1. Greenhouse Support
  2. All Recruiting topics
  3. Integrations
  4. Other integrations

Persona integration

Persona’s integration with Greenhouse Recruiting allows users to connect recruiting activity in Greenhouse with identity workflows in Persona. Persona is a global identity verification company that helps individuals and businesses verify their identity. This integration is commonly used by recruiting operations, talent, and compliance teams to trigger identity verification at key points in the hiring process—such as when an offer is sent or when a candidate reaches a specific interview stage—while keeping candidate records up to date in Greenhouse.

In this article

Configure the Persona integration

This section walks through how to authenticate Persona with Greenhouse and (optionally) configure Greenhouse webhooks so Persona workflows can trigger from Greenhouse events.

Prerequisites

Before configuring the integration, ensure that you have:

  • Site Admin access in Greenhouse Recruiting
  • Permission to create API credentials and webhooks in Greenhouse
  • Admin access to the Persona Dashboard

Authenticate Greenhouse in Persona 

Persona uses an OAuth 2.0 authorization code flow to securely connect to your Greenhouse account.

  1. In the Persona Dashboard, navigate to Integrations > Marketplace.

  1. Select Greenhouse.
  2. Click Add Credential.

  1. Enter a Nickname for Credential to help identify this connection.
  2. Click Continue to launch the Greenhouse OAuth window.
  3. Enter your Greenhouse email address and click Log in to Greenhouse.
  4. When prompted, click Authorize to grant Persona access to your Greenhouse account.

Once authorization is complete, the credential will appear as active in the Persona Dashboard. 

Note: Persona only accesses the Greenhouse data required to support the workflow actions you configure. Permissions are scoped to the integration.

(Optional) Configure Greenhouse webhooks

If you want Persona workflows to trigger automatically based on Greenhouse events (for example, when an offer is updated or a candidate moves stages), you must configure webhooks in Greenhouse.

Create a webhook in Persona

  1. In the Persona Dashboard, navigate to Integrations > Marketplace > Greenhouse.
  2. Click Add Webhook.
  3. Generate a Secret Key.
    • This key is used to cryptographically sign webhook payloads sent from Greenhouse to Persona.
    • Use a long, random string (for example:
      a7e4a56cf7c1cd80cb1c735c72bab2aa75d06fe08b8c50a18cf6afbcfe834122)
  4. Copy the Webhook URL and Secret Key shown in Persona.

Create a webhook in Greenhouse

To integrate Persona with Greenhouse Recruiting, you’ll need to create a webhook. Follow the steps in this article to create your webhook. Use the values listed below to configure the webhook:

Offer updated

  • Name: A descriptive name for your integration. Most customers choose ‘Persona integration’
  • When: Offer updated 
  • Endpoint URL: The Endpoint URL provided by Persona
  • Secret Key: The Secret Key provided by Persona

Candidate has changed stage

  • Name: A descriptive name for your integration. Most customers choose ‘Persona integration’
  • When: Candidate stage change
  • Endpoint URL: The Endpoint URL provided by Persona
  • Secret Key: The Secret Key provided by Persona

Register the webhook in Greenhouse

  1. In Greenhouse, click Configure in the top-right corner.
  2. Navigate to Dev Center.
  3. Select Webhooks > Webhooks.

  1. Paste the Persona Webhook URL and Secret Key into the corresponding fields.
  2. Choose the appropriate webhook event, such as:
    • Offer updated
    • Candidate stage change
  3. Save the webhook.



 

If configured correctly, you should see a ping event appear in Persona’s Greenhouse integration logs.

Data access and write-backs

As part of this integration, Persona may:

  • Read data from Greenhouse, including:
    • Candidate records
    • Application records
    • Rejection reasons
  • Write data back to Greenhouse, including:
    • Candidate tags
    • Custom candidate fields (for example, verification status)
    • Application rejections (with rejection reason IDs)

Any fields updated in Greenhouse are explicitly configured within Persona workflows and are determined by the user’s preferences.

Use the Persona integration

Once the integration is enabled, you can use Greenhouse data and events inside Persona workflows to automate identity verification and candidate updates.

Using Greenhouse actions in a Persona workflow

  1. Open an existing workflow or create a new workflow in Persona.

  1. Add a new Action step and select Integrations.
  2. Choose Greenhouse and select your authenticated Greenhouse credential.
  3. Configure the action using inputs such as:
    • Candidate ID
    • Application ID
    • Filters to locate the correct record
  4. Save and publish the workflow.

Triggering workflows from Greenhouse events

If you’ve configured Greenhouse webhooks, you can start Persona workflows automatically from Greenhouse activity.

  1. Create a workflow in Persona.
  2. Select External Integration Log Created as the trigger.
  3. Choose Greenhouse as the integration.
  4. Select an Operation Type, such as:
    • Offer updated
    • Candidate stage change

  1. Use data from the webhook payload (such as application_id or candidate_id) in subsequent workflow steps.

Common scenarios

Example: Trigger identity verification when an offer is sent

  1. Greenhouse sends an Offer updated webhook when an offer is created or sent.
  2. Persona workflow is triggered by the webhook.
  3. Persona:
    • Looks up the related application
    • Retrieves the associated candidate
    • Sends a Persona Inquiry link to the candidate
  4. After verification, Persona updates the candidate record in Greenhouse with the verification outcome. By default, Persona uses the following status values, but these can be customized depending on your preferences.
    • Created – the verification request has been sent to the candidate
    • Pending – the candidate has started the verification process and submitted at least one attempt
    • Completed – the candidate successfully passed all required verification steps and reached the success screen
    • Failed – the candidate did not pass verification and has exhausted all allowed attempts
    • Expired – the verification window has expired without completion (default 24 hours)

FAQs

Which Greenhouse webhook events are supported?

Persona supports Greenhouse webhook events for Offer updated and Candidate stage change. Greenhouse may also send a ping event to verify webhook connectivity.

What Greenhouse data can Persona access?

Persona can retrieve candidate and application records, including IDs, status and stage information, timestamps, and configured metadata. Available fields depend on your Greenhouse configuration and the permissions granted during OAuth authorization.

How does Persona encrypt and store data collected from end users?

Persona encrypts sensitive data at rest using AES-256 encryption and industry standard tokenization and hashing. Each data element is encrypted using an AES-256 cipher with a unique initialization vector and an encryption key that is rotated on a regular basis. All data in transit through the Persona web application uses Hypertext Transfer Protocol Secure (HTTPS) forced using TLS 1.2 or higher to ensure confidentiality of web sessions.

Our database and technical infrastructure are hosted within SOC 2 and ISO accredited data centers. Physical security controls at our data centers include 24/7 monitoring, cameras, visitor logs, and entry requirements.

How does Persona ensure that sensitive data is protected?

Access to production systems and sensitive data is restricted on an explicit need-to-know basis, utilizes the principle of least privilege, and is monitored and audited on a scheduled cadence. Employees accessing production systems are required to use multiple factors of authentication, VPN enforced via IP whitelisting through firewall, and valid SSH keys that are access-controlled by IAM.

We maintain a documented vulnerability management program which includes third-party independent penetration testing, periodic scans, identification, and remediation of security vulnerabilities on servers, workstations, network equipment, and applications. All networks, including test and production environments are regularly scanned. Access to production systems is audit logged. Critical patches are applied to servers on a priority basis and as appropriate for all other patches.

Persona's information security management system (ISMS) outlines rigorous policies and procedures for creating, handling, storing, retaining, and securing data. We process all subject access and deletion data requests in 72 hours and have an incident response plan that has been reviewed and tested to prepare appropriate remediation and notification for any security incidents like data breaches.

Additional resources

For additional information not covered here, reach out to support@withpersona.com or https://support.withpersona.com