Introducing new public API - Self Scheduling API.
This API allows to manage interview self schedules in SmartRecruiters.
To use this API, you will need the following access scopes: self_schedules_read or self_schedules_manage.
Impact
The Self Schedule API allows to create, delete and search for interview self schedules, providing similar functionality as the UI.
Self scheduling allows candidate to pick up the time slot for the interview, and interview would be created as a result.
The Apply API now supports OAuth 2.0 as an authorization method. This update enhances the security and flexibility of integrations by allowing the use of OAuth 2.0 authorization flows for accessing these APIs.
OAuth 2.0 authorization is now available for the following endpoints:
Create a New Candidate Application POST https://api.smartrecruiters.com/postings/{uuid}/candidates Required OAuth 2.0 Scope:candidate_applications_manage
Get Application Configuration for Posting GET https://api.smartrecruiters.com/postings/{uuid}/configuration Required OAuth 2.0 Scope:candidate_applications_manage
Get Candidate Status GET https://api.smartrecruiters.com/postings/{uuid}/candidates/{candidateId}/status Required OAuth 2.0 Scope:candidate_applications_manage
The previously available authorization methods remain unchanged and supported, ensuring backward compatibility and no breaking changes.
Impact
This change introduces an additional, more secure way to authenticate requests to the Apply API. Existing authorization methods continue to function as before, ensuring no breaking changes. Adopting OAuth 2.0 is optional but recommended for improved security.
Introducing a new way to authenticate with SmartRecruiters APIs using the client_secret_basic OAuth client authentication method.
This change enables the method based on the client ID and client secret, which are sent in the Authorization header of the token exchange request.
This method can be used for the OAuth 2.0. Client Credentials and Authorization Code grants.
Impact
This change provides an additional way to authenticate with SmartRecruiters APIs using the client_secret_basic method.
This change does not affect existing authentication methods.
Introducing our new public API - Message Templates API.
This API enables you to manage message templates within SmartRecruiters, allowing you to create, update, delete, and retrieve templates.
To use this API, you will need the following access scopes: message_templates_read or message_templates_write.
Impact
The Message Templates API empowers you to handle message templates in SmartRecruiters, providing similar functionality as the UI.
We have launched a new API endpoint that allows users to retrieve detailed job criteria for each position. This feature delivers structured information, including specific criteria, related questions, and the workflow steps assigned to each job.
GET /reviews-api/v201910/jobs/{jobId}/criteria
Impact
This feature will help standardize interviews and improve hiring consistency.
We resolved an issue where the compensation field could not be updated using the PATCH /jobs/{jobId} endpoint.
The bug occurred when users attempted to nullify or delete the compensation value.
Impact
The change is backward compatible, and the fix restores the documented functionality.
We have introduced enhanced validation measures to prevent the creation of duplicate records during candidate updates.
Validation is not passed when an attempt is made to update a candidate's email address or last name to one already
associated with another candidate. In our system, the combination of email and last name must be unique, and it is not
possible to have two candidates with the same email address and last name.
Impact
This change affects the PATCH /candidates/id endpoint (operationId: candidates.update) in the Candidates API. If users try to update a candidate's e-mail
or last name to one that another candidate already owns, they will receive a 409 Conflict status code with
the code CANDIDATE_DATA_CONFLICT.
We have removed UUID validation for the id property in the PUT /candidates/{id}/jobs/{jobId}/properties endpoint
(operationId: candidates.properties.values.batchUpdateForJob). This change is intended to maintain consistency with other parameters
that do not have this format enforced. The valid format for the id remains unchanged and will remain as UUID.
Impact
There shouldn’t be any significant impact as there were no server-side validation of this format.
If user doesn’t provide UUID, he will receive status 404 NOT FOUND with code PROPERTY_NOT_FOUND as usual.
The only potential impacts are:
relaxed validation in the Swagger/UI of the Developer portal
if the user manually reads and interprets OpenAPI Specification for any reason.
We have added support for the latitude and longitude properties for the location object.
Impact
Job and Job ad can be created and updated with coordinates: latitude and longitude provided in the location property.
This change is backward compatible. The latitude and longitude properties are optional.
If not provided, the Job or Job ad location will be saved/updated without the coordinates.
