Articles in this section

Making Your First API Call

For making API call to Veritone Hire, you will need four things to start with

  1. API Key
  2. Secret Key
  3. Client Id
  4. ADC Username

In case you have not received the above information from Veritone Hire. Please connect with the Veritone Hire representative handling the integration.

The credentials mentioned above can be divided into three levels

  1. L1: System Level - This will be the same for all the clients using the ATS/CRM system with Veritone Hire. It is recommended to map this at the ATS/CRM admin level.

    1. API Key

  2. L2: Client Level - These will change per Veritone Hire account. It is recommended to map these at the client's ATS/CRM admin level.

    1. Client Id
    2. Client Secret

  3. L3: User Level - These will be different for each user inside a Veritone Hire account, so it is recommended to map these inside user profiles.

    1. ADC Username

While making any API request to Veritone Hire system you must pass five parameters into request body as mentioned below

  • Username – Veritone Hire username who wish to access the system.
  • Time – The current epoch time in milliseconds
  • Signature – A SHA256/HMAC message digest encoded with the shared secret key
  • API Key – Unique API key supplied from Veritone Hire
  • Client Id – Veritone Hire Client Id

As the signatures have approximately 5 minutes of validity and a machine with a clock running 5 minutes or more slow can never generate a valid token. For this reason, we would recommend ensuring the machine clock is kept correct. This will be a matter for your Systems administration team and http://www.ntp.org/ may be of help here.

The message body that should be encrypted for the signature generation should be:

username|time|api_key (values are separated using vertical pipe)

Most programming languages will have readily available libraries implementing the required hashing algorithms that allow the message body and encryption token (secret key) to be passed in and which return the required signature hash. This should be returned as a hexadecimal string without any modifications.

** The same username, API key and time should be supplied in the API payload as the ones used to generate the signature body.

Important Notes

  • The encryption token (secret key) should never be supplied in the URL un-encrypted.
  • The signature parameter should appear as a 64 character alphanumeric string with all lower case letters.
  • The authentication digest will be valid for around 5 minutes from the time supplied.
  • Authentication times in the future are invalid and will be rejected.
  • The digests cannot be stored - they must be created on demand.
  • If the encryption token (secret key) is compromised you should inform Veritone Hire immediately and you will be issued with a new token.

Key concepts for each Bean Widget API call

  • Identification Node – This node contains two parameters as given below
    • Client ID
    • ADC Username
  • Authentication Node – This node contains three parameters as given below
    • API key
    • Time
    • Signature
  • Filters – All vacancies on Veritone Hire are identified using filters. It is strongly recommended to use additional custom fields supplied for each vacancy posted. The custom fields should be a unique identifier (or identifiers) of the vacancy or client in the ATS/CRM system. For example
    • To identify the job/vacancy, Veritone Hire recommends using a custom field "JOB_ID".
    • Add a custom field or combination of such as “ATS_CLIENT_ID” to uniquely identify client instances.

    Custom Fields in the filter section should match those in the advert section of Post Plus Dashboard API exactly.

Related articles