Eightfold API Authorization Guide
Overview
The Eightfold API uses a permission-based authorization system to secure endpoints. Each API key can be configured with specific permissions that determine which API endpoints it can access. This document explains how permissions work and provides a comprehensive reference for configuring API access.
Authorization Process
- API Key Generation: Users generate an API key from the Eightfold platform via the API tab in the Integration section.
- Permission Assignment: Each API key is assigned specific permissions through the permission configuration UI.
- Permission Structure: Permissions follow a hierarchical structure:
logical_entity[:logical_subentity]:SCOPE
Where:- logical_entity is the primary resource (e.g., ATS Position, Profile)
- logical_subentity is optional and represents a sub-resource (e.g., Application, Feedback)
- SCOPE is either READ or WRITE
- Access Control: When making API requests, the system verifies that your API key has the required permission for the endpoint. If the permission is missing, access is denied.
Configuring API Permissions
Accessing the Permission Configuration UI
-
Navigate to the Eightfold Admin Console and Go to Integration → Eightfold API
-
Click on the edit icon next to an existing API key or click "Generate a new API key" to create a new one
Using the Permission Configuration UI
The permission configuration interface is organized hierarchically:
-
Entity Level: The top level shows all available entities (e.g., Ats Position, Profile, Position)
-
Sub-Entity Level: Some entities have a few associated sub-entities (eg Profile->Skills)
-
Read/Write Toggle: Each entity/subentity has checkboxes for READ and WRITE permissions
-
Global Read/Write Toggle: Alternatively, if we want to allow access permissions to all READ or all WRITE endpoints, we can select the global toggles on top.
Here are a few examples of API permissions selected and what endpoints they give access to:
-
ATS Position Permissions
Ats Position:READ - Grants access to:GET
/api/v2/core/ats-systems/{systemId}/ats-positions/{atsPositionId} (ATS Position Get)GET
/api/v2/core/ats-systems/{systemId}/ats-positions (ATS Position List)
ats_position:WRITE - Grants access to:
PUT
/api/v2/core/ats-systems/{systemId}/ats-positions/{atsPositionId} (ATS Position Update)PATCH
/api/v2/core/ats-systems/{systemId}/ats-positions/{atsPositionId} (ATS Position Patch)POST
/api/v2/core/ats-systems/{systemId}/ats-positions (ATS Position Create)
API endpoints and required permissions reference
Below is a comprehensive table listing all API endpoints with their HTTP methods and required permissions from the Eightfold API.
API Summary | Path | HTTP Method | Required Permission |
---|---|---|---|
ATS Position Endpoints | |||
ATS Position Get | /api/v2/ats-systems/{systemId}/ats-positions/{atsPositionId} | GET | Ats Position:READ |
ATS Position Update | /api/v2/ats-systems/{systemId}/ats-positions/{atsPositionId} | PUT | Ats Position:WRITE |
ATS Position Patch | /api/v2/ats-systems/{systemId}/ats-positions/{atsPositionId} | PATCH | Ats Position:WRITE |
ATS Position List | /api/v2/ats-systems/{systemId}/ats-positions | GET | Ats Position:READ |
ATS Position Create | /api/v2/ats-systems/{systemId}/ats-positions | POST | Ats Position:WRITE |
Position Endpoints | |||
Position Get | /api/v2/positions/{positionId} | GET | Position:READ |
Position Update | /api/v2/positions/{positionId} | PUT | Position:WRITE |
Position Patch | /api/v2/positions/{positionId} | PATCH | Position:WRITE |
Position List | /api/v2/positions | GET | Position:READ |
Position Create | /api/v2/positions | POST | Position:WRITE |
Position List Matched Candidates | /api/v2/positions/{positionId}/matched-candidates | GET | Profile:READ |
Position List Applicants | /api/v2/position/{positionId}/applicants | GET | Position:READ |
Position Batch Fetch | /api/v2/positions/batch-fetch | POST | Position:READ |
Transaction Endpoints | |||
Transaction Get | /api/v2/transactions/{transactionId} | GET | Transaction:READ |
Profile Endpoints | |||
Profile Get | /api/v2/profiles/{profileId} | GET | Profile:READ |
Profile Update | /api/v2/profiles/{profileId} | PUT | Profile:WRITE |
Profile Delete | /api/v2/profiles/{profileId} | DELETE | Profile:WRITE |
Profile Patch | /api/v2/profiles/{profileId} | PATCH | Profile:WRITE |
Profile List | /api/v2/profiles | GET | Profile:READ |
Profile Create | /api/v2/profiles | POST | Profile:WRITE |
Profile List Matched Positions | /api/v2/profiles/{profileId}/matched-positions | GET | Position:READ |
Create or Advance Application Stage | /api/v2/profiles/{profileId}/application/stages | POST | Application:WRITE |
Profile Batch Fetch | /api/v2/profiles/batch-fetch | POST | Profile:READ |
Careerhub Endpoints | |||
Suggest Skills Get | /api/v2/profiles/suggest-skills/{profileSection} | GET | Profile:Skills:READ |
Career Planner Role Get | /api/v2/career-planner/{userEmail}/roles/{roleSection} | GET | Profile:Role:READ |
Career Planner Role Patch | /api/v2/career-planner/{userEmail}/roles/ | PATCH | Profile:Role:WRITE |
Career Planner Skill Gap Analysis Get | /api/v2/career-planner/{userEmail}/skills/skill-gap-analysis | GET | Profile:Role:READ |
Career Planner Recommeded Course Get | /api/v2/career-planner/{userEmail}/courses/recommended-courses | GET | Profile:Course:READ |
Career Navigator Endpoints | |||
Career Navigator Search | /api/v2/career-navigator/recommended-paths/{userEmail} | GET | Career Navigator:READ |
Profile Feedback Endpoints | |||
Profile Feedback Get | /api/v2/profile-feedbacks/{profileFeedbackId} | GET | Profile:Feedback:READ |
Profile Feedback Batch Fetch | /api/v2/profile-feedbacks/batch-fetch | POST | Profile:Feedback:READ |
Profile Feedback List | /api/v2/profile-feedbacks | GET | Profile:Feedback:READ |
Profile Note Endpoints | |||
Profile Note Get | /api/v2/profile-notes/{profileNoteId} | GET | Profile:Note:READ |
Profile Note Batch Fetch | /api/v2/profile-notes/batch-fetch | POST | Profile:Note:READ |
Profile Note List | /api/v2/profile-notes | GET | Profile:Role:READ |
Profile Tag Endpoints | |||
Profile Tag Get | /api/v2/profile-tags/{profileTagId} | GET | Profile:Tag:READ |
Profile Tag Batch Fetch | /api/v2/profile-tags/batch-fetch | POST | Profile:Tag:READ |
Profile Tag List | /api/v2/profile-tags | GET | Profile:Role:READ |
Profile Application Endpoints | |||
Profile Application Get | /api/v2/profile-applications/{profileApplicationId} | GET | Profile:Application:READ |
Profile Application Batch Fetch | /api/v2/profile-applications/batch-fetch | POST | Profile:Application:READ |
Succession Plan Endpoints | |||
Succession Plan Get | /api/v2/succession_plans/{positionId} | GET | Position:Succession Plan:READ |
Succession Plan Recommended Successors List | /api/v2/succession_plans/{positionId}/recommended-successors | GET | Position:Succession Plan:READ |
Succession Plan List | /api/v2/succession_plans | GET | Position:Succession Plan:READ |
Succession Plan Create | /api/v2/succession_plans | POST | Position:Succession Plan:WRITE |
Succession Plan Incumbent List | /api/v2/succession_plans/{positionId}/incumbents | GET | Position:Succession Plan:READ |
Succession Plan Successor Create | /api/v2/succession_plans/{positionId}/successors | POST | Position:Succession Plan:WRITE |
Succession Plan Successor Patch | /api/v2/succession_plans/{positionId}/successors/{profileId} | PATCH | Position:Succession Plan:WRITE |
Succession Plan Successor Delete | /api/v2/succession_plans/{positionId}/successors/{profileId} | DELETE | Position:Succession Plan:WRITE |
Succession Plan Caretaker Create | /api/v2/succession_plans/{positionId}/caretakers | POST | Position:Succession Plan:WRITE |
Succession Plan Caretaker Delete | /api/v2/succession_plans/{positionId}/caretakers/{profileId} | DELETE | Position:Succession Plan:WRITE |
Demand Endpoints | |||
Demand Get | /api/v2/demands/{demandId} | GET | Resource Management:READ |
Demand Patch | /api/v2/demands/{demandId} | PATCH | Resource Management:WRITE |
Demand Update | /api/v2/demands/{demandId} | PUT | Resource Management:WRITE |
Demand Delete | /api/v2/demands/{demandId} | DELETE | Resource Management:WRITE |
Demand Create | /api/v2/demands | POST | Resource Management:WRITE |
Demand List | /api/v2/demands | GET | Resource Management:READ |
Batch Demand Fetch | /api/v2/demands/batch-fetch | POST | Resource Management:READ |
External Demand Endpoints | |||
External Demand Get | /api/v2/ext-systems/resourcing/ext-demands/{extDemandId} | GET | External Resource Management:READ |
External Demand Patch | /api/v2/ext-systems/resourcing/ext-demands/{extDemandId} | PATCH | External Resource Management:WRITE |
External Demand Update | /api/v2/ext-systems/resourcing/ext-demands/{extDemandId} | PUT | External Resource Management:WRITE |
External Demand Delete | /api/v2/ext-systems/resourcing/ext-demands/{extDemandId} | DELETE | External Resource Management:WRITE |
External Demand Create | /api/v2/ext-systems/resourcing/ext-demands | POST | External Resource Management:WRITE |
External Demand List | /api/v2/ext-systems/resourcing/ext-demands | GET | External Resource Management:READ |
External Demand Employee Application Update | /api/v2/ext-systems/resourcing/ext-demands/{extDemandId}/employee-create-or-advance-application-stage | POST | External Resource Management:WRITE |
Booking Endpoints | |||
Booking Get | /api/v2/bookings/{bookingId} | GET | Resource Management:READ |
Booking Patch | /api/v2/bookings/{bookingId} | PATCH | Resource Management:WRITE |
Booking Update | /api/v2/bookings/{bookingId} | PUT | Resource Management:WRITE |
Booking Delete | /api/v2/bookings/{bookingId} | DELETE | Resource Management:WRITE |
Booking Create | /api/v2/bookings | POST | Resource Management:WRITE |
Booking List | /api/v2/bookings | GET | Resource Management:READ |
Batch Bookings Fetch | /api/v2/bookings/batch-fetch | POST | Resource Management:READ |
External Booking Endpoints | |||
External Booking Get | /api/v2/ext-systems/resourcing/ext-bookings/{extBookingId} | GET | External Resource Management:READ |
External Booking Patch | /api/v2/ext-systems/resourcing/ext-bookings/{extBookingId} | PATCH | External Resource Management:WRITE |
External Booking Update | /api/v2/ext-systems/resourcing/ext-bookings/{extBookingId} | PUT | External Resource Management:WRITE |
External Booking Delete | /api/v2/ext-systems/resourcing/ext-bookings/{extBookingId} | DELETE | External Resource Management:WRITE |
External Booking Create | /api/v2/ext-systems/resourcing/ext-bookings | POST | External Resource Management:WRITE |
Holiday Endpoints | |||
Holiday Get | /api/v2/holidays/{holidayId} | GET | Resource Management:READ |
Holiday Patch | /api/v2/holidays/{holidayId} | PATCH | Resource Management:WRITE |
Holiday Update | /api/v2/holidays/{holidayId} | PUT | Resource Management:WRITE |
Holiday Delete | /api/v2/holidays/{holidayId} | DELETE | Resource Management:WRITE |
Holiday Create | /api/v2/holidays | POST | Resource Management:WRITE |
Holiday List | /api/v2/holidays | GET | Resource Management:READ |
Batch Holidays Fetch | /api/v2/holidays/batch-fetch | POST | Resource Management:READ |
Org Unit Endpoints | |||
Org Unit Get | /api/v2/org-units/{orgUnitId} | GET | T3s:READ |
Org Unit List | /api/v2/org-units | GET | T3s:READ |
Batch Org Unit Fetch | /api/v2/org-units/batch-fetch | POST | T3s:READ |
Comment Endpoints | |||
Comment Get | /api/v2/comments/{commentId} | GET | Resource Management:READ |
Comments List | /api/v2/comments | GET | Resource Management:READ |
Updated about 13 hours ago