Skip to main content
Unlisted page
This page is unlisted. Search engines will not index it, and only users having a direct link can access it.

Greenhouse

Authentication & Authorization

Credentials

  • Greenhouse connects via basic authentication using Harvest API Key as username and blank password.

  • Harvest API Key can be obtained in Greenhouse Dashboard (see DataGrail Help Docs).

  • Publicly exposing your API credentials can allow unauthorized access to the Greenhouse API endpoints, and your Greenhouse data by a third party. DataGrail stores your API credentials encrypted and protected.

Permissions

DataGrail integration requires the next permissions for the API Key:

  • Get: List Users

  • Get: List Candidates

  • Delete: Delete Candidate

  • Patch: Edit Candidate

Base URL

Base URL consists of the Domain and API version:

  • https://{DOMAIN}/{API_VERSION}
Example of BASE URL:

Endpoints Utilized

DataGrail uses the following endpoint to validate that credentials are good based on a successful response:

DataGrail does not use this endpoint for any other purpose nor uses any of the data returned.

Version

Greenhouse integration currently supports version 1 (v1).

Limits

DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

Access

For an access request, DataGrail will take the following actions:

  • Search an organization’s candidates whose email matches the email from the Data Subject provided in the request.

  • Save found candidate data in “candidate_records” and extract candidate's “applications” to the separate “apps_records” collection.

  • For all objects found, DataGrail will return all available fields. You can edit which objects and fields you want to provide to the Data Subject via our Portal Requests.

Endpoints Utilized

Deletion

DataGrail supports 2 modes of the deletion requests: deletion (by default) and anonymization. DataGrail Support switches deletion mode by the customer request.

For a deletion request in the deletion mode, DataGrail will take the following actions:

For a deletion request in the anonymization mode, DataGrail will take the following actions:

  • Update a candidate by its id with the next anonymization rules:

    • Replace "addresses", "company", "custom_fields", "email_addresses", "phone_numbers", "social_media_addresses", "tags", "title", "website_addresses" fields values with blank.

    • Replace “first_name” and “last_name” with the random anonymous string.

Endpoints Utilized

 

Need help?
If you have any questions, please reach out to your dedicated CSM or contact us at support@datagrail.io.

Disclaimer: The information contained in this message does not constitute as legal advice. We would advise seeking professional counsel before acting on or interpreting any material.