The level of access that an integration has is defined by its permissions.

How permissions work

When you request access to the API, you will be asked to specify the permissions that your integration requires. Please select the minimum set of permissions that that is required to serve the purpose of the integration.
Permissions for the integration are defined by the Recruit representative who creates the secret for your integration.
When an Admin or Owner user activates the integration for their Recruit account:
1. They are requested to approve the set of permissions that are defined for the integration. They cannot customize this list of permissions.
2. They can specify which positions will be shared through the integration by selecting one of the following options: All positions, All non-discreet positions, or Only published positions.
Note: the Recruiting API is protected by HTTP CORS header so it cannot be executed from the browser. This is to protect from design mistakes that may reveal the keys or JWT of the API requests.

📘
Changes to permissions
When changes are made to your app's permissions they do not apply to integrations that were already enabled. To apply the updated permissions, an Admin user needs to disable and re-enable the integration by following these steps:

In Recruit, click the avatar menu at the top right > Settings > Integrations.

Find the relevant integration on the page and select Edit.

In the integration window, click Revoke access and confirm.

Re-enable the integration by clicking Integrate > Allow access > Save.

Permissions for the Recruiting API

The following permissions are supported by the Recruiting API:

Locations: Retrieve locations
Positions: Retrieve positions
Positions: Retrieve positions published only for employees
Positions: Include lead recruiters details in position object
Positions: Include hiring manager details in position object
Positions: Create a new position
Positions: Read position salary range
Positions: Clone a position
Positions: Update a position
Positions: Read position internal name
Positions: Read position internal requirements
Openings: Retrieve openings
Openings: Create a new opening
Candidates: Create a new candidate
Candidates: Update candidate fields
Candidates: Retrieve candidates created by your app as the source
Candidates: Retrieve candidates created by other sources
Candidates: Include details of step's interviewers / assignees in candidate object
Candidates: Include future workflow steps in candidate object
Candidates: Include source data in candidate object
Candidates: Include source contact ID in candidate object, without personal details
Candidates: Include source contact personal details in candidate object
Candidates: Read candidate salary expectations
Candidates: Read candidate disposition info
Conversations: Create conversations and messages on the candidate profile
Notes: Create notes on the candidate profile
Persons: Delete or Pseudonymize persons
Questionnaires: Read company questionnaires
Audit logs: Retrieve logged events