Greenhouse Recruiting's Harvest API allows you to grant internal developers and third-party partners access to your jobs, candidates, interviews, and other data via API. An individual can access this data only with a valid Harvest API key and the appropriate permissions assigned to the key.
Managing permissions using a Harvest API key allows you to permit or deny access to each Harvest endpoint individually, so you can have more control over what data a developer or third-party partner can access from your Greenhouse Recruiting account.
Note: For more technical instructions on authentication, queries, and the data available with Harvest API, check out our Developer Resources.
Create a new Harvest API key
To create a new Harvest API key, click the Configure icon on your navigation bar, then click Dev Center on the left.
Click API Credential Management.
Click Create New API key.
Make the following selections:
- API Type: Harvest
- Partner: Select the integration that requested the Harvest API key. If your integration isn't listed, select unlisted vendor. If you're creating a custom integration, select custom integration.
- Description: Enter a descriptive name for your API key, such as "HRIS Link integration key."
When finished, click Manage Permissions to generate the Harvest API key.
If you selected an integration in the Partner dropdown, the appropriate permissions will be automatically assigned to the API key. If an integration wasn't selected, you can assign permissions to the key in the next step.
Click Copy to save your API key to your clipboard, then store the API key in a secure location.
Click I have stored the API Key once you have copied and saved the key.
Note: You can't access the full Harvest API key again after clicking I have stored the API Key. If you lose your API key and need to access it later, you must create a new API key, provide it to the integration, and then revoke access to the original key.
On the next page, confirm the correct permissions are assigned to your new API key, or assign the permissions yourself by clicking the appropriate checkboxes.
We recommend granting each key only the exact access it requires. You may need to work with your internal development team or the integration to determine which endpoints you should select.
When finished, click Save.
Provide your API key to your internal development team or the integration team as appropriate.
Update an existing Harvest API key
Note: Making changes to the permissions of an API key that is in use may impact internal or third-party tools that rely on data called from the API. To avoid potential service disruptions, check with your development team or integration before making changes to a key's permissions.
For security, we highly recommend sending API keys using a public key or other secure messaging service, rather than copying keys to plaintext emails.
To update an existing Harvest API key, click the Configure icon on your navigation bar, then click Dev Center on the left.
Click API Credential Management.
Hover over the API key and click the Edit icon .
Next, make any permission or configuration edits, such as changing the name of the key in the Description field, or adjusting the key's permissions by adding or removing permissions from the Manage permissions section.
When finished, click Save.
Revoke a Harvest API key
To deactivate a Harvest API Key and revoke its access from all individuals with the key, click the Configure icon on your navigation bar, then click Dev Center on the left.
Locate the key you wish to revoke. Hover your mouse over the key and click the Revoke icon beside the key.
Note: Revoking an API key immediately removes access to the key for all users and integrations. Double-check that the API key you're revoking is the correct key.
Click OK to revoke the Harvest API key.
You can re-enable the key later if needed.
Re-enable a Harvest API key
To re-enable a deactivated Harvest API key, hover your mouse over the key and click the Re-enable icon 
beside the key name.
Click OK to re-enable the Harvest API key.