Authentication

Base URL

All API endpoints are available under:

https://your-site.com/wp-json/recruiting/v1/

Option 1: WordPress Application Passwords

Since WordPress 5.6, Application Passwords are built in. This is the simplest way to authenticate.

Navigate to Users → Profile → Application Passwords in your WordPress admin to generate a password.

curl -X GET \
  https://your-site.com/wp-json/recruiting/v1/jobs \
  -u "username:xxxx xxxx xxxx xxxx xxxx xxxx"

Application Passwords use HTTP Basic Auth. The password is space-separated and provided when created.

Option 2: API Key (Pro)

Pro users can generate dedicated API keys in the plugin settings. Keys offer granular permission control and are ideal for server-to-server integrations.

Header-based authentication

curl -X GET \
  https://your-site.com/wp-json/recruiting/v1/jobs \
  -H "X-Recruiting-API-Key: rp_live_abc123..."

Query parameter authentication

curl -X GET \
  "https://your-site.com/wp-json/recruiting/v1/jobs?api_key=rp_live_abc123..."

Header-based authentication is recommended for production use. Query parameters may be logged by proxies and web servers.

API Key Management (Pro)

Generate and manage API keys under Plugin Settings → API in the WordPress admin.

Each API key supports fine-grained permissions:

Key prefixes

Test keys work identically to live keys but are visually distinguished in the admin UI for easier management.

Required Permissions

Different endpoints require different permission levels:

Requests without sufficient permissions return a 403 Forbidden response.