API - Auto-LogOn-URL

Owned by Sebastian Schubert (Unlicensed)
Last updated: Jun 27, 2016 by Bernhard Wolkerstorfer (Unlicensed)
1 min read

The Auto-LogOn-URL is provided to applicants (on the applicant portal) and contacts (on the customer portal) to automatically log in at their portal. The Auto-LogOn-URL can be used in several mail templates in the eRecruiter web-application and is automatically generated within the eRecruiter backend as URL.

Structure of Auto-LogOn-URL for all portals
{portalUrl}/Home/LogOn/{userId}?key={generatedLogonKey}
  • portalUrl: The base-URL of the portal (applicant or customer portal)
  • userId: ID of the user who shall be authenticated
  • generatedLogonKey: logon key generated from user's hashed password and the expiration date of the logon key

The generated logon key of the Auto-LogOn-URL is valid for the current ongoing and the upcoming month since its generation. The key becomes invalid if the username or password of the applicant or contact changes since the LogOn-Keys are not saved but generated on each request.

To authenticate applicants through the API on a portal, there is one API endpoint:

Check if an applicant has a valid Auto-LogOn-URL
GET Api/Applicant/{applicantId}?token={token}
  • applicantId: ID of requested applicant (number), userId from the Auto-LogOn-URL
  • token: generated logon key from the Auto-LogOn-URL

Call the API endpoint using the userId and generated Logon-Key to retrieve an existing applicant. If an applicant is returned, the token is validated as valid and you can authenticate them in your applicant portal.