": {
"$ref": "#/definitions/created"
}
},
"required": [
"id",
"created"
],
"additionalProperties": false
}
Example:
{
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
}
HTTP status code 201
the post was successful, and a new assessment was created.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"id": {
"type": "integer"
},
"created": {
"type": "string",
"format": "date-time",
"description": "when the object was created"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"application": {
"$ref": "#/definitions/id"
},
"candidate": {
"$ref": "#/definitions/id"
},
"job": {
"$ref": "#/definitions/id"
},
"created": {
"$ref": "#/definitions/created"
}
},
"required": [
"id",
"created"
],
"additionalProperties": false
}
Example:
{
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
}
Returns a list of assessment progress information for an individual Application ID SoT. Typically implemented by the assessment hub.
get /assessments/byApplication/{application}/me
Returns a list of assessment progress information for an individual Application ID SoT. Typically implemented by the assessment hub.
URI Parameters
- application: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "assessmentRead.json"
}
}
Example:
[
{
"meta": {
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": "https://www.example.com",
"userInteractionUri": "https://www.example.com",
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
}
]
},
{
"meta": {
"id": 101,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2025-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": "https://www.example.com",
"userInteractionUri": "https://www.example.com",
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Wilber",
"familyName": "Snodgrass",
"email": "w.snodgrass@buckhouse.com"
}
]
}
]
get details of this assessment, reflecting changes made by the app and/or the tenant.
get /assessments/byID/{id}
get details of this assessment, reflecting changes made by the app and/or the tenant.
URI Parameters
- id: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"passedFlag": {
"title": "Pass?",
"type": "boolean"
},
"id": {
"type": "integer"
},
"status": {
"description": "The current disposition of an assessment",
"enum": [
"Started",
"In progress",
"Complete",
"Cancelled",
"Opted out",
"Error"
]
},
"userInteractionUri": {
"type": [
"string",
"null"
],
"format": "uri",
"description": "when present, a uri, with all query parameters urlencoded, of a small, iframe-able web page that the user (e.g. the recruiter) uses to interact with/view the assessment"
},
"userInteractionMessage": {
"type": [
"string",
"null"
],
"description": "when present, a markdown formatted string that will be displayed to the user in the assessent popup. Any links open inside a new tab/window."
},
"interactionUris": {
"type": "object",
"properties": {
"candidateInteractionUri": {
"type": [
"string",
"null"
],
"format": "uri",
"description": "when present, a uri, with all query parameters urlencoded, that the candidate must follow to complete some part of the assessment"
},
"userInteractionUri": {
"$ref": "#/definitions/userInteractionUri"
},
"userInteractionMessage": {
"$ref": "#/definitions/userInteractionMessage"
},
"userAttentionRequired": {
"type": "boolean",
"description": "Signals that the assessment cannot proceed until the user provides some input. Can only be true when either userInteractionUri or userInteractionUri are non-null."
}
},
"additionalProperties": false,
"required": [
"candidateInteractionUri",
"userInteractionUri",
"userAttentionRequired"
]
},
"imageUrl": {
"description": "url of an image that will be loaded from an app into the assessment hub to represent an assessment's status or an unstarted assessment type",
"type": "string",
"format": "url"
},
"raisers": {
"description": "a list of every user who raised this assessment (this may be more than one, i.e. via linkages). Does not include linkages raised by the system, e.g. an assessment started because a candidate dropped into a bucket",
"type": "array",
"items": {
"$ref": "person.json"
}
}
},
"type": "object",
"properties": {
"meta": {
"$ref": "assessmentMeta.json"
},
"assessmentType": {
"$ref": "#/definitions/id"
},
"assessmentTypeKey": {
"$ref": "assessmentType.json#/definitions/key"
},
"status": {
"$ref": "#/definitions/status"
},
"view": {
"type": "string",
"description": "the key of the view instance that will give more details about the subject of this assessment (name, email address, job ID, etc.)"
},
"passedFlag": {
"$ref": "#/definitions/passedFlag"
},
"interactionUris": {
"$ref": "#/definitions/interactionUris"
},
"image": {
"$ref": "#/definitions/imageUrl"
},
"raisers": {
"$ref": "#/definitions/raisers"
}
},
"additionalProperties": false,
"required": [
"meta",
"assessmentType",
"assessmentTypeKey",
"status",
"view",
"interactionUris",
"raisers"
]
}
Example:
{
"meta": {
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2025-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": null,
"userInteractionUri": null,
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
}
]
}
Consumed by the assessment app to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). Apps may set most details and some statuses for an assessment, but cannot alter the on hold flag.
patch /assessments/byID/{id}/appDetails
Consumed by the assessment app to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). Apps may set most details and some statuses for an assessment, but cannot alter the on hold flag.
URI Parameters
- id: required (string)
Body
Type: application/merge-patch+json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "package of data for an assessment app to update an assessment",
"properties": {
"status": {
"$ref": "assessmentRead.json#/definitions/status"
},
"passedFlag": {
"$ref": "assessmentRead.json#/definitions/passedFlag"
},
"interactionUris": {
"$ref": "assessmentRead.json#/definitions/interactionUris"
},
"image": {
"$ref": "assessmentRead.json#/definitions/imageUrl"
}
},
"additionalProperties": false
}
Example:
{
"status": "Complete",
"interactionUris": {
"candidateInteractionUri": null,
"userInteractionUri": null,
"userAttentionRequired": false
},
"passedFlag": true,
"image": "https://www.example.com/image.png"
}
HTTP status code 200
the update was successful
Consumed by the assessment hub, as a result of some tenant action, to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). The tenant cannot alter many details of an assessment other than to change the status.
patch /assessments/byID/{id}/tenantDetails
Consumed by the assessment hub, as a result of some tenant action, to update an existing assessment using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396). The tenant cannot alter many details of an assessment other than to change the status.
URI Parameters
- id: required (string)
Body
Type: application/merge-patch+json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "package of data for the tenant (e.g. via some trusted app like an ats) to update an assessment",
"properties": {
"status": {
"$ref": "assessmentRead.json#/definitions/status"
}
},
"additionalProperties": false
}
HTTP status code 200
the update was successful
Alerts listeners to a change to an assessment caused by the tenant
post /assessments/byID/{id}/tenantDeltaPings
Alerts listeners to a change to an assessment caused by the tenant
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- id: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"operation": {
"enum": [
"insert",
"update",
"delete"
]
}
},
"type": "object",
"properties": {
"operation": {
"$ref": "#/definitions/operation"
}
},
"required": [
"operation"
],
"additionalProperties": false
}
Example:
{
"operation": "insert"
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Returns a list of assessment progress information for a given Job ID SoT. Typically implemented by the assessment hub.
get /assessments/byJob/{job}/me
Returns a list of assessment progress information for a given Job ID SoT. Typically implemented by the assessment hub.
URI Parameters
- job: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "assessmentRead.json"
}
}
Example:
[
{
"meta": {
"id": 100,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2015-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": "https://www.example.com",
"userInteractionUri": "https://www.example.com",
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
}
]
},
{
"meta": {
"id": 101,
"application": 234453,
"candidate": 34565743,
"job": 10192837,
"created": "2025-11-05T13:15:30Z"
},
"assessmentType": 10022,
"assessmentTypeKey": "maths test",
"status": "Started",
"view": "46dac901-9afa-414f-9a80-f45c030edb33",
"interactionUris": {
"candidateInteractionUri": "https://www.example.com",
"userInteractionUri": "https://www.example.com",
"userAttentionRequired": false
},
"raisers": [
{
"givenName": "Wilber",
"familyName": "Snodgrass",
"email": "w.snodgrass@buckhouse.com"
}
]
}
]
An app such as the assessment hub calls this on the assessment app that owns these assessments, to have them sorted.
post /assessments/sorts
An app such as the assessment hub calls this on the assessment app that owns these assessments, to have them sorted.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": {
"type": "number"
},
"description": "An array of ids for anything"
}
Example:
[ 1023,1046,1077,1122,1343,1022 ]
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "a sorted set of assessments",
"definitions": {
"assessmentSortItem": {
"type": "object",
"description": "a single application/assessment within a larger sorted set",
"properties": {
"application": {
"$ref": "applicationRead.json#/definitions/id"
},
"assessment": {
"$ref": "assessmentMeta.json#/definitions/id"
},
"assessmentStatus": {
"$ref": "assessmentRead.json#/definitions/status"
}
}
},
"assessmentSortedSet": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentSortItem"
}
}
},
"properties": {
"unsortable": {
"$ref": "#/definitions/assessmentSortedSet"
},
"sorted": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentSortedSet"
}
}
}
}
Example:
{
"unsortable": [
{ "assessment": 1023, "assessmentStatus": "Error" }
],
"sorted": [
[
{ "assessment": 1046, "assessmentStatus": "Complete" },
{ "assessment": 1122, "assessmentStatus": "Complete" }
],
[
{ "assessment": 1022, "assessmentStatus": "Complete" }
],
[
{ "assessment": 1077, "assessmentStatus": "Complete" }
],
[
{ "assessment": 1343, "assessmentStatus": "Complete" }
]
]
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Creates (or reuses) and starts an assessment of the given type, for the given job application, for the given raiser. SoT. Typically implemented by the assessment hub.
post /assessments/start
Creates (or reuses) and starts an assessment of the given type, for the given job application, for the given raiser. SoT. Typically implemented by the assessment hub.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"definitions": {
"id": {
"type": "integer"
},
"view": {
"type": "string",
"description": "unique view key"
}
},
"properties": {
"assessmentType": {
"$ref": "#/definitions/id"
},
"application": {
"$ref": "#/definitions/id"
},
"candidate": {
"$ref": "#/definitions/id"
},
"candidateInternal": {
"type": "boolean"
},
"candidateDetails": {
"$ref": "person.json"
},
"job": {
"$ref": "#/definitions/id"
},
"view": {
"$ref": "#/definitions/view"
},
"raiser": {
"description": "User who is raising this assessment",
"$ref": "person.json"
}
},
"additionalProperties": false,
"required": [
"assessmentType",
"application",
"candidate",
"candidateInternal",
"job",
"view",
"raiser"
]
}
Example:
{
"assessmentType": 10022,
"application": 1442,
"candidate": 19967712,
"candidateInternal": true,
"candidateDetails": {
"givenName": "Bob",
"familyName": "Smithe",
"email": "bsmithe@location.com.au"
},
"job": 102112,
"view": "kjhh9879hoyutf74futyyb0978g56vfuygvu5",
"raiser": {
"givenName": "Wilber",
"familyName": "Snodgrass",
"email": "w.snodgrass@buckhouse.co.uk"
}
}
/assessmentTypes
Get the list of all assessment types produced by all assessment apps.
SoT.
get /assessmentTypes
Get the list of all assessment types produced by all assessment apps.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"assessmentTypeWithID": {
"type": "object",
"properties": {
"id": {
"type": "number"
},
"activeFlag": {
"type": "boolean"
},
"assessmentType": {
"$ref": "assessmentType.json"
}
},
"required": [ "id", "activeFlag", "assessmentType" ]
},
"assessmentTypesWithID": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentTypeWithID"
}
},
"appTypesWithID": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "Shortcode for the app that owns these assessment types"
},
"appName": {
"type": "string",
"description": "Name for the app that owns these assessment types"
},
"assessmentTypesWithID": {
"$ref": "#/definitions/assessmentTypesWithID"
}
},
"required": [ "app", "appName", "assessmentTypesWithID" ]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/appTypesWithID"
}
}
Example:
[
{
"app": "msassess",
"appName": "Microsoft assessment toolbox",
"assessmentTypesWithID": [
{
"id": 3002,
"activeFlag": true,
"assessmentType": {
"key": "mswordprof",
"userTitle": "MS Word proficiency - basic",
"daysToExpire": 365,
"isPassFail": false,
"sortable": true,
"canReuse": true,
"userDescription": "The MS Word proficiency test is an easy, painless way to assess ability to use this most excellent of products.",
"image": "https://www.example.com/image.png"
}
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of the key field returned by GET /assessments/byID/{} and will shortly be removed.
Get details of a single assessment type, by ID. The response is an array containing a single type. Typically used by the assessment hub's UI when rendering details about assessments about to be created, or that already exist.
Even when an assessment type has been deleted (i.e., is no longer passed by the assessment app) it will still be returned by this API, but with activeFlag set to false.
SoT.
get /assessmentTypes/byID/{id}
This API is deprecated in favour of the key field returned by GET /assessments/byID/{} and will shortly be removed.
Get details of a single assessment type, by ID. The response is an array containing a single type. Typically used by the assessment hub's UI when rendering details about assessments about to be created, or that already exist.
Even when an assessment type has been deleted (i.e., is no longer passed by the assessment app) it will still be returned by this API, but with activeFlag set to false.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- id: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"assessmentTypeWithID": {
"type": "object",
"properties": {
"id": {
"type": "number"
},
"activeFlag": {
"type": "boolean"
},
"assessmentType": {
"$ref": "assessmentType.json"
}
},
"required": [ "id", "activeFlag", "assessmentType" ]
},
"assessmentTypesWithID": {
"type": "array",
"items": {
"$ref": "#/definitions/assessmentTypeWithID"
}
},
"appTypesWithID": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "Shortcode for the app that owns these assessment types"
},
"appName": {
"type": "string",
"description": "Name for the app that owns these assessment types"
},
"assessmentTypesWithID": {
"$ref": "#/definitions/assessmentTypesWithID"
}
},
"required": [ "app", "appName", "assessmentTypesWithID" ]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/appTypesWithID"
}
}
Example:
[
{
"app": "msassess",
"appName": "Microsoft assessment toolbox",
"assessmentTypesWithID": [
{
"id": 3002,
"activeFlag": true,
"assessmentType": {
"key": "mswordprof",
"userTitle": "MS Word proficiency - basic",
"daysToExpire": 365,
"isPassFail": false,
"sortable": true,
"canReuse": true,
"userDescription": "The MS Word proficiency test is an easy, painless way to assess ability to use this most excellent of products.",
"image": "https://www.example.com/image.png"
}
}
]
}
]
HTTP status code 404
no assessment type with that ID exists
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the list of assessment types produced by an assessment app.
Non-SoT.
get /assessmentTypes/forApp
Get the list of assessment types produced by an assessment app.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "assessmentType.json"
}
}
Example:
[
{
"key": "mswordprof",
"userTitle": "MS Word proficiency - basic",
"daysToExpire": 365,
"isPassFail": false,
"sortable": true,
"canReuse": true,
"userDescription": "The MS Word proficiency test is an easy, painless way to assess ability to use this most excellent of products.",
"image": "https://www.example.com/image.png"
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the url for the assessment type's launcher UI. The UI may adapt itself based on job and/or candidate, e.g. to ask less of internal candidates. Or it could ignore the application ID and just present its generic UI.
get /assessmentTypes/forApp/byKey/{key}/launcher/forApplication/{application}
Get the url for the assessment type's launcher UI. The UI may adapt itself based on job and/or candidate, e.g. to ask less of internal candidates. Or it could ignore the application ID and just present its generic UI.
URI Parameters
- key: required (string)
- application: required (string)
This API is deprecated in favour of POST /assessmentTypes/forApp/deltaPings/1 and will shortly be removed.
Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.
Non-SoT (there may be many listeners).
post /assessmentTypes/forApp/deltaPings
This API is deprecated in favour of POST /assessmentTypes/forApp/deltaPings/1 and will shortly be removed.
Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.
Non-SoT (there may be many listeners).
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.
SoT.
post /assessmentTypes/forApp/deltaPings/1
Consumed by an assessment app to alert any interested parties that the list of assessment types produced by the app has changed.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the list of assessment types that are visible to this user, for applicants for this job and in this bucket. This can be used e.g. to populate a sorting widget - in it the user could click on a sortable assessment type to sort the applicants.
get /assessmentTypes/me/forJob/byID/{job}
Get the list of assessment types that are visible to this user, for applicants for this job and in this bucket. This can be used e.g. to populate a sorting widget - in it the user could click on a sortable assessment type to sort the applicants.
URI Parameters
- job: required (string)
Query Parameters
- bucket: required (integer)
only include assessment types that are visible to the user for applicants in the given bucket
Example:
1003
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "assessmentTypeVisible.json"
}
}
Example:
[
{
"id": 100,
"image": "http://images.com/kih968oi",
"userTitle": "Assess me now",
"sortable": true
}
]
/buckets
get /buckets
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type": "array",
"items": { "$ref":"bucket.json" }
}
Example:
[
{
"id": 1023,
"label": "Screened in",
"phase": "new"
},
{
"id": 1024,
"label": "Phone screen",
"phase": "screening"
},
{
"id": 1025,
"label": "Declined",
"phase": "decline"
},
{
"id": 1026,
"label": "Hired",
"phase": "hire"
}
]
get /buckets/byID/{bucket}
URI Parameters
- bucket: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"id": {
"type": "integer"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"label": {
"type": "string"
},
"phase": {
"description": "Buckets have a phase, which represents the approximate part of the recruitment process this bucket is for - for example the phase 'interview' might have several buckets (e.g. 'line manager interview', etc.).",
"enum": [
"new",
"screening",
"interview",
"selection",
"offer",
"approval",
"hire",
"onboard",
"decline",
"other"
]
},
"key": {
"type": "string"
}
},
"required": [
"id",
"label",
"phase"
],
"additionalProperties": false
}
Example:
{
"id": 10023,
"label": "Screened in",
"phase": "new"
}
The main ping for any changes to a bucket. Noisy, i.e. other apps need to store previous state to work out what has actually changed.
Non-SoT.
post /buckets/byID/{bucket}/deltaPings
The main ping for any changes to a bucket. Noisy, i.e. other apps need to store previous state to work out what has actually changed.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- bucket: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"operation": {
"enum": [
"insert",
"update",
"delete"
]
}
},
"type": "object",
"properties": {
"operation": {
"$ref": "#/definitions/operation"
}
},
"required": [
"operation"
],
"additionalProperties": false
}
Example:
{
"operation": "insert"
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/candidates
Candidates are people who are in the tenant's talent world, perhaps stored in their ATS. Maybe they applied for an opening, registered in the database, were imported from some other system, etc.
This API has the same behaviour as POST /candidates/me, except that the call is not on behalf.
post /candidates
This API has the same behaviour as POST /candidates/me, except that the call is not on behalf.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"candidateData": {
"$ref": "candidateWrite.json"
},
"applicationData": {
"type": "object",
"properties": {
"job": {
"type": "integer"
},
"applicationWrite": {
"$ref": "applicationWrite.json"
}
},
"additionalProperties": false
}
},
"type": "object",
"properties": {
"tracker": {
"type": "integer"
},
"candidateData": {
"$ref": "#/definitions/candidateData"
},
"applicationData": {
"$ref": "#/definitions/applicationData"
}
},
"additionalProperties": false
}
Example:
{
"candidateData": {
"notifications": true,
"internalFlag": true,
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resume": {
"fileName": "fredcv.docx",
"data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
"via": "dropbox.com"
},
"categories": [
{
"category": 10032,
"values": [
1009,
1010,
10344
]
},
{
"category": 10055,
"values": [
1085
]
}
],
"items": [
{
"name": "birthdate",
"type": "date",
"value": "2015-11-05T13:15:30Z"
},
{
"name": "keenworkerflag",
"type": "boolean",
"value": true
}
]
},
"applicationData": {
"job": 23,
"applicationWrite": {
"items": [
{
"name": "blah",
"type": "boolean",
"value": true
}
]
}
}
}
This API has the same behaviour as POST /candidates/me/unvalidated, except that the call is not on behalf.
post /candidates/unvalidated
This API has the same behaviour as POST /candidates/me/unvalidated, except that the call is not on behalf.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"candidateData": {
"$ref": "candidateWrite.json"
},
"applicationData": {
"type": "object",
"properties": {
"job": {
"type": "integer"
},
"applicationWrite": {
"$ref": "applicationWrite.json"
}
},
"additionalProperties": false
}
},
"type": "object",
"properties": {
"tracker": {
"type": "integer"
},
"candidateData": {
"$ref": "#/definitions/candidateData"
},
"applicationData": {
"$ref": "#/definitions/applicationData"
}
},
"additionalProperties": false
}
Example:
{
"candidateData": {
"notifications": true,
"internalFlag": true,
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resume": {
"fileName": "fredcv.docx",
"data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
"via": "dropbox.com"
},
"categories": [
{
"category": 10032,
"values": [
1009,
1010,
10344
]
},
{
"category": 10055,
"values": [
1085
]
}
],
"items": [
{
"name": "birthdate",
"type": "date",
"value": "2015-11-05T13:15:30Z"
},
{
"name": "keenworkerflag",
"type": "boolean",
"value": true
}
]
},
"applicationData": {
"job": 23,
"applicationWrite": {
"items": [
{
"name": "blah",
"type": "boolean",
"value": true
}
]
}
}
}
All APIs beneath here are operating on behalf of the logged in candidate.
Get the signed in candidate's details
Overview
These "apply APIs" are used by an apply app to create or update a candidate in the ATS (depending on whether one exists with a matching email), and optionally create a job application.
There are 4 versions of the apply APIs:
- POST /candidates
- POST /candidates/unvalidated
- POST /candidates/me
- POST /candidates/me/unvalidated
The /me (on behalf) versions of these APIs are strongly preferred for security and the best candidate experience. They require that the candidate is signed in via SSO.
The non-/unvalidated versions of these APIs are also preferred whenever possible. The /unvalidated versions should be used only if its not possible to answer all of the customer's mandatory questions.
Preparing to call the APIs
Before calling this API, the apply app will usually make an API call to fetch the edit spec (i.e. details of the application form) from the ATS.
The apply app uses this to build up an application form and show it to the candidate.
Once the candidate has completed the application form, the apply app uses one of these apply APIs to push the candidate data and job applications into the ATS.
Update semantics
When updating, merge patch semantics are used (https://tools.ietf.org/html/rfc7386). For example;
- if resume is present in the request, it will be set
- if present and null, any existing resume will be cleared
- if not present, any existing resume will be left unchanged
Internal candidates
The API calls can set or update the candidate's internalFlag (i.e. indicating they are an employee).
The /me versions of the APIs do this by checking for the "internal" role in the incoming SAML assertion. If present, the candidate will be set to have internalFlag = true. If not present, false. The internal flag should not be present in API the request - a 400 error will be thrown if it is.
For the non-/me versions of the APIs, the ATS should just examine the candidate's internal flag in the request.
- if present and true then the candidate is set to internalFlag == true
- if present and true then the candidate is set to internalFlag == false
- if not present, then when creating, the internalFLag will be set to false, and when updating no change will be made
Fields duplicated in the vcard
Within the person object, some fields - e,g, email, first name, last name - are duplicated, i.e. they appear both as a first class field, and also within the vcard. In the API request, either can be used to set the underlying value;
- The underlying value will be set to whichever is not null
- If both are null, the underlying value will be set to null
- If both are not null and they clash, a 400 error will be thrown
Category values
When the API request contains the categories object, and there is a category present (e.g. Location), then the the candidate will be updated to exactly match the category values.
Any categories not passed in will not be changed on the candidate.
Checking eligibility to apply
When the API request includes an job application, the ATS should check that the job is active, AND that one of the following is true;
- if the job is "open to externals", that the candidate is external
- if the job is "open to internals", that the candidate is internal
- if neither, that a tracker chain was passed in that has a campaign tracker for this job and with correctly matching access code
If the job is not active or none of the above are true, then the API will return 400 and no changes will be made.
File checks
The ATS must run all uploaded files through OWASP security tests:
- extension matches actual file type
- virus check
- etc.
Validation
The ATS (app producing the API) must not blindly apply the incoming data. Instead it must itself first generate an editSpec for the candidate, and then check that the incoming data is a subset of what the editSpec allows/requires. This prevents attacks where e.g. the apply app tries to write to a random item. This checking must happen in both the normal and the /unvalidated forms of the APIs.
The ATS must also check that the apply app has passed the resume (if mandatory) and any mandatory data items. The /unvalidated versions of the APIs don't perform these mandatory checks.
get /candidates/me
Get the signed in candidate's details
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"notifications": {
"type": "boolean",
"description": "whether this candidate wants to receive email alerts about new jobs"
},
"internalFlag": {
"type": "boolean",
"description": "whether this candidate is an internal"
},
"id": {
"type": "integer"
}
},
"type": "object",
"properties": {
"id": {
"$ref": "#/definitions/id"
},
"notifications": {
"$ref": "#/definitions/notifications"
},
"internalFlag": {
"$ref": "#/definitions/internalFlag"
},
"person": {
"$ref": "person.json"
},
"resumeMeta": {
"$ref": "fileDownload.json"
},
"items": {
"$ref": "itemPackagesRead.json"
},
"categories": {
"$ref": "categoriesActual.json"
}
},
"additionalProperties": false
}
Example:
{
"person": {
"vcard": [
"vcard",
[
[
"version",
{},
"text",
"4.0"
],
[
"n",
{},
"text",
[
"Gor4ven",
"David",
"",
"Mr.",
""
]
],
[
"nickname",
{},
"text",
"David"
],
[
"tel",
{
"type": "home"
},
"text",
"+64212094544"
],
[
"tel",
{
"type": "cell"
},
"text",
"+64212094544"
],
[
"adr",
{},
"text",
[
"",
"",
"11 Hoturoa Place, Manurewa",
"Auckland",
"",
"2102",
"NZ"
]
],
[
"email",
{
"type": "home"
},
"text",
"davededo@gmail.com"
],
[
"x-socialprofile",
{
"type": "Facebook"
},
"uri",
"https://www.facebook.com/bgorven"
],
[
"prodid",
{},
"text",
"ez-vcard 0.9.6"
]
]
]
},
"internalFlag": false,
"resumeMeta": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
},
"items": []
}
post /candidates/me
Overview
These "apply APIs" are used by an apply app to create or update a candidate in the ATS (depending on whether one exists with a matching email), and optionally create a job application.
There are 4 versions of the apply APIs:
- POST /candidates
- POST /candidates/unvalidated
- POST /candidates/me
- POST /candidates/me/unvalidated
The /me (on behalf) versions of these APIs are strongly preferred for security and the best candidate experience. They require that the candidate is signed in via SSO.
The non-/unvalidated versions of these APIs are also preferred whenever possible. The /unvalidated versions should be used only if its not possible to answer all of the customer's mandatory questions.
Preparing to call the APIs
Before calling this API, the apply app will usually make an API call to fetch the edit spec (i.e. details of the application form) from the ATS.
The apply app uses this to build up an application form and show it to the candidate.
Once the candidate has completed the application form, the apply app uses one of these apply APIs to push the candidate data and job applications into the ATS.
Update semantics
When updating, merge patch semantics are used (https://tools.ietf.org/html/rfc7386). For example;
- if resume is present in the request, it will be set
- if present and null, any existing resume will be cleared
- if not present, any existing resume will be left unchanged
Internal candidates
The API calls can set or update the candidate's internalFlag (i.e. indicating they are an employee).
The /me versions of the APIs do this by checking for the "internal" role in the incoming SAML assertion. If present, the candidate will be set to have internalFlag = true. If not present, false. The internal flag should not be present in API the request - a 400 error will be thrown if it is.
For the non-/me versions of the APIs, the ATS should just examine the candidate's internal flag in the request.
- if present and true then the candidate is set to internalFlag == true
- if present and true then the candidate is set to internalFlag == false
- if not present, then when creating, the internalFLag will be set to false, and when updating no change will be made
Fields duplicated in the vcard
Within the person object, some fields - e,g, email, first name, last name - are duplicated, i.e. they appear both as a first class field, and also within the vcard. In the API request, either can be used to set the underlying value;
- The underlying value will be set to whichever is not null
- If both are null, the underlying value will be set to null
- If both are not null and they clash, a 400 error will be thrown
Category values
When the API request contains the categories object, and there is a category present (e.g. Location), then the the candidate will be updated to exactly match the category values.
Any categories not passed in will not be changed on the candidate.
Checking eligibility to apply
When the API request includes an job application, the ATS should check that the job is active, AND that one of the following is true;
- if the job is "open to externals", that the candidate is external
- if the job is "open to internals", that the candidate is internal
- if neither, that a tracker chain was passed in that has a campaign tracker for this job and with correctly matching access code
If the job is not active or none of the above are true, then the API will return 400 and no changes will be made.
File checks
The ATS must run all uploaded files through OWASP security tests:
- extension matches actual file type
- virus check
- etc.
Validation
The ATS (app producing the API) must not blindly apply the incoming data. Instead it must itself first generate an editSpec for the candidate, and then check that the incoming data is a subset of what the editSpec allows/requires. This prevents attacks where e.g. the apply app tries to write to a random item. This checking must happen in both the normal and the /unvalidated forms of the APIs.
The ATS must also check that the apply app has passed the resume (if mandatory) and any mandatory data items. The /unvalidated versions of the APIs don't perform these mandatory checks.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"candidateData": {
"$ref": "candidateWrite.json"
},
"applicationData": {
"type": "object",
"properties": {
"job": {
"type": "integer"
},
"applicationWrite": {
"$ref": "applicationWrite.json"
}
},
"additionalProperties": false
}
},
"type": "object",
"properties": {
"tracker": {
"type": "integer"
},
"candidateData": {
"$ref": "#/definitions/candidateData"
},
"applicationData": {
"$ref": "#/definitions/applicationData"
}
},
"additionalProperties": false
}
Example:
{
"candidateData": {
"notifications": true,
"internalFlag": true,
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resume": {
"fileName": "fredcv.docx",
"data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
"via": "dropbox.com"
},
"categories": [
{
"category": 10032,
"values": [
1009,
1010,
10344
]
},
{
"category": 10055,
"values": [
1085
]
}
],
"items": [
{
"name": "birthdate",
"type": "date",
"value": "2015-11-05T13:15:30Z"
},
{
"name": "keenworkerflag",
"type": "boolean",
"value": true
}
]
},
"applicationData": {
"job": 23,
"applicationWrite": {
"items": [
{
"name": "blah",
"type": "boolean",
"value": true
}
]
}
}
}
HTTP status code 200
the post was successful
HTTP status code 201
the post was successful
HTTP status code 400
The consumer made a bad request. See response in RFC 7807 format for more details.
Body
Type: application/problem+json
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API has the same behaviour as POST /candidates/me, except that mandatory items may be missing.
post /candidates/me/unvalidated
This API has the same behaviour as POST /candidates/me, except that mandatory items may be missing.
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"candidateData": {
"$ref": "candidateWrite.json"
},
"applicationData": {
"type": "object",
"properties": {
"job": {
"type": "integer"
},
"applicationWrite": {
"$ref": "applicationWrite.json"
}
},
"additionalProperties": false
}
},
"type": "object",
"properties": {
"tracker": {
"type": "integer"
},
"candidateData": {
"$ref": "#/definitions/candidateData"
},
"applicationData": {
"$ref": "#/definitions/applicationData"
}
},
"additionalProperties": false
}
Example:
{
"candidateData": {
"notifications": true,
"internalFlag": true,
"person": {
"givenName": "Fred",
"familyName": "Bloggs",
"email": "fred@gmail.com"
},
"resume": {
"fileName": "fredcv.docx",
"data": "utg765f876hilf76fg6gutg765f876hilf76fg6gutg765f876hilf76fg6g",
"via": "dropbox.com"
},
"categories": [
{
"category": 10032,
"values": [
1009,
1010,
10344
]
},
{
"category": 10055,
"values": [
1085
]
}
],
"items": [
{
"name": "birthdate",
"type": "date",
"value": "2015-11-05T13:15:30Z"
},
{
"name": "keenworkerflag",
"type": "boolean",
"value": true
}
]
},
"applicationData": {
"job": 23,
"applicationWrite": {
"items": [
{
"name": "blah",
"type": "boolean",
"value": true
}
]
}
}
}
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get general information about the candidate including notifications (subscribe y/n)
get /candidates/me/details
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get general information about the candidate including notifications (subscribe y/n)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"notifications": {
"type": "boolean",
"description": "whether this candidate wants to receive email alerts about new jobs"
},
"internalFlag": {
"type": "boolean",
"description": "whether this candidate is an internal"
}
},
"type": "object",
"properties": {
"notifications": {
"$ref": "#/definitions/notifications"
},
"internalFlag": {
"$ref": "#/definitions/internalFlag"
}
},
"required": [
"notifications",
"internalFlag"
],
"additionalProperties": false
}
Example:
{
"notifications": true,
"internalFlag": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the uri of the home page, a landing page where a logged in candidate can see anything they should know about or should do, e.g. the status of their job application, assessments they still haven't completed, etc. Often produced by an ATS.
Details of a relayPage can be passed in when the home page was reached as part of some activity. e.g. candidate applies for job and after submission is redirected to the home page, e.g. so they can complete any auto-started assessments. Passing the relayPage of the job (where they clicked Apply) causes navigation link "Back to Creative Director" to be displayed at the top of the candidate home page.
SoT. There is only one home page to send the candidate to.
get /candidates/me/homePage
Get the uri of the home page, a landing page where a logged in candidate can see anything they should know about or should do, e.g. the status of their job application, assessments they still haven't completed, etc. Often produced by an ATS.
Details of a relayPage can be passed in when the home page was reached as part of some activity. e.g. candidate applies for job and after submission is redirected to the home page, e.g. so they can complete any auto-started assessments. Passing the relayPage of the job (where they clicked Apply) causes navigation link "Back to Creative Director" to be displayed at the top of the candidate home page.
SoT. There is only one home page to send the candidate to.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Query Parameters
- relayPageURL: required (string)
A URL that the user will be redirected to.
Example:
https://myapp.com/kh87876
- relayPageLabel: required (string)
A label for the URL that the user will be redirected to, e.g. "Creative Director".
Example:
https://myapp.com/kh87876
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"url": {
"type": "string",
"format": "uri",
"description": "a (probably tenant-specific) url of the landing page for this app"
}
},
"additionalProperties": false
}
Example:
{
"url": "http://acme.myats.com/homePage.html"
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
The ID of the candidate.
Get the ID (database primary key) of ourselves (the currently logged in principal, who must be of principal type 'candidate').
get /candidates/me/id
Get the ID (database primary key) of ourselves (the currently logged in principal, who must be of principal type 'candidate').
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get candidate contact details, in the form described by rfc7095
get /candidates/me/vcard
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get candidate contact details, in the form described by rfc7095
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Response contains candidate contact details, in the form described by rfc7095
Body
Type: application/json
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get metadata about the candidate's resume (size, filename, etc.)
get /candidates/me/resume/meta
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get metadata about the candidate's resume (size, filename, etc.)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "details for a previously uploaded file",
"definitions": {
"via": {
"type": "string",
"description": "the mechanism via which the file was uploaded - either 'device' or the fqdn of a cloud storage platform (e.g. dropbox.com)"
},
"fileName": {
"type": "string"
},
"mediaType": {
"description": "keep in synch with the trait document_asStream",
"enum": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf",
"text/plain",
"image/png",
"image/jpeg",
"image/gif",
"text/html",
"audio/x-mpeg-3",
"video/x-msvideo",
"video/mp4"
]
},
"data": {
"type": "string",
"media": {
"binaryEncoding": "base64"
}
}
},
"type": "object",
"properties": {
"fileName": {
"$ref": "#/definitions/fileName"
},
"via": {
"$ref": "#/definitions/via"
},
"mediaType": {
"$ref": "#/definitions/mediaType"
},
"size": {
"type": "integer"
},
"md5": {
"type": "string",
"description": "hash of the file's binary content"
},
"dateUploaded": {
"type": "string",
"format": "date-time",
"description": "the date and time the file was uploaded"
},
"preSignedUri": {
"type": "string",
"format": "uri",
"description": "pre-signed link as per http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html to access the raw data. Includes file name as the trailing component so that browsers name the download correctly."
}
},
"additionalProperties": false,
"required": [
"fileName",
"size",
"mediaType",
"preSignedUri"
]
}
Example:
{
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get the document as a stream, i.e. binary document, using the appropriate mime type
get /candidates/me/resume/asDocument
get the document as a stream, i.e. binary document, using the appropriate mime type
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/pdf
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Type: application/msword
Type: application/rtf
Type: text/plain
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get an html version of the candidate's resume
get /candidates/me/resume/asHtml
get an html version of the candidate's resume
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
A separate delta ping from the main candidate one, since managing the html version may be done delayed by a downstream app. Probably only useful as non-SoT.
post /candidates/me/resume/asHtml/deltaPings
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get the categories for this candidate
get /candidates/me/categories
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get the categories for this candidate
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"values": {
"type": "array",
"items": {
"type": "integer"
}
},
"categoryActual": {
"type": "object",
"properties": {
"category": {
"type": "integer"
},
"values": {
"$ref": "#/definitions/values"
}
},
"additionalProperties": false,
"required": [
"category",
"values"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/categoryActual"
}
}
Example:
[
{
"category": 10032,
"values": [
10034,
10036
]
},
{
"category": 10055,
"values": [
1085
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Perform a normalized merge of the candidate's category values with the passed in values, and return the result. The candidate is not altered. We use a POST to allow passing a request body.
By normalizing we mean that:
- any folder or leaf must be included (explicitly or implicitly) only once
- the minimum possible number of folders and leaves should be included
e.g. given an example tree like this:
/a
/b
/d
/e
/c
/f
/g
/h
/i
The following are correctly normalized:
/a
/b,/f
/a,/h
The following are not:
/b,/c (since /a would be more minimal)
/a,/b (since /a already implies /b)
/d,/e (since /b would be more minimal)
/f (since /c would be more minimal)
post /candidates/me/categories/merges
Perform a normalized merge of the candidate's category values with the passed in values, and return the result. The candidate is not altered. We use a POST to allow passing a request body.
By normalizing we mean that:
- any folder or leaf must be included (explicitly or implicitly) only once
- the minimum possible number of folders and leaves should be included
e.g. given an example tree like this:
/a
/b
/d
/e
/c
/f
/g
/h
/i
The following are correctly normalized:
/a
/b,/f
/a,/h
The following are not:
/b,/c (since /a would be more minimal)
/a,/b (since /a already implies /b)
/d,/e (since /b would be more minimal)
/f (since /c would be more minimal)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"values": {
"type": "array",
"items": {
"type": "integer"
}
},
"categoryActual": {
"type": "object",
"properties": {
"category": {
"type": "integer"
},
"values": {
"$ref": "#/definitions/values"
}
},
"additionalProperties": false,
"required": [
"category",
"values"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/categoryActual"
}
}
Example:
[
{
"category": 10032,
"values": [
10034,
10036
]
},
{
"category": 10055,
"values": [
1085
]
}
]
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"values": {
"type": "array",
"items": {
"type": "integer"
}
},
"categoryActual": {
"type": "object",
"properties": {
"category": {
"type": "integer"
},
"values": {
"$ref": "#/definitions/values"
}
},
"additionalProperties": false,
"required": [
"category",
"values"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/categoryActual"
}
}
Example:
[
{
"category": 10032,
"values": [
10034,
10036
]
},
{
"category": 10055,
"values": [
1085
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The tracker (if any) that was passed in when this candidate last applied for a job (i.e. a call to POST /candidates was made with a job specified). When a candidate applies for multiple jobs over time, this helps understand what last drew them to the site.
get /candidates/me/latestApplyTracker
The tracker (if any) that was passed in when this candidate last applied for a job (i.e. a call to POST /candidates was made with a job specified). When a candidate applies for multiple jobs over time, this helps understand what last drew them to the site.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
a tracker, as passed in to the edit
get /candidates/me/applications/{application}/source
a tracker, as passed in to the edit
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- application: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get candidate contact details, in the form described by rfc7095
get /candidates/me/social/{network}/candidate
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get candidate contact details, in the form described by rfc7095
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- network: required (string)
HTTP status code 200
Response contains candidate contact details, in the form described by rfc7095
Body
Type: application/json
HTTP status code 404
the requested data was not available from the given social network
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get metadata about the candidate's resume (size, filename, etc.)
get /candidates/me/social/{network}/resume/meta
This API is deprecated in favour of GET /candidates/me and will shortly be removed.
Get metadata about the candidate's resume (size, filename, etc.)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- network: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"description": "details for a previously uploaded file",
"definitions": {
"via": {
"type": "string",
"description": "the mechanism via which the file was uploaded - either 'device' or the fqdn of a cloud storage platform (e.g. dropbox.com)"
},
"fileName": {
"type": "string"
},
"mediaType": {
"description": "keep in synch with the trait document_asStream",
"enum": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf",
"text/plain",
"image/png",
"image/jpeg",
"image/gif",
"text/html",
"audio/x-mpeg-3",
"video/x-msvideo",
"video/mp4"
]
},
"data": {
"type": "string",
"media": {
"binaryEncoding": "base64"
}
}
},
"type": "object",
"properties": {
"fileName": {
"$ref": "#/definitions/fileName"
},
"via": {
"$ref": "#/definitions/via"
},
"mediaType": {
"$ref": "#/definitions/mediaType"
},
"size": {
"type": "integer"
},
"md5": {
"type": "string",
"description": "hash of the file's binary content"
},
"dateUploaded": {
"type": "string",
"format": "date-time",
"description": "the date and time the file was uploaded"
},
"preSignedUri": {
"type": "string",
"format": "uri",
"description": "pre-signed link as per http://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html to access the raw data. Includes file name as the trailing component so that browsers name the download correctly."
}
},
"additionalProperties": false,
"required": [
"fileName",
"size",
"mediaType",
"preSignedUri"
]
}
Example:
{
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509"
}
HTTP status code 404
the requested data was not available from the given social network
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get the document as a stream, i.e. binary document, using the appropriate mime type
get /candidates/me/social/{network}/resume/asDocument
get the document as a stream, i.e. binary document, using the appropriate mime type
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- network: required (string)
HTTP status code 200
Body
Type: application/pdf
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Type: application/msword
Type: application/rtf
Type: text/plain
HTTP status code 404
the requested data was not available from the given social network
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
all application-scoped items held for when a candidate applies to a job
Get values and (in some scenarios) metadata, for all items
get /candidates/me/items/forJob/{job}
Get values and (in some scenarios) metadata, for all items
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- job: required (string)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref": "itemPackageRead.json" }
}
Example:
[
{
"item": {
"type": "file",
"name": "cover letter",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509",
"via": "dropbox.com"
}
},
"meta": {
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
all items held on a candidate
Get values and (in some scenarios) metadata, for all items
get /candidates/byID/{candidate}/items
Get values and (in some scenarios) metadata, for all items
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref": "itemPackageRead.json" }
}
Example:
[
{
"item": {
"type": "file",
"name": "cover letter",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509",
"via": "dropbox.com"
}
},
"meta": {
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get value and (in some scenarios), metadata for a specific item
get /candidates/byID/{candidate}/items/byName/{item}
Get value and (in some scenarios), metadata for a specific item
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
- item: required (string)
Query Parameters
- embedMeta: (boolean)
Pass true to have schema fragments embedded in the response when fetching items.
Less network trips, larger overall message. Defaults to false.
The client might set this to true for first API call, then cache the metas and pass false from then on.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"properties": {
"meta": {
"$ref": "itemMeta.json"
},
"item": {
"$ref": "itemRead.json"
}
},
"additionalProperties": false
}
Example:
{
"item": {
"type": "file",
"name": "cover letter",
"value": {
"fileName": "fredcv.docx",
"size": 3023443,
"mediaType": "application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"dateUploaded": "2015-11-05T13:15:30Z",
"preSignedUri": "https://frodo.com/docs/198714509",
"via": "dropbox.com"
}
},
"meta": {
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Metadata for items held on the candidate
Get metadata for all items
get /candidates/byID/{candidate}/items/itemMetas
Get metadata for all items
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema":"http://json-schema.org/draft-04/schema#",
"type":"array",
"items":{ "$ref": "itemMeta.json" }
}
Example:
[
{
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
},
{
"type": "picklist",
"name": "preferred-transport-10044",
"title": "Preferred transport",
"instructions": "Tell us how you'ld like to get to work",
"nullLabel": "Choose your transport mode",
"minChoices": 1,
"maxChoices": 1,
"presentation": "showOne",
"choices": [
{
"name": "Plane",
"isDefault": false
},
{
"name": "Land",
"isDefault": false,
"choices": [
{
"name": "Car",
"isDefault": false
},
{
"name": "Bike",
"isDefault": false
}
]
}
]
},
{
"type": "section",
"name": "section-header-1033",
"title": "Transport questions",
"subMetas": [
{
"type": "boolean",
"name": "bike-rider-003",
"title": "Bike rider?",
"instructions": "Be honest. But remember, we want healthy employees."
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get metadata for a specific item
get /candidates/byID/{candidate}/items/itemMetas/byName/{item}
Get metadata for a specific item
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
- item: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"definitions": {
"title": {
"type": "string",
"description": "a short, markdown-formatted label for this item, e.g. 'Date of birth'"
},
"subtitle": {
"type": "string"
},
"description": {
"type": "string",
"description": "markdown-formatted description to a person as to what this option is used for if it's not clear from the title"
},
"instructions": {
"type": "string",
"description": "markdown-formatted instructions to a person as to how to complete/interpret this item, if it's not obvious from the title"
},
"footer": {
"type": "string"
},
"elementId": {
"type": "string",
"description": "It will be used as the id attribute of the form element. This will be the values of payloadElements and reRenderElements in the callback object"
},
"callback": {
"type": "object",
"description": "The callback object dictates where the additional info will be taken from and how it should render the form elements on the page",
"properties": {
"apiUri" : {
"type": "string",
"format": "uri",
"description": "the API endpoint to be called"
},
"method" : {
"enum": ["GET","POST"]
},
"formEvent" : {
"enum": ["onChange"]
},
"reRenderWholePage" : {
"type": "boolean",
"description": "If this is set to true, all the elements on the page should be re-rendered"
},
"payloadElements" : {
"type": "array",
"description": "It is only applicable to GET method. The values of the elements should be included in the request",
"items": {
"$ref": "#/definitions/elementId"
}
},
"autoComplete": {
"type": "boolean",
"description": "If this is set to true, this input field will be treated as auto complete field. It only applies to string question type and singleLine format and it only applicable to GET method"
}
},
"additionalProperties": false,
"required": [
"apiUri",
"method"
]
},
"sectionMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"section"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"subMetas": {
"$ref": "itemMetas.json"
}
}
},
"booleanMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"boolean"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"presentation": {
"enum": [
"checkbox",
"select"
],
"description": "a hint as to how the item should be rendered"
},
"nullLabel": {
"type": "string",
"description": "The label that should be used for the 'no selection' choice. When present, implies presentation == select"
},
"defaultValue": {
"type": "boolean",
"description": "defaults to false if not present"
},
"trueLabel": {
"type": "string",
"description": "defaults to 'yes'"
},
"falseLabel": {
"type": "string",
"description": "defaults to 'no'"
},
"mandatory": {
"type": "boolean"
}
}
},
"numberMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"number"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"precision": {
"type": "integer"
},
"scale": {
"type": "integer"
},
"minValue": {
"type": "number"
},
"maxValue": {
"type": "number"
},
"defaultValue": {
"type": "number"
},
"mandatory": {
"type": "boolean"
}
}
},
"stringMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"string"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"format": {
"enum": [
"singleLine",
"multiLine",
"markDown"
],
"description": "what sort of string the item holds"
},
"minLength": {
"type": "integer"
},
"maxLength": {
"type": "integer"
},
"defaultValue": {
"type": "string"
},
"mandatory": {
"type": "boolean"
},
"pattern": {
"type": "string"
},
"hidden": {
"type": "boolean",
"description": "If this is set to true, user wouldn't see this item from UI."
}
}
},
"dateMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"date"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"showTime": {
"type": "boolean",
"description": "whether time component should be shown - entered dates default to midnight if false"
},
"nullLabel": {
"type": "string",
"description": "if present, results in a selectable UI element that equates to no selection"
},
"minDate": {
"type": "string",
"format": "date-time"
},
"maxDate": {
"type": "string",
"format": "date-time"
},
"defaultValue": {
"type": "string",
"format": "date-time"
},
"mandatory": {
"type": "boolean"
}
}
},
"fileMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"file"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"purpose": {
"enum": [
"audio",
"document",
"image",
"video"
]
},
"accept": {
"type": "array",
"description": "the allowable internet media types (mime types) for the resume, e.g. word and pdf files",
"items": {
"$ref": "fileDownload.json#/definitions/mediaType"
}
},
"maxSize": {
"type": "integer",
"description": "maximum file size in bytes"
},
"mandatory": {
"type": "boolean"
}
}
},
"tableMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"table"
]
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"minRows": {
"type": "integer"
},
"maxRows": {
"type": "integer"
},
"columns": {
"$ref": "#/definitions/columns"
}
}
},
"columns": {
"type": "array",
"items": {
"$ref": "#"
},
"description": "a series of itemMetas, each representing a column within the table"
},
"picklistMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"picklist"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"nullLabel": {
"type": "string",
"description": "if present, and presentation == showOne, then a pseudo-choice will be injected"
},
"minChoices": {
"type": "integer"
},
"maxChoices": {
"type": "integer"
},
"presentation": {
"enum": [
"showOne",
"showMulti",
"showAll"
],
"description": "showOne is only usable when maxChoices == 1"
},
"choices": {
"$ref": "#/definitions/picklistChoices"
}
}
},
"picklistChoices": {
"type": "array",
"items": {
"$ref": "#/definitions/picklistChoice"
},
"description": "a bunch of choices that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
},
"picklistChoice": {
"type": "object",
"properties": {
"id": {
"type": "integer",
"description": "an unique id for picklist choice"
},
"title": {
"$ref": "#/definitions/title"
},
"name": {
"type": "string",
"description": "this choice - ideally immutable"
},
"isDefault": {
"type": "boolean",
"description": "will always be compatible with minChoices, maxChoices"
},
"choices": {
"$ref": "#/definitions/picklistChoices"
}
}
},
"cascadeMeta": {
"type": "object",
"properties": {
"type": {
"enum": [
"cascade"
]
},
"elementId": {
"$ref": "#/definitions/elementId"
},
"callback": {
"$ref": "#/definitions/callback"
},
"name": {
"$ref": "itemRead.json#/definitions/name"
},
"title": {
"$ref": "#/definitions/title"
},
"instructions": {
"$ref": "#/definitions/instructions"
},
"nullLabel": {
"type": "string",
"description": "if present, and presentation == showOne, then a pseudo-choice will be injected"
},
"minChoices": {
"type": "integer"
},
"maxChoices": {
"type": "integer"
},
"presentation": {
"enum": [
"showOne",
"showAll",
"showCards"
],
"description": "showOne is only usable when maxChoices == 1. If it's showCards, maxChoices must be 1 and it will display all options as card components."
},
"choices": {
"$ref": "#/definitions/cascadeChoices"
}
}
},
"cascadeChoices": {
"type": "array",
"items": {
"$ref": "#/definitions/cascadeChoice"
},
"description": "a bunch of items that are 'unlocked' due to the user selecting their enclosing choice within the picklist"
},
"cascadeChoice": {
"type": "object",
"properties": {
"name": {
"type": "string",
"description": "this choice - ideally immutable"
},
"title": {
"$ref": "#/definitions/title"
},
"subtitle": {
"$ref": "#/definitions/subtitle",
"description": "It's only usable when presentation of cascade item is showCards"
},
"description": {
"$ref": "#/definitions/description",
"description": "It's only usable when presentation of cascade item is showCards"
},
"footer": {
"$ref": "#/definitions/footer",
"description": "It's only usable when presentation of cascade item is showCards"
},
"level": {
"type": "number",
"description": "defines the colour of the card components when the presentation of cascade item is showCards. Starts at zero."
},
"isDisabled": {
"type": "boolean",
"description": "will disable this cascade choice on the UI"
},
"isDefault": {
"type": "boolean",
"description": "will always be compatible with minChoices, maxChoices"
},
"subItems": {
"type": "array",
"items": {
"$ref": "#"
},
"description": "items unlocked based on a choice"
}
}
}
},
"type": "object",
"oneOf": [
{
"$ref": "#/definitions/sectionMeta"
},
{
"$ref": "#/definitions/booleanMeta"
},
{
"$ref": "#/definitions/numberMeta"
},
{
"$ref": "#/definitions/stringMeta"
},
{
"$ref": "#/definitions/dateMeta"
},
{
"$ref": "#/definitions/fileMeta"
},
{
"$ref": "#/definitions/picklistMeta"
},
{
"$ref": "#/definitions/cascadeMeta"
},
{
"$ref": "#/definitions/tableMeta"
}
]
}
Example:
{
"type": "file",
"name": "cover-letter-1002",
"title": "Cover letter",
"instructions": "Please upload a cover letter.",
"purpose": "document",
"accept": [
"application/pdf",
"application/vnd.openxmlformats-officedocument.wordprocessingml.document",
"application/msword",
"application/rtf"
],
"maxSize": 1000000
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get the document as a stream, i.e. binary document, using the appropriate mime type
get /candidates/byID/{candidate}/resume/asDocument
get the document as a stream, i.e. binary document, using the appropriate mime type
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
HTTP status code 200
Body
Type: application/pdf
Type: application/vnd.openxmlformats-officedocument.wordprocessingml.document
Type: application/msword
Type: application/rtf
Type: text/plain
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get the candidate's stars against a specific job, perhaps inherited from the jobs's master or some talent pool
get /candidates/byID/{candidate}/stars/forJobs/{job}
Get the candidate's stars against a specific job, perhaps inherited from the jobs's master or some talent pool
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
- job: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The main ping for any changes to a candidate, other than the html resume, which has its own delta ping. Only produced as non-SoT.
post /candidates/byID/{candidate}/deltaPings
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- candidate: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Search candidates, returning recruiter-facing details. The method is a POST solely because the size and number of parameters might get too large for a GET. withResume - if present, only return candidates with (if true) or without (if false) an attached resume
post /candidates/recruiterFaces/searches
Search candidates, returning recruiter-facing details. The method is a POST solely because the size and number of parameters might get too large for a GET. withResume - if present, only return candidates with (if true) or without (if false) an attached resume
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"candidate": {
"type":"object",
"properties": {
"id": {
"type": "integer"
}
},
"required": [ "id" ]
}
},
"type": "array",
"items": { "$ref": "#/definitions/candidate" },
"additionalProperties": false
}
Example:
[
{ "id": 1 },
{ "id": 2 },
{ "id": 3 },
{ "id": 4 }
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Return recruiter-facing details for a specific candidate. e.g do not contact flag
get /candidates/recruiterFaces/{id}
Return recruiter-facing details for a specific candidate. e.g do not contact flag
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- id: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/careerSites
Career sites are web portals showing jobs that exist inside the tenant, as opposed to job boards, which live outside the tenant.
A rollup of the details of all careers sites produced by all apps. SoT.
get /careerSites
A rollup of the details of all careers sites produced by all apps. SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"careerSitesForApp": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "the app that is hosting these career sites"
},
"careerSites": {
"$ref": "careerSites.json"
}
},
"additionalProperties": false,
"required": [
"app",
"careerSites"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/careerSitesForApp"
},
"description": "An array of career sites rolled up across all producing apps"
}
Example:
[
{
"app": "superboard",
"careerSites": [
{
"id": 12,
"label": "Graduate site",
"homePage": "http://example.com"
}
]
},
{
"app": "snailboard",
"careerSites": [
{
"id": 12,
"label": "November campaign microsite",
"homePage": "http://example.com"
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Descriptions of one or more careers sites hosted by a specific app. Non-SoT.
get /careerSites/forApp
Descriptions of one or more careers sites hosted by a specific app. Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": {
"$ref": "careerSite.json"
}
}
Example:
[
{
"id": 12,
"label": "Graduate site",
"homePage": "http://example.com"
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Convenience API to generate links to a set of jobs at a given career site.
Non-SoT.
get /careerSites/forApp/byID/{site}/jobLinks
Convenience API to generate links to a set of jobs at a given career site.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- site: required (string)
Query Parameters
- tracker: (integer)
The ID of a tracker
Example:
1003423
- jobs: (integer)
If present, a set of IDs (up to a max of 100) of the jobs that should be included.
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "array",
"items": {
"$ref": "jobLink.json"
}
}
Example:
[
{ "job": 1024, "link": "https://superjobs.com/job1024/Creative-Director" },
{ "job": 98002, "link": "https://superjobs.com/job98002/Senior-Project-Leader" }
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is deprecated in favour of GET /careerSites/forApp/byID/{site}/jobLinks and will shortly be removed.
Convenience API to generate a link to a specific job at a given career site.
Non-SoT.
get /careerSites/forApp/byID/{site}/jobLink/{job}
This API is deprecated in favour of GET /careerSites/forApp/byID/{site}/jobLinks and will shortly be removed.
Convenience API to generate a link to a specific job at a given career site.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- site: required (string)
- job: required (string)
Query Parameters
- tracker: (integer)
The ID of a tracker
Example:
1003423
HTTP status code 200
Body
Type: text/plain
Example:
https://acme.bigboard.com/jobs/10032-Creative-Director-looking-for-next-challenge
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
This API is used to generate a link to a page of search results (e.g. all Finance jobs) on a career site.
See the description of e.g. GET /jobs/all for details of search parameters and pagination techniques.
get /careerSites/forApp/byID/{site}/jobSearchLink
This API is used to generate a link to a page of search results (e.g. all Finance jobs) on a career site.
See the description of e.g. GET /jobs/all for details of search parameters and pagination techniques.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- site: required (string)
Query Parameters
- categories: (string)
the categories that jobs must have, expressed as a singly url encoded string conforming to categoriesActual.json.
Example:
%5B%7B%22category%22%3A%20100001999%2C%20%22values%22%3A%20%5B100115543%2C100115516%5D%7D%5D
- keywords: (string)
keywords that the jobs must have, expressed as a singly url encoded string
Example:
java%20architect
- ltPublishDate: (date)
a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date earlier than this will be returned.
Example:
2015-11-05T13:15:30Z
- gtPublishDate: (date)
a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.
Example:
2015-11-05T13:15:30Z
- gtInternalPublishDate: (date)
a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.
Example:
2015-11-05T13:15:30Z
- gtExternalPublishDate: (date)
a date, in ISO 8601 format, used to filter jobs (must not be combined with any other date filters). Only jobs with a date greater than this will be returned.
Example:
2015-11-05T13:15:30Z
- ltID: (number)
if present, only include jobs with id < this value
Example:
1001
- gtID: (number)
if present, only include jobs with id > this value
Example:
1001
- limit: (number - default: 100)
if present, return a maximum of this many jobs. Maximum of 100.
Example:
40
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get details for whichever career site which has been marked as the primary by the tenant. SoT.
The response is the same as for GET /careerSites, except that only the board which has been marked as the primary is included in the results.
get /careerSites/primary
Get details for whichever career site which has been marked as the primary by the tenant. SoT.
The response is the same as for GET /careerSites, except that only the board which has been marked as the primary is included in the results.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"definitions": {
"careerSitesForApp": {
"type": "object",
"properties": {
"app": {
"type": "string",
"description": "the app that is hosting these career sites"
},
"careerSites": {
"$ref": "careerSites.json"
}
},
"additionalProperties": false,
"required": [
"app",
"careerSites"
]
}
},
"type": "array",
"items": {
"$ref": "#/definitions/careerSitesForApp"
},
"description": "An array of career sites rolled up across all producing apps"
}
Example:
[
{
"app": "superboard",
"careerSites": [
{
"id": 12,
"label": "Graduate site",
"homePage": "http://example.com"
}
]
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
/categories
Tenant-defined hierarchical structures used in talent management to categorize job openings, candidates and others. Includes details of inactivated nodes.
Fetch list of categories
Create a single category (without any values)
get /categories
Fetch list of categories
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "category.json"
}
}
Example:
[
{
"id": 10022,
"name": "Classification",
"jobRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"mandatory": true
},
"candidateRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"message": "Please choose carefully",
"mandatory": true
}
},
{
"id": 10032,
"key": "LOCATION",
"name": "Location",
"jobRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"mandatory": true
},
"candidateRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"message": "Please choose carefully",
"mandatory": true
}
},
{
"id": 10034,
"name": "Nursing specialization",
"jobRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"mandatory": true
},
"candidateRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"message": "Please choose carefully",
"mandatory": true
}
}
]
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
post /categories
Create a single category (without any values)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "details of a a single category, identified by id or key (if a well-known category)",
"definitions": {
"rules": {
"type": "object",
"properties": {
"canMultiSelect": {
"type": "boolean",
"description": "true if an object can have multiple values for this category"
},
"leafSelectionOnly": {
"type": "boolean",
"description": "true if an object can have only leaf selections for this category"
},
"mandatory": {
"description": "whether a value for the category is mandatory",
"type": "boolean"
},
"message": {
"type": "string",
"description": "a message to help the candidate/user when entering values for the category - e.g. 'tell us the top 4 stores you really want to work at'"
}
},
"additionalProperties": false,
"required": [
"mandatory",
"canMultiSelect",
"leafSelectionOnly"
]
}
},
"properties": {
"id": {
"type": "integer"
},
"key": {
"enum": [
"LOCATION"
],
"description": "used to identify categories that are well-known, i.e. agreed on by all apps. User-defined categories don't have a key"
},
"name": {
"type": "string",
"description": "the user visible name for this category"
},
"code": {
"type": "string",
"description": "a code for this category"
},
"candidateRules": {
"$ref": "#/definitions/rules"
},
"jobRules": {
"$ref": "#/definitions/rules"
},
"values": {
"$ref": "categoryValues.json"
}
},
"additionalProperties": false,
"required": [
"id",
"name",
"jobRules",
"candidateRules"
]
}
Example:
{
"id": 10032,
"key": "LOCATION",
"name": "Location",
"jobRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"mandatory": true
},
"candidateRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"message": "Please choose carefully",
"mandatory": true
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
The main ping for any changes to the categories. Useful e.g. to replicate categories into a database without polling.
Non-SoT.
post /categories/deltaPings
The main ping for any changes to the categories. Useful e.g. to replicate categories into a database without polling.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
category ID
Update a single category, not including its values
Delete a category, along with all of its values
post /categories/byID/{category}
Update a single category, not including its values
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "object",
"description": "details of a a single category, identified by id or key (if a well-known category)",
"definitions": {
"rules": {
"type": "object",
"properties": {
"canMultiSelect": {
"type": "boolean",
"description": "true if an object can have multiple values for this category"
},
"leafSelectionOnly": {
"type": "boolean",
"description": "true if an object can have only leaf selections for this category"
},
"mandatory": {
"description": "whether a value for the category is mandatory",
"type": "boolean"
},
"message": {
"type": "string",
"description": "a message to help the candidate/user when entering values for the category - e.g. 'tell us the top 4 stores you really want to work at'"
}
},
"additionalProperties": false,
"required": [
"mandatory",
"canMultiSelect",
"leafSelectionOnly"
]
}
},
"properties": {
"id": {
"type": "integer"
},
"key": {
"enum": [
"LOCATION"
],
"description": "used to identify categories that are well-known, i.e. agreed on by all apps. User-defined categories don't have a key"
},
"name": {
"type": "string",
"description": "the user visible name for this category"
},
"code": {
"type": "string",
"description": "a code for this category"
},
"candidateRules": {
"$ref": "#/definitions/rules"
},
"jobRules": {
"$ref": "#/definitions/rules"
},
"values": {
"$ref": "categoryValues.json"
}
},
"additionalProperties": false,
"required": [
"id",
"name",
"jobRules",
"candidateRules"
]
}
Example:
{
"id": 10032,
"key": "LOCATION",
"name": "Location",
"jobRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"mandatory": true
},
"candidateRules": {
"canMultiSelect": true,
"leafSelectionOnly": false,
"message": "Please choose carefully",
"mandatory": true
}
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
delete /categories/byID/{category}
Delete a category, along with all of its values
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Sent to alert any listening apps that a change has been made to this category or one or more of its values. The listeners then know to call GET /categories, GET /categories/byID/{}/values to get the latest data.
post /categories/byID/{category}/deltaPings
Sent to alert any listening apps that a change has been made to this category or one or more of its values. The listeners then know to call GET /categories, GET /categories/byID/{}/values to get the latest data.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Get root values and the hierarchy of values beneath. Only available nodes are returned.
Create or update a single category value. The category value must not contain the values element.
Data integrity rules for category values
400 must be thrown if the consumer violates any of these:
- No parent child loops can exist (e.g. setting the parent of a node to one of its own grandchildren would not be allowed)
- Inactive values must always be at the root (no parent), and cannot have children (i.e. they must not be in a hierarchy)
- The remappedTo field can only be set (non-null) at the same time a node is inactivated.
- At the time that remappedTo is set, it must refer to an active node.
- External ID (unless null) must be unique among all values in a single category (active or not), immutable and never reused.
When a node is inactivated, all apps must remove all references to it. e.g. when the tenant inactivates (deffectively deletes) the IT node, a careers site app would unhook and maybe delete its IT testimonials.
Example operations
This test data is used throughout.
[
{
"id": 10034,
"externalID": "a100",
"parent": null,
"name": "Wellington",
"available": false
},
{
"id": 10032,
"externalID": "a101",
"parent": null,
"name": "Auckland",
"available": true,
"values": [
{
"id": 10036,
"externalID": "a104",
"parent": 10032,
"name": "North Shore",
"available": true,
"values": [
{
"id": 10037,
"externalID": "a105",
"parent": 10036,
"name": "Takapuna",
"available": true
}
]
}
]
}
]
The request body for the atomic API (POST /categories/byID/{}/values) must only pass a single node.
This is a valid request to POST /categories/byID/{}/values, and will change the name as well as reparenting the node:
{
"id": 10037,
"parent": 10032,
"name": "Takapuna/Milford"
}
Create vs update
The POST operation can create nodes, or can update them as identified by id or external id. There is no delete (just updating the available flag to false).
This request will create a new root node, also named Takapuna:
{
"name": "Takapuna"
}
This will create a new node called Albany, also under the North Shore parent:
{
"name": "Albany",
"parent": 10036
}
id and external id
If id is present, then an exactly matching node must exist. If the request also includes external id, that must match too.
Either of these are a valid request to update the name of the Takapuna node:
POST /categories/byID/{}/values
{
"id": 10037,
"name": "Takapuna/Milford"
}
{
"id": 10037,
"externalID": "a105",
"name": "Takapuna/Milford"
}
This would give an error, since external id does not match.
{
"id": 10037,
"externalID": "a106",
"name": "Takapuna/Milford"
}
If only external id is present, then if that matches an existing node, that will be an update, otherwise it will be a create.
e.g. this is a valid request to update the name of the Takapuna node.
{
"externalID": "a105",
"name": "Takapuna/Milford"
}
This will create a new node named Takapuna (since there is no existing node a1055).
{
"externalID": "a1055",
"name": "Takapuna/Milford"
}
Available flag
The available flag indicates whether a node can be used going forward - e.g. setting a node to unavailable will prevent it being used for new jobs. However old jobs may still use the category value, even if it is unavailable (see remapping).
By default, available is set to true for new nodes, e.g. this request will create a new, available root node:
{
"name": "Singapore"
}
Remapping nodes
When a node is made unavailable, it can be remapped at the same time. This is a hint to apps that anything attached to that node (e.g. jobs) should be transferred across to the remap node.
For example, this request retires the Takapuna location, and will cause Takapuna jobs to be transferred to North Shore:
{
"id": 10037,
"available": false,
"remappedTo": 1036
}
The remappedTo field can only be set at the same time as the node itself is made unavailable (i.e. in the same request).
Race conditions
Wen doing a rapid series of atomic operations on category values, e.g. test scripts, apps should think carefully about race conditions in downstream apps that are replicating the category.
For example, your app:
- makes node 100 unavailable, and at the same time remaps it to node 102
- a downstream app learns about this via POST /categories/byID/{}/values/byID/{}/deltaPings
- the downstream app starts transferring its attached objects from 100 to 102
- in the meantime, your app has already made 102 inactive and remapped to e.g. 103.
get /categories/byID/{category}/values
Get root values and the hierarchy of values beneath. Only available nodes are returned.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"type": "array",
"items": {
"$ref": "categoryValue.json"
}
}
Example:
[
{
"id": 10034,
"name": "Wellington",
"available": true
},
{
"id": 10032,
"name": "Auckland",
"available": true,
"values": [
{
"id": 10036,
"name": "North Shore",
"available": true,
"values": [
{
"id": 10037,
"name": "Takapuna",
"available": true
}
]
}
]
}
]
HTTP status code 400
The consumer made a bad request. See response in RFC 7807 format for more details.
Body
Type: application/problem+json
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
post /categories/byID/{category}/values
Create or update a single category value. The category value must not contain the values element.
Data integrity rules for category values
400 must be thrown if the consumer violates any of these:
- No parent child loops can exist (e.g. setting the parent of a node to one of its own grandchildren would not be allowed)
- Inactive values must always be at the root (no parent), and cannot have children (i.e. they must not be in a hierarchy)
- The remappedTo field can only be set (non-null) at the same time a node is inactivated.
- At the time that remappedTo is set, it must refer to an active node.
- External ID (unless null) must be unique among all values in a single category (active or not), immutable and never reused.
When a node is inactivated, all apps must remove all references to it. e.g. when the tenant inactivates (deffectively deletes) the IT node, a careers site app would unhook and maybe delete its IT testimonials.
Example operations
This test data is used throughout.
[
{
"id": 10034,
"externalID": "a100",
"parent": null,
"name": "Wellington",
"available": false
},
{
"id": 10032,
"externalID": "a101",
"parent": null,
"name": "Auckland",
"available": true,
"values": [
{
"id": 10036,
"externalID": "a104",
"parent": 10032,
"name": "North Shore",
"available": true,
"values": [
{
"id": 10037,
"externalID": "a105",
"parent": 10036,
"name": "Takapuna",
"available": true
}
]
}
]
}
]
The request body for the atomic API (POST /categories/byID/{}/values) must only pass a single node.
This is a valid request to POST /categories/byID/{}/values, and will change the name as well as reparenting the node:
{
"id": 10037,
"parent": 10032,
"name": "Takapuna/Milford"
}
Create vs update
The POST operation can create nodes, or can update them as identified by id or external id. There is no delete (just updating the available flag to false).
This request will create a new root node, also named Takapuna:
{
"name": "Takapuna"
}
This will create a new node called Albany, also under the North Shore parent:
{
"name": "Albany",
"parent": 10036
}
id and external id
If id is present, then an exactly matching node must exist. If the request also includes external id, that must match too.
Either of these are a valid request to update the name of the Takapuna node:
POST /categories/byID/{}/values
{
"id": 10037,
"name": "Takapuna/Milford"
}
{
"id": 10037,
"externalID": "a105",
"name": "Takapuna/Milford"
}
This would give an error, since external id does not match.
{
"id": 10037,
"externalID": "a106",
"name": "Takapuna/Milford"
}
If only external id is present, then if that matches an existing node, that will be an update, otherwise it will be a create.
e.g. this is a valid request to update the name of the Takapuna node.
{
"externalID": "a105",
"name": "Takapuna/Milford"
}
This will create a new node named Takapuna (since there is no existing node a1055).
{
"externalID": "a1055",
"name": "Takapuna/Milford"
}
Available flag
The available flag indicates whether a node can be used going forward - e.g. setting a node to unavailable will prevent it being used for new jobs. However old jobs may still use the category value, even if it is unavailable (see remapping).
By default, available is set to true for new nodes, e.g. this request will create a new, available root node:
{
"name": "Singapore"
}
Remapping nodes
When a node is made unavailable, it can be remapped at the same time. This is a hint to apps that anything attached to that node (e.g. jobs) should be transferred across to the remap node.
For example, this request retires the Takapuna location, and will cause Takapuna jobs to be transferred to North Shore:
{
"id": 10037,
"available": false,
"remappedTo": 1036
}
The remappedTo field can only be set at the same time as the node itself is made unavailable (i.e. in the same request).
Race conditions
Wen doing a rapid series of atomic operations on category values, e.g. test scripts, apps should think carefully about race conditions in downstream apps that are replicating the category.
For example, your app:
- makes node 100 unavailable, and at the same time remaps it to node 102
- a downstream app learns about this via POST /categories/byID/{}/values/byID/{}/deltaPings
- the downstream app starts transferring its attached objects from 100 to 102
- in the meantime, your app has already made 102 inactive and remapped to e.g. 103.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"sequence": {
"type": "number",
"description": "the sequence of this node (i.e. its order within its siblings)"
},
"location": {
"type": "object",
"description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
"properties": {
"lat": {
"type": "number",
"description": "latitude of this location"
},
"lng": {
"type": "number",
"description": "longitude of this location"
},
"country": {
"description": "country, in ISO 3166-1 alpha-2 form",
"enum": [
"AC",
"AD",
"AE",
"AF",
"AG",
"AI",
"AL",
"AM",
"AN",
"AO",
"AQ",
"AR",
"AS",
"AT",
"AU",
"AW",
"AX",
"AZ",
"BA",
"BB",
"BD",
"BE",
"BF",
"BG",
"BH",
"BI",
"BJ",
"BM",
"BN",
"BO",
"BR",
"BS",
"BT",
"BV",
"BW",
"BY",
"BZ",
"CA",
"CC",
"CD",
"CF",
"CG",
"CH",
"CI",
"CK",
"CL",
"CM",
"CN",
"CO",
"CR",
"CU",
"CV",
"CX",
"CY",
"CZ",
"DE",
"DJ",
"DK",
"DM",
"DO",
"DZ",
"EC",
"EE",
"EG",
"ER",
"ES",
"ET",
"FI",
"FJ",
"FK",
"FM",
"FO",
"FR",
"GA",
"GB",
"GD",
"GE",
"GF",
"GG",
"GH",
"GI",
"GL",
"GM",
"GN",
"GP",
"GQ",
"GR",
"GS",
"GT",
"GU",
"GW",
"GY",
"HK",
"HM",
"HN",
"HR",
"HT",
"HU",
"ID",
"IE",
"IL",
"IM",
"IN",
"IO",
"IQ",
"IR",
"IS",
"IT",
"JE",
"JM",
"JO",
"JP",
"KE",
"KG",
"KH",
"KI",
"KM",
"KN",
"KP",
"KR",
"KW",
"KY",
"KZ",
"LA",
"LB",
"LC",
"LI",
"LK",
"LR",
"LS",
"LT",
"LU",
"LV",
"LY",
"MA",
"MC",
"MD",
"ME",
"MG",
"MH",
"MK",
"ML",
"MM",
"MN",
"MO",
"MP",
"MQ",
"MR",
"MS",
"MT",
"MU",
"MV",
"MW",
"MX",
"MY",
"MZ",
"NA",
"NC",
"NE",
"NF",
"NG",
"NI",
"NL",
"NO",
"NP",
"NR",
"NU",
"NZ",
"OM",
"PA",
"PE",
"PF",
"PG",
"PH",
"PK",
"PL",
"PM",
"PN",
"PR",
"PT",
"PW",
"PY",
"QA",
"RE",
"RO",
"RS",
"RU",
"RW",
"SA",
"SB",
"SC",
"SD",
"SE",
"SG",
"SH",
"SI",
"SJ",
"SK",
"SL",
"SM",
"SN",
"SO",
"SR",
"ST",
"SV",
"SY",
"SZ",
"TA",
"TC",
"TD",
"TF",
"TG",
"TH",
"TJ",
"TK",
"TL",
"TM",
"TN",
"TO",
"TR",
"TT",
"TV",
"TW",
"TZ",
"UA",
"UG",
"UM",
"US",
"UY",
"UZ",
"VA",
"VC",
"VE",
"VG",
"VI",
"VN",
"VU",
"WF",
"WS",
"YE",
"YT",
"ZA",
"ZM",
"ZW"
]
}
},
"required": [
"lat",
"lng"
]
},
"externalId": {
"type": "string",
"description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
},
"parent": {
"type": "integer",
"description": "The id of the value which is this node's parent (hierarchical structure)"
},
"remappedTo": {
"type": "integer",
"description": "The id of the value which took over from this node, when this node was permanently inactivated"
}
},
"type": "object",
"description": "details of a single category value",
"properties": {
"id": {
"type": "integer"
},
"available": {
"type": "boolean",
"description": "whether this node can be selected (i.e. is not disabled)"
},
"name": {
"type": "string",
"description": "the user visible name for this category value"
},
"code": {
"type": "string",
"description": "a code for this category value"
},
"externalId": {
"$ref": "#/definitions/externalId"
},
"sequence": {
"$ref": "#/definitions/sequence"
},
"parent": {
"$ref": "#/definitions/parent"
},
"remappedTo": {
"$ref": "#/definitions/remappedTo"
},
"location": {
"$ref": "#/definitions/location"
},
"values": {
"type": "array",
"items": {
"$ref": "#"
}
}
},
"additionalProperties": false
}
Example:
{
"id": 10034,
"name": "Wellington",
"available": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get unavailable and remapped nodes, using a cursor model
get /categories/byID/{category}/values/remapped
get unavailable and remapped nodes, using a cursor model
URI Parameters
- category: required (string)
Used to bulk upload or update all values for a single category for the tenant in one long-running operation.
This API could be used to upload categories from an HRMS into an ATS.
The data from each category in the request is applied using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396).
The app producing the API should do something like this;
- build up a "mapping table" that stores mappings from incoming nodes in the request to existing nodes (active or inactive) in the producer's database
- if the request node has neither id nor external id then no mapping
- if the request node has id, then map to the existing node with the same id (404 if not found)
- if the request node also has external id
- if the mapped node in the database has null external id, its external id will be updated
- if the mapped node in the database has a different external id, throw a 400 error
- if the request node also has external id
- if the request node has only external id
- if an existing node in the database has same external id, map to that, else no mapping
- in all cases, a node can only be mapped once, otherwise 400 error
- now that mapping is complete, producer can do the CRUD work
- any unmapped nodes in the request will be created
- any mapped nodes where the database node is inactive will be made active
- any mapped nodes in the database will be updated as required (e.g. to have new details, parent)
- any unmapped and active nodes in the database will be inactivated
The producer's behaviour need not be atomic - the call might fail after only partially processing the values, leaving partial changes applied. In this case the upload could be re-run once the problem was resolved.
SoT.
post /categories/byID/{category}/values/uploads
Used to bulk upload or update all values for a single category for the tenant in one long-running operation.
This API could be used to upload categories from an HRMS into an ATS.
The data from each category in the request is applied using JSON Merge Patch semantics (https://tools.ietf.org/html/rfc7396).
The app producing the API should do something like this;
- build up a "mapping table" that stores mappings from incoming nodes in the request to existing nodes (active or inactive) in the producer's database
- if the request node has neither id nor external id then no mapping
- if the request node has id, then map to the existing node with the same id (404 if not found)
- if the request node also has external id
- if the mapped node in the database has null external id, its external id will be updated
- if the mapped node in the database has a different external id, throw a 400 error
- if the request node also has external id
- if the request node has only external id
- if an existing node in the database has same external id, map to that, else no mapping
- in all cases, a node can only be mapped once, otherwise 400 error
- now that mapping is complete, producer can do the CRUD work
- any unmapped nodes in the request will be created
- any mapped nodes where the database node is inactive will be made active
- any mapped nodes in the database will be updated as required (e.g. to have new details, parent)
- any unmapped and active nodes in the database will be inactivated
The producer's behaviour need not be atomic - the call might fail after only partially processing the values, leaving partial changes applied. In this case the upload could be re-run once the problem was resolved.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "object",
"properties": {
"testFlag": {
"type": "boolean",
"description": "true if this set is to be applied as a dry run - i.e. no changes should be made to the category values at the target"
},
"categoryValues": {
"$ref": "categoryValues.json"
}
},
"required": [
"testFlag",
"categoryValues"
],
"additionalProperties": false
}
Example:
{
"testFlag": false,
"categoryValues": [
{
"id": 100042894,
"name": "Austrailia",
"available": true,
"values": [
{
"id": 100114678,
"name": "Northern Territory",
"available": true
},
{
"id": 100114675,
"name": "Darwin",
"available": true
},
{
"id": 100114648,
"name": "Melbourne",
"available": true,
"location": {
"lat": -2323442334,
"lng": -544387985,
"country": "AU"
}
},
{
"id": 100114663,
"name": "Perth",
"available": true
},
{
"id": 100114660,
"name": "Queensland",
"available": true
},
{
"id": 100114645,
"name": "NSW",
"available": true
},
{
"id": 100114669,
"name": "Adelaide",
"available": true
},
{
"id": 100114642,
"name": "Sydney",
"available": true
},
{
"id": 100114657,
"name": "Gold Coast",
"available": true
},
{
"id": 100114672,
"name": "Hobart",
"available": true
},
{
"id": 100114666,
"name": "Western Australia",
"available": true
},
{
"id": 100114654,
"name": "Brisbane",
"available": true
},
{
"id": 100114651,
"name": "VIC",
"available": true
}
]
},
{
"id": 100114808,
"name": "Other",
"available": true
},
{
"id": 100042788,
"name": "New Zealand",
"available": true,
"values": [
{
"id": 100114478,
"name": "Christchurch",
"available": true
},
{
"id": 100114457,
"name": "Wellington",
"available": true
},
{
"id": 100114445,
"name": "Rotorua",
"available": true
},
{
"id": 100114427,
"name": "Auckland",
"available": true
},
{
"id": 100114469,
"name": "Nelson",
"available": true
},
{
"id": 100114466,
"name": "Invercargill",
"available": true
},
{
"id": 100114448,
"name": "Tauranga",
"available": true
},
{
"id": 100114460,
"name": "Blenheim",
"available": true
},
{
"id": 100114451,
"name": "Wanganui",
"available": true
},
{
"id": 100114433,
"name": "Gisborne",
"available": true
},
{
"id": 100114454,
"name": "Whangarei",
"available": true
},
{
"id": 100114463,
"name": "Dunedin",
"available": true
},
{
"id": 100114472,
"name": "Timaru",
"available": true
},
{
"id": 100114436,
"name": "Hamilton",
"available": true
},
{
"id": 100114475,
"name": "Queenstown",
"available": true
},
{
"id": 100114430,
"name": "Palmerston North",
"available": true
},
{
"id": 100114439,
"name": "Napier- Hastings",
"available": true
},
{
"id": 100114442,
"name": "New Plymouth",
"available": true
}
]
}
]
}
HTTP status code 201
the launch was successful, and the upload is underway
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "object",
"description": "the status of a previously launched upload",
"definitions": {
"failureDetail": {
"type": "object",
"description": "details of why a single object failed the crud operation (create or whatever)",
"properties": {
"code": {
"type": "string",
"description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
},
"message": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"code",
"message"
]
},
"crudOutcome": {
"type": "object",
"properties": {
"operation": {
"enum": [
"Created",
"Updated",
"Closed"
]
},
"succeeded": {
"type": "integer",
"description": "how many objects in the set have so far been successfully [operation]"
},
"failed": {
"type": "integer",
"description": "how many objects in the set have so far been unsuccessfully [operation]"
},
"failureDetails": {
"type": "array",
"items": {
"$ref": "#/definitions/failureDetail"
}
}
},
"additionalProperties": false,
"required": [
"operation",
"succeeded",
"failed"
]
},
"crudOutcomes": {
"type": "array",
"items": {
"$ref": "#/definitions/crudOutcome"
}
}
},
"properties": {
"id": {
"description": "id of the upload operation",
"type": "integer"
},
"started": {
"type": "string",
"format": "date-time"
},
"status": {
"enum": [
"Queued",
"Underway",
"Complete",
"Error"
]
},
"results": {
"$ref": "#/definitions/crudOutcomes"
}
},
"required": [
"id",
"started",
"status",
"results"
],
"additionalProperties": false
}
Example:
{
"id": 8754598,
"started": "2015-11-05T13:15:30Z",
"status": "Underway",
"results": [
{
"operation": "Created",
"succeeded": 1,
"failed": 1,
"failureDetails": [
{
"code": "AZDH55",
"message": "missing value for location"
}
]
},
{
"operation": "Updated",
"succeeded": 0,
"failed": 0
},
{
"operation": "Closed",
"succeeded": 0,
"failed": 0
}
]
}
HTTP status code 409
Conflict - the producer has an existing, incomplete upload operation for this tenant - See response in RFC 7807 format for more details.
Body
Type: application/problem+json
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
the ID of a previously launched category values bulk upload
Get the status of a previously started upload operation. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.
SoT.
get /categories/byID/{category}/values/uploads/byID/{uploadID}
Get the status of a previously started upload operation. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.
SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- uploadID: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "object",
"description": "the status of a previously launched upload",
"definitions": {
"failureDetail": {
"type": "object",
"description": "details of why a single object failed the crud operation (create or whatever)",
"properties": {
"code": {
"type": "string",
"description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
},
"message": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"code",
"message"
]
},
"crudOutcome": {
"type": "object",
"properties": {
"operation": {
"enum": [
"Created",
"Updated",
"Closed"
]
},
"succeeded": {
"type": "integer",
"description": "how many objects in the set have so far been successfully [operation]"
},
"failed": {
"type": "integer",
"description": "how many objects in the set have so far been unsuccessfully [operation]"
},
"failureDetails": {
"type": "array",
"items": {
"$ref": "#/definitions/failureDetail"
}
}
},
"additionalProperties": false,
"required": [
"operation",
"succeeded",
"failed"
]
},
"crudOutcomes": {
"type": "array",
"items": {
"$ref": "#/definitions/crudOutcome"
}
}
},
"properties": {
"id": {
"description": "id of the upload operation",
"type": "integer"
},
"started": {
"type": "string",
"format": "date-time"
},
"status": {
"enum": [
"Queued",
"Underway",
"Complete",
"Error"
]
},
"results": {
"$ref": "#/definitions/crudOutcomes"
}
},
"required": [
"id",
"started",
"status",
"results"
],
"additionalProperties": false
}
Example:
{
"id": 8754598,
"started": "2015-11-05T13:15:30Z",
"status": "Underway",
"results": [
{
"operation": "Created",
"succeeded": 1,
"failed": 1,
"failureDetails": [
{
"code": "AZDH55",
"message": "missing value for location"
}
]
},
{
"operation": "Updated",
"succeeded": 0,
"failed": 0
},
{
"operation": "Closed",
"succeeded": 0,
"failed": 0
}
]
}
HTTP status code 404
No launch with the ID is available. Perhaps it has been garbage collected.
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Alert listeners that a previously started upload operation has completed. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.
Non-SoT.
post /categories/byID/{category}/values/uploads/byID/{uploadID}/deltaPings
Alert listeners that a previously started upload operation has completed. Normally the producer should keep results around for some time (i.e. weeks/months) after the upload has completed.
Non-SoT.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- uploadID: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "object",
"description": "the status of a previously launched upload",
"definitions": {
"failureDetail": {
"type": "object",
"description": "details of why a single object failed the crud operation (create or whatever)",
"properties": {
"code": {
"type": "string",
"description": "A code, e.g. on a job or job ad, that uniquely identifies the object"
},
"message": {
"type": "string"
}
},
"additionalProperties": false,
"required": [
"code",
"message"
]
},
"crudOutcome": {
"type": "object",
"properties": {
"operation": {
"enum": [
"Created",
"Updated",
"Closed"
]
},
"succeeded": {
"type": "integer",
"description": "how many objects in the set have so far been successfully [operation]"
},
"failed": {
"type": "integer",
"description": "how many objects in the set have so far been unsuccessfully [operation]"
},
"failureDetails": {
"type": "array",
"items": {
"$ref": "#/definitions/failureDetail"
}
}
},
"additionalProperties": false,
"required": [
"operation",
"succeeded",
"failed"
]
},
"crudOutcomes": {
"type": "array",
"items": {
"$ref": "#/definitions/crudOutcome"
}
}
},
"properties": {
"id": {
"description": "id of the upload operation",
"type": "integer"
},
"started": {
"type": "string",
"format": "date-time"
},
"status": {
"enum": [
"Queued",
"Underway",
"Complete",
"Error"
]
},
"results": {
"$ref": "#/definitions/crudOutcomes"
}
},
"required": [
"id",
"started",
"status",
"results"
],
"additionalProperties": false
}
Example:
{
"id": 8754598,
"started": "2015-11-05T13:15:30Z",
"status": "Underway",
"results": [
{
"operation": "Created",
"succeeded": 1,
"failed": 1,
"failureDetails": [
{
"code": "AZDH55",
"message": "missing value for location"
}
]
},
{
"operation": "Updated",
"succeeded": 0,
"failed": 0
},
{
"operation": "Closed",
"succeeded": 0,
"failed": 0
}
]
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
get a single category node, even if it is unavailable (i.e. unlike GET /categories/byID/{}/values)
get /categories/byID/{category}/values/byID/{id}
get a single category node, even if it is unavailable (i.e. unlike GET /categories/byID/{}/values)
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- id: required (string)
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"sequence": {
"type": "number",
"description": "the sequence of this node (i.e. its order within its siblings)"
},
"location": {
"type": "object",
"description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
"properties": {
"lat": {
"type": "number",
"description": "latitude of this location"
},
"lng": {
"type": "number",
"description": "longitude of this location"
},
"country": {
"description": "country, in ISO 3166-1 alpha-2 form",
"enum": [
"AC",
"AD",
"AE",
"AF",
"AG",
"AI",
"AL",
"AM",
"AN",
"AO",
"AQ",
"AR",
"AS",
"AT",
"AU",
"AW",
"AX",
"AZ",
"BA",
"BB",
"BD",
"BE",
"BF",
"BG",
"BH",
"BI",
"BJ",
"BM",
"BN",
"BO",
"BR",
"BS",
"BT",
"BV",
"BW",
"BY",
"BZ",
"CA",
"CC",
"CD",
"CF",
"CG",
"CH",
"CI",
"CK",
"CL",
"CM",
"CN",
"CO",
"CR",
"CU",
"CV",
"CX",
"CY",
"CZ",
"DE",
"DJ",
"DK",
"DM",
"DO",
"DZ",
"EC",
"EE",
"EG",
"ER",
"ES",
"ET",
"FI",
"FJ",
"FK",
"FM",
"FO",
"FR",
"GA",
"GB",
"GD",
"GE",
"GF",
"GG",
"GH",
"GI",
"GL",
"GM",
"GN",
"GP",
"GQ",
"GR",
"GS",
"GT",
"GU",
"GW",
"GY",
"HK",
"HM",
"HN",
"HR",
"HT",
"HU",
"ID",
"IE",
"IL",
"IM",
"IN",
"IO",
"IQ",
"IR",
"IS",
"IT",
"JE",
"JM",
"JO",
"JP",
"KE",
"KG",
"KH",
"KI",
"KM",
"KN",
"KP",
"KR",
"KW",
"KY",
"KZ",
"LA",
"LB",
"LC",
"LI",
"LK",
"LR",
"LS",
"LT",
"LU",
"LV",
"LY",
"MA",
"MC",
"MD",
"ME",
"MG",
"MH",
"MK",
"ML",
"MM",
"MN",
"MO",
"MP",
"MQ",
"MR",
"MS",
"MT",
"MU",
"MV",
"MW",
"MX",
"MY",
"MZ",
"NA",
"NC",
"NE",
"NF",
"NG",
"NI",
"NL",
"NO",
"NP",
"NR",
"NU",
"NZ",
"OM",
"PA",
"PE",
"PF",
"PG",
"PH",
"PK",
"PL",
"PM",
"PN",
"PR",
"PT",
"PW",
"PY",
"QA",
"RE",
"RO",
"RS",
"RU",
"RW",
"SA",
"SB",
"SC",
"SD",
"SE",
"SG",
"SH",
"SI",
"SJ",
"SK",
"SL",
"SM",
"SN",
"SO",
"SR",
"ST",
"SV",
"SY",
"SZ",
"TA",
"TC",
"TD",
"TF",
"TG",
"TH",
"TJ",
"TK",
"TL",
"TM",
"TN",
"TO",
"TR",
"TT",
"TV",
"TW",
"TZ",
"UA",
"UG",
"UM",
"US",
"UY",
"UZ",
"VA",
"VC",
"VE",
"VG",
"VI",
"VN",
"VU",
"WF",
"WS",
"YE",
"YT",
"ZA",
"ZM",
"ZW"
]
}
},
"required": [
"lat",
"lng"
]
},
"externalId": {
"type": "string",
"description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
},
"parent": {
"type": "integer",
"description": "The id of the value which is this node's parent (hierarchical structure)"
},
"remappedTo": {
"type": "integer",
"description": "The id of the value which took over from this node, when this node was permanently inactivated"
}
},
"type": "object",
"description": "details of a single category value",
"properties": {
"id": {
"type": "integer"
},
"available": {
"type": "boolean",
"description": "whether this node can be selected (i.e. is not disabled)"
},
"name": {
"type": "string",
"description": "the user visible name for this category value"
},
"code": {
"type": "string",
"description": "a code for this category value"
},
"externalId": {
"$ref": "#/definitions/externalId"
},
"sequence": {
"$ref": "#/definitions/sequence"
},
"parent": {
"$ref": "#/definitions/parent"
},
"remappedTo": {
"$ref": "#/definitions/remappedTo"
},
"location": {
"$ref": "#/definitions/location"
},
"values": {
"type": "array",
"items": {
"$ref": "#"
}
}
},
"additionalProperties": false
}
Example:
{
"id": 10034,
"name": "Wellington",
"available": false
}
HTTP status code 404
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Tell any app that cares that a category node has changed. The node's new state is sent in the request.
post /categories/byID/{category}/values/byID/{id}/deltaPings
Tell any app that cares that a category node has changed. The node's new state is sent in the request.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- id: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"sequence": {
"type": "number",
"description": "the sequence of this node (i.e. its order within its siblings)"
},
"location": {
"type": "object",
"description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
"properties": {
"lat": {
"type": "number",
"description": "latitude of this location"
},
"lng": {
"type": "number",
"description": "longitude of this location"
},
"country": {
"description": "country, in ISO 3166-1 alpha-2 form",
"enum": [
"AC",
"AD",
"AE",
"AF",
"AG",
"AI",
"AL",
"AM",
"AN",
"AO",
"AQ",
"AR",
"AS",
"AT",
"AU",
"AW",
"AX",
"AZ",
"BA",
"BB",
"BD",
"BE",
"BF",
"BG",
"BH",
"BI",
"BJ",
"BM",
"BN",
"BO",
"BR",
"BS",
"BT",
"BV",
"BW",
"BY",
"BZ",
"CA",
"CC",
"CD",
"CF",
"CG",
"CH",
"CI",
"CK",
"CL",
"CM",
"CN",
"CO",
"CR",
"CU",
"CV",
"CX",
"CY",
"CZ",
"DE",
"DJ",
"DK",
"DM",
"DO",
"DZ",
"EC",
"EE",
"EG",
"ER",
"ES",
"ET",
"FI",
"FJ",
"FK",
"FM",
"FO",
"FR",
"GA",
"GB",
"GD",
"GE",
"GF",
"GG",
"GH",
"GI",
"GL",
"GM",
"GN",
"GP",
"GQ",
"GR",
"GS",
"GT",
"GU",
"GW",
"GY",
"HK",
"HM",
"HN",
"HR",
"HT",
"HU",
"ID",
"IE",
"IL",
"IM",
"IN",
"IO",
"IQ",
"IR",
"IS",
"IT",
"JE",
"JM",
"JO",
"JP",
"KE",
"KG",
"KH",
"KI",
"KM",
"KN",
"KP",
"KR",
"KW",
"KY",
"KZ",
"LA",
"LB",
"LC",
"LI",
"LK",
"LR",
"LS",
"LT",
"LU",
"LV",
"LY",
"MA",
"MC",
"MD",
"ME",
"MG",
"MH",
"MK",
"ML",
"MM",
"MN",
"MO",
"MP",
"MQ",
"MR",
"MS",
"MT",
"MU",
"MV",
"MW",
"MX",
"MY",
"MZ",
"NA",
"NC",
"NE",
"NF",
"NG",
"NI",
"NL",
"NO",
"NP",
"NR",
"NU",
"NZ",
"OM",
"PA",
"PE",
"PF",
"PG",
"PH",
"PK",
"PL",
"PM",
"PN",
"PR",
"PT",
"PW",
"PY",
"QA",
"RE",
"RO",
"RS",
"RU",
"RW",
"SA",
"SB",
"SC",
"SD",
"SE",
"SG",
"SH",
"SI",
"SJ",
"SK",
"SL",
"SM",
"SN",
"SO",
"SR",
"ST",
"SV",
"SY",
"SZ",
"TA",
"TC",
"TD",
"TF",
"TG",
"TH",
"TJ",
"TK",
"TL",
"TM",
"TN",
"TO",
"TR",
"TT",
"TV",
"TW",
"TZ",
"UA",
"UG",
"UM",
"US",
"UY",
"UZ",
"VA",
"VC",
"VE",
"VG",
"VI",
"VN",
"VU",
"WF",
"WS",
"YE",
"YT",
"ZA",
"ZM",
"ZW"
]
}
},
"required": [
"lat",
"lng"
]
},
"externalId": {
"type": "string",
"description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
},
"parent": {
"type": "integer",
"description": "The id of the value which is this node's parent (hierarchical structure)"
},
"remappedTo": {
"type": "integer",
"description": "The id of the value which took over from this node, when this node was permanently inactivated"
}
},
"type": "object",
"description": "details of a single category value",
"properties": {
"id": {
"type": "integer"
},
"available": {
"type": "boolean",
"description": "whether this node can be selected (i.e. is not disabled)"
},
"name": {
"type": "string",
"description": "the user visible name for this category value"
},
"code": {
"type": "string",
"description": "a code for this category value"
},
"externalId": {
"$ref": "#/definitions/externalId"
},
"sequence": {
"$ref": "#/definitions/sequence"
},
"parent": {
"$ref": "#/definitions/parent"
},
"remappedTo": {
"$ref": "#/definitions/remappedTo"
},
"location": {
"$ref": "#/definitions/location"
},
"values": {
"type": "array",
"items": {
"$ref": "#"
}
}
},
"additionalProperties": false
}
Example:
{
"id": 10034,
"name": "Wellington",
"available": false
}
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Tell apps that care that a category node is about to be changed. The node's new state is sent in the request.
Each producer can pass back a markdown document rendering to a user what would happen if this change went ahead. e.g. "10 jobs would be deleted - click here to learn more.
post /categories/byID/{category}/values/byID/{id}/changeImpact
Tell apps that care that a category node is about to be changed. The node's new state is sent in the request.
Each producer can pass back a markdown document rendering to a user what would happen if this change went ahead. e.g. "10 jobs would be deleted - click here to learn more.
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- id: required (string)
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema#",
"definitions": {
"sequence": {
"type": "number",
"description": "the sequence of this node (i.e. its order within its siblings)"
},
"location": {
"type": "object",
"description": "the geographic coordinates of this value, which represents a physical location. This may be present only when (a) the category itself has key of LOCATION, and (b) the value is a leaf (has no children)",
"properties": {
"lat": {
"type": "number",
"description": "latitude of this location"
},
"lng": {
"type": "number",
"description": "longitude of this location"
},
"country": {
"description": "country, in ISO 3166-1 alpha-2 form",
"enum": [
"AC",
"AD",
"AE",
"AF",
"AG",
"AI",
"AL",
"AM",
"AN",
"AO",
"AQ",
"AR",
"AS",
"AT",
"AU",
"AW",
"AX",
"AZ",
"BA",
"BB",
"BD",
"BE",
"BF",
"BG",
"BH",
"BI",
"BJ",
"BM",
"BN",
"BO",
"BR",
"BS",
"BT",
"BV",
"BW",
"BY",
"BZ",
"CA",
"CC",
"CD",
"CF",
"CG",
"CH",
"CI",
"CK",
"CL",
"CM",
"CN",
"CO",
"CR",
"CU",
"CV",
"CX",
"CY",
"CZ",
"DE",
"DJ",
"DK",
"DM",
"DO",
"DZ",
"EC",
"EE",
"EG",
"ER",
"ES",
"ET",
"FI",
"FJ",
"FK",
"FM",
"FO",
"FR",
"GA",
"GB",
"GD",
"GE",
"GF",
"GG",
"GH",
"GI",
"GL",
"GM",
"GN",
"GP",
"GQ",
"GR",
"GS",
"GT",
"GU",
"GW",
"GY",
"HK",
"HM",
"HN",
"HR",
"HT",
"HU",
"ID",
"IE",
"IL",
"IM",
"IN",
"IO",
"IQ",
"IR",
"IS",
"IT",
"JE",
"JM",
"JO",
"JP",
"KE",
"KG",
"KH",
"KI",
"KM",
"KN",
"KP",
"KR",
"KW",
"KY",
"KZ",
"LA",
"LB",
"LC",
"LI",
"LK",
"LR",
"LS",
"LT",
"LU",
"LV",
"LY",
"MA",
"MC",
"MD",
"ME",
"MG",
"MH",
"MK",
"ML",
"MM",
"MN",
"MO",
"MP",
"MQ",
"MR",
"MS",
"MT",
"MU",
"MV",
"MW",
"MX",
"MY",
"MZ",
"NA",
"NC",
"NE",
"NF",
"NG",
"NI",
"NL",
"NO",
"NP",
"NR",
"NU",
"NZ",
"OM",
"PA",
"PE",
"PF",
"PG",
"PH",
"PK",
"PL",
"PM",
"PN",
"PR",
"PT",
"PW",
"PY",
"QA",
"RE",
"RO",
"RS",
"RU",
"RW",
"SA",
"SB",
"SC",
"SD",
"SE",
"SG",
"SH",
"SI",
"SJ",
"SK",
"SL",
"SM",
"SN",
"SO",
"SR",
"ST",
"SV",
"SY",
"SZ",
"TA",
"TC",
"TD",
"TF",
"TG",
"TH",
"TJ",
"TK",
"TL",
"TM",
"TN",
"TO",
"TR",
"TT",
"TV",
"TW",
"TZ",
"UA",
"UG",
"UM",
"US",
"UY",
"UZ",
"VA",
"VC",
"VE",
"VG",
"VI",
"VN",
"VU",
"WF",
"WS",
"YE",
"YT",
"ZA",
"ZM",
"ZW"
]
}
},
"required": [
"lat",
"lng"
]
},
"externalId": {
"type": "string",
"description": "An immutable external identifier, e.g. primary key in an upstream system, used to identify the category value"
},
"parent": {
"type": "integer",
"description": "The id of the value which is this node's parent (hierarchical structure)"
},
"remappedTo": {
"type": "integer",
"description": "The id of the value which took over from this node, when this node was permanently inactivated"
}
},
"type": "object",
"description": "details of a single category value",
"properties": {
"id": {
"type": "integer"
},
"available": {
"type": "boolean",
"description": "whether this node can be selected (i.e. is not disabled)"
},
"name": {
"type": "string",
"description": "the user visible name for this category value"
},
"code": {
"type": "string",
"description": "a code for this category value"
},
"externalId": {
"$ref": "#/definitions/externalId"
},
"sequence": {
"$ref": "#/definitions/sequence"
},
"parent": {
"$ref": "#/definitions/parent"
},
"remappedTo": {
"$ref": "#/definitions/remappedTo"
},
"location": {
"$ref": "#/definitions/location"
},
"values": {
"type": "array",
"items": {
"$ref": "#"
}
}
},
"additionalProperties": false
}
Example:
{
"id": 10034,
"name": "Wellington",
"available": false
}
HTTP status code 200
Body
Type: application/json
Schema:
{
"$schema": "http://json-schema.org/draft-04/schema",
"type": "object",
"description": "details of the information an app holds against a category node, e.g. the testimonials of employees in the Eastern region IT org",
"properties": {
"summary": {
"type": "string",
"description": "Details in markdown format with \n between lines, for rendering to a user interested in this node, capped at 1000 visible characters"
}
},
"required": [
"summary"
],
"additionalProperties": false
}
Example:
{
"summary": "All 10 jobs in Machine Learning will be moved to Data Sciences"
}
HTTP status code 404
no data available
Secured by oauth_2_0
Headers
- Authorization: (string)
Used to send a valid OAuth 2 access token. Do not use with the "access_token" query string parameter.
HTTP status code 401
Bad or expired token. To fix, you should re-authenticate the user.
HTTP status code 403
Bad OAuth request (wrong consumer key, bad nonce, expired timestamp...). Unfortunately, re-authenticating the user won't help here.
Ask any apps that care about category nodes what information they are holding relating to this node.
Each producer can pass back a markdown document rendering to a user, e.g. an ATS might say "_10_ jobs, 287 candidates"
get /categories/byID/{category}/values/byID/{id}/summary
Ask any apps that care about category nodes what information they are holding relating to this node.
Each producer can pass back a markdown document rendering to a user, e.g. an ATS might say "_10_ jobs, 287 candidates"
OAuth is used to authenticate tenant API calls. Tenant API calls may be on behalf of a specific principal (e.g. user)
URI Parameters
- category: required (string)
- id: required (string)