Authentication

Authentication to our API can be done with the following methods.

API keys

Send your API key in the header of your http request:

Authorization: Bearer YOUR-TOKEN

Types of API keys

API keys can be created for each user role.

The type of the API keys is clear from their prefix, e.g.:

pera_hr_admin_
pera_hr_manager_
pera_hr_recruiter_
pera_js_user_

You can only create one API keys per role.

API keys have an expire time set at creation. The maximum lifetime is one year.

Accessing the API as a respondent

If your API request is on behalf of a respondent (e.g. as a job seeker sending data to be assessed), use an API key created with the Respondent user role (prefix pera_js_user_) and send the user-id in a header field:

X-Pera-On-Behalf-Of: <user-id>

Respondent API calls must:

contain the user-id be in the header
be for a user that exists in the the Pera system and be linked to your account, e.g. was created by your account.

Username and password

If the respondent is using the Pera apps, authentication is cookie based and the user logs in via a One Time Password (OTP) in the form of a six digit code sent via email/SMS or username + password.

OAuth

Coming soon...tbc

API keys​

Types of API keys​

Accessing the API as a respondent​

Username and password​

OAuth​

API keys

Types of API keys

Accessing the API as a respondent

Username and password

OAuth