Hunty's API supports two authentication mechanisms. All requests must include at least one.
Used for requests made on behalf of an authenticated user session.
Include the token in the Authorization header:
Authorization: Bearer <your_jwt_token>Used for server-to-server integrations. The API key is tied to a specific company and grants access to the endpoints explicitly approved during the request process.
Include the key in the x-auth-api-key header:
x-auth-api-key: <your_api_key>API keys are subject to a rate limit of 25 requests per minute. Exceeding this limit returns an HTTP 429 Too Many Requests response. See the Rate Limits page for guidance on handling this.
To request an API Key for your company, send an email with the following details:
To: comite-seguridad@hunty.com CC: santiago@hunty.com, enzo.garcia@hunty.com Subject: Solicitud API Key - <companyId>
Body must include:
- Company and responsible contact — company name, full name, role, and email of the person responsible for the integration.
- List of endpoints — for each endpoint your integration needs access to, include:
- The endpoint path and HTTP method (e.g.,
GET /v2/vacancies/company/{companyId}) - A brief justification of the use case
- The endpoint path and HTTP method (e.g.,
Example email body:
Hi,
We would like to request an API Key for the following company:
Company: Acme Corp
Responsible contact: Jane Doe, Integration Lead — jane.doe@acmecorp.com
Endpoints requested:
1. GET /v2/vacancies/company/{companyId}
Use case: Retrieve the list of active vacancies for our company to sync with our internal ATS.
2. POST /v2/vacancies/{vacancyId}/applications
Use case: Submit candidate applications directly from our recruitment platform.
Thank you.