Overview
The Sterling API uses an OAuth2 ("oauth") authentication scheme.
Requests to the Sterling API must be authenticated using short-lived bearer token in the Authorization header. Applications will obtain bearer tokens via the oauth endpoint. It is also required to set a "grant_type" field to "client_credentials', as shown in the curl auth request example below.
Integration | https://api-int.kennect.com/v2/oauth |
Production | https://api.kennect.com/v2/oauth |
curl -X POST \
-H "Authorization: Basic <basic auth token>" \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=client_credentials' \
https://api-int.kennect.com/v2/oauth
When making a request to the oauth endpoint, the basic auth credentials must be a base64 encoded string in the format client_id:client_secret
. These credentials are not provided through the API and must be obtained through Sterling Talent Solutions.
Base64
The base64 encoded string for the credentials will remain unchanged unless your client_secret is changed at your request.
For instance,
[email protected]:86753O9
will always encode asZXhhbXBsZUBleGFtcGxlLmNvbTo4Njc1M085
.
If the provided credentials are valid, the oauth endpoint will provide a bearer token, along with an expiry time for the token (in seconds). An access_token will expire after 10 hours.
{
"access_token": "RG8gcGVvcGxlIHJlYWxseSBkZWNvZGUgdGhlc2U/IEkgbWVhbiBzZXJpb3VzbHksIHRoaXMgaXMganVzdCBhIHRlc3QgaGFzaCEgV2VsbCwgaWYgeW91IG1hZGUgaXQgdGhpcyBmYXIsIGFsbG93IG1lIHRvIHJld2FyZCB5b3U6DQoNCmh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3dhdGNoP3Y9ZFF3NHc5V2dYY1E=",
"token_type": "bearer",
"expires_in": 36000
}
This token should be cached until it expires, and must be passed in the Authorization
header of each request as follows:
curl -H "Authorization: Bearer RG8gcGVvcGxlIHJlYWxseSBkZWNvZGUgdGhlc2U/IEkgbWVhbiBzZXJpb3VzbHksIHRoaXMgaXMganVzdCBhIHRlc3QgaGFzaCEgV2VsbCwgaWYgeW91IG1hZGUgaXQgdGhpcyBmYXIsIGFsbG93IG1lIHRvIHJld2FyZCB5b3U6DQoNCmh0dHBzOi8vd3d3LnlvdXR1YmUuY29tL3dhdGNoP3Y9ZFF3NHc5V2dYY1E=" \
-H "Accept: application/json" \
https://api-int.kennect.com/v2/candidates/7212643
500 Errors
If you receive a 500 error on any API call using an Authorization header, please check that the format is "Bearer [base64]"