API Reference
API Reference

Getting started

API access to your recruiting data

Need to display your positions in different ways, or to extract additional information from your Workable account? We provide you with an API that gives you full control over your data.

The Workable API can be used in the following ways:

Currently we do not support the following:

  • Creating and viewing candidates in the Talent pool

🚧

Notes

  • Workable does not support Cross-Origin Resource Sharing (CORS)
  • The resource IDs exposed in the API are not the same as in the application for non-disclosure reasons

Generate an API access token

This guide shows how to generate an API access token for your Workable account.

To start, open the drop-down menu on the top right of your screen and select “Integrations” or press here:

Now click on the “Generate new token” button:

Once you click the generate button, you’ll see the Generate API token form where you should specify the relevant scopes for your use case:

🚧

There are some scopes like the r_employees scope, grant access to confidential employee data.

🚧

It is imperative to securely store a copy of the token upon generation, as it will be displayed only a single time. In the event that the token is not securely stored, it is advisable to generate a new one.

For more information on selecting scopes please refer to this.

If you're using Mac OS X or Linux, test it on the spot just by typing the following command in your terminal window (remember to replace the ‘account subdomain’):

curl -H "Authorization:Bearer <ACCESS TOKEN>" 
     https://<account subdomain>.workable.com/spi/v3/jobs

You will also need the account subdomain which you can find in the company profile settings page:

❗️

Revoking The Access Token

Be aware that you can revoke this access token anytime, but if you decide to proceed, every script or application that accesses the Workable API through this token will stop functioning. To keep things running smoothly after revoking your current token, you will have to generate a new access token and update every script or application bound to the previous one.