Greenhouse Recruiting's Harvest API allows organizations to grant internal developers and third-party integrations access to data such as jobs, candidates, interviews, and offers.
Access to Harvest API is controlled through API credentials. Site Admins can assign permissions to specific endpoints or scopes, limit usage to trusted IP addresses, and revoke/re-enable credentials as needed.
Note: For technical instructions on authentication, queries, and available data, refer to the developer documentation for your API version:
Create new Harvest API credentials
To create a new Harvest API credential, click the Configure icon on your navigation bar, then click Dev Center on the left.
Click API Credential Management.
Click Create new API credentials.
Make the following selections:
- API type: Choose Harvest or Harvest v3 (OAuth)
- Partner: Select the name of the integration that requested the API credential. If the integration isn't listed, select unlisted vendor. If you're creating a custom integration, select custom.
- Description: Give your API key a descriptive name.
When finished, click Manage permissions or View and store credentials (depending on which Harvest version you chose.)
After the the credential is created, click Copy, and paste the credentials in a secure location to provide to the integration later.
Click I have stored the client credentials.
Note:
- For Harvest v1/v2, the API key is shown only once and can't be viewed again after clicking I have stored the API key.
- For Harvest v3, the client secret is shown only once. The client key remains visible.
On the next screen, confirm or assign the required permissions (see sections below for more information). Click Save to complete setup.
Update an existing Harvest API credential
To update a credential, use the same steps above from creating an API key (Configure > Dev Center > API Credential Management).
Hover over the credential you want to update and click Edit (pencil icon).
Note: Changing the permissions of an active API credential may affect any integrations that rely on it. To avoid disruptions, confirm required access with your development team or integration partner before making updates.
For security, share API keys or client credentials using a secure transfer method. Avoid sending them in plaintext emails.
Restrict IP access
Now in the Edit view of your credential, you can limit which IP addresses can use this credential by checking the Restrict access to specific IP addresses option.
Enter trusted IP addresses or CIDR (Classless Inter-Domain Routing) ranges (e.g., 203.0.113.0/24) into the IP addresses allowed to access this credential text area.
Only requests originating from the listed IPs will be allowed.
When finished, click Save.
Manage permissions or scopes
From within the same Edit view, there will be a Manage permissions or Manage scopes section where you can expand the available sections to select individual API endpoints and OAuth scopes.
We recommend granting access only to the endpoints or scopes the integration requires. Work with your development or integration partner to determine what’s needed.
Click Save when finished.
Revoke and re-enable a Harvest API credential
To revoke a credential and remove its access, go to API Credential Management once more.
Locate and hover over the credential you wish to revoke, click the Revoke icon .
Note: Revoking an API key immediately removes access to the key for all users and integrations. Double-check that the API key you're revoking is the correct key.
Click OK to revoke the Harvest API key.
You can re-enable the credential later if needed.
To do so, locate and hover over the credential you wish to revoke and click the Re-enable icon .
Click OK to re-enable the Harvest API key.