Skip to content

Candidate Submission API

Where to find it
Administration → Integrations → Candidate Submission API
Who can use it
Administrators with integrations access

The Candidate Submission API lets an external integration partner submit a candidate and their application to one of your jobs in a single API call — the candidate, their resume, and the application are all created at once, without chaining several requests. This is how a partner job board, a third-party career site, or a job aggregator can route applications straight into your Nextal account.

You stay in control: the capability is off by default, and only the sources you explicitly authorize can submit. A source is an integration key you hand to your partner; any submission from an unknown or unauthorized source is rejected.

What it does

  • Lets an approved partner create a candidate and a job application in a single API call.
  • Restricts submissions to only the allowed sources you list — every other source is refused.
  • Stays off by default; nothing is accepted until you enable it and add at least one source.
  • Source matching is case-insensitive (partner and Partner are treated the same).

Prerequisites

  • Administrator access to integrations.
  • A source key agreed with your integration partner. You choose it (for example partner or acme-jobs) and share it with the partner — it is the identifier they use to submit to your account.
  • The partner needs the API contract (from the developer portal) to build their submissions.

How to activate

  1. Go to Administration → Integrations and find the Candidate Submission API card.
  2. Click Edit to open the configuration panel.
  3. Turn on the Activate toggle.
  4. Under Allowed sources, add at least one source key (see below).
  5. Click Save. The configuration is stored immediately — there is no separate publish step.

Managing allowed sources

The Allowed sources list decides exactly who can submit candidates to your account.

  • Add a source — type the source key into the add field (for example partner), then click Add source (or press Enter). Each source appears on its own row.
  • Edit a source — adjust the text directly in the row’s input field.
  • Remove a source — click the delete icon at the end of the row. The matching partner can no longer submit once you save.

Each source key must have been provisioned to your partner beforehand: it is exactly the segment the partner supplies in their request. Only sources present in this list are allowed; a submission from a source that isn’t listed is rejected.

Settings

SettingDescription
ActivateMaster toggle for the capability. When off, no API submissions are accepted, regardless of the sources listed.
Allowed sourcesThe list of source keys allowed to submit candidates to your account. Add as many as you need; remove any that should no longer submit. Matching is case-insensitive.

Tips

  • Enabling with no sources accepts nothing. If you turn the capability on but leave the list empty, no partner can submit. Add at least one source for submissions to work.
  • Use one source key per partner. Giving each partner its own key lets you revoke one partner’s access without affecting the others — just remove their source from the list.
  • Removing a source cuts access immediately. As soon as you save, any submission from that source is rejected. This is the fastest way to suspend a partner.
  • Treat source keys like credentials. Share a key only with the partner it belongs to, and choose a hard-to-guess value when access is sensitive.
  • Disabling the capability suspends all submissions. The source list is preserved; turning the capability back on restores access for every listed source.