Overview

The Sterling API uses an OAuth2 ("oauth") authentication scheme.

Requests to the Sterling API must be authenticated using short-lived bearer token in the Authorization header. Applications will obtain bearer tokens via the oauth endpoint. It is also required to set a "grant_type" field to "client_credentials', as shown in the curl auth request example below.

curl -X POST \
-H "Authorization: Basic <basic auth token>" \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials' \
https://api-int.kennect.com/v2/oauth

When making a request to the oauth endpoint, the basic auth credentials must be a base64 encoded string in the format client_id:client_secret. These credentials are not provided through the API and must be obtained through Sterling Talent Solutions.

πŸ“˜

Base64

The base64 encoded string for the credentials will remain unchanged unless your client_secret is changed at your request.

For instance, [email protected]:86753O9 will always encode as ZXhhbXBsZUBleGFtcGxlLmNvbTo4Njc1M085.

If the provided credentials are valid, the oauth endpoint will provide a bearer token, along with an expiry time for the token (in seconds). An access_token will expire after 10 hours.

{
  "access_token": "RG8gcGVvcGxlIHJlYWxseSBkZWNvZGUgdGhlc2U/IEkgbWVhbiBzZXJpb3VzbHksIHRoaXMgaXMganVzdCBhIHRlc3QgaGFzaCEgV2VsbCwgaWYgeW91IG1hZGUgaXQgdGhpcyBmYXIsIGFsbG93IG1lIHRvIHJld2FyZCB5b3U6DQoNCmh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3dhdGNoP3Y9ZFF3NHc5V2dYY1E=",
  "token_type": "bearer",
  "expires_in": 36000
}

This token should be cached until it expires, and must be passed in the Authorization header of each request as follows:

curl -H "Authorization: Bearer RG8gcGVvcGxlIHJlYWxseSBkZWNvZGUgdGhlc2U/IEkgbWVhbiBzZXJpb3VzbHksIHRoaXMgaXMganVzdCBhIHRlc3QgaGFzaCEgV2VsbCwgaWYgeW91IG1hZGUgaXQgdGhpcyBmYXIsIGFsbG93IG1lIHRvIHJld2FyZCB5b3U6DQoNCmh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3dhdGNoP3Y9ZFF3NHc5V2dYY1E=" \
-H "Accept: application/json" \ 
https://api-int.kennect.com/v2/candidates/7212643

πŸ“˜

500 Errors

If you receive a 500 error on any API call using an Authorization header, please check that the format is "Bearer [base64]"