SEEK uses OAuth 2.0 access tokens to authenticate access to the SEEK API.
You are provided with client credentials which are exchanged for an expiring partner token. Partner tokens can be exchanged again for a restricted browser token to use from a hirer’s browser.
Your OAuth 2.0 client credentials authenticate your organisation to SEEK. They grant full access to the data of your authorised SEEK hirers and their candidates.
You may issue your credentials on the Developer Dashboard’s credentials page . You may also rotate your credentials there if they are lost or compromised.
Store your client credentials securely in a system such as AWS Secrets Manager or an encrypted local filesystem. Never send your unencrypted credentials over an insecure channel such as email or Slack.
The SEEK API issues two types of access tokens depending on the calling system:
- Browser tokens allow you to query the SEEK API directly from a hirer’s browser or mobile app. A browser token is scoped to a SEEK hirer and a set of actions that can be performed on the hirer’s behalf.
The SEEK API authorises operations based on a set of relationships between you and your SEEK hirers. Each use case requires a corresponding relationship to allow you to act on behalf of the hirer. SEEK’s support team must explicitly configure these relationships as part of onboarding a SEEK hirer to your software.