Applications API
The Applications API (also known as the ATS API) is designed for server-to-server integrations. It provides full access to manage candidates, applications, jobs, and webhooks.
Server-Side Only: This API should NOT be called from client-side code. API tokens for this API have elevated permissions and must be kept secure on your server.
Key Characteristics
| Feature | Description |
|---|---|
| Server-to-server | Must be called from your backend |
| Full access | Read and write operations |
| Webhook management | Create and manage webhooks |
| Sensitive data | Access to candidate information |
Use Cases
- HRIS integrations — Sync candidates with your HR systems
- Workflow automation — Trigger actions based on recruiting events
- Custom reporting — Build analytics dashboards
- Webhook management — Configure event subscriptions
Server-Side Example
Call the Applications API from your backend:
// Node.js server-side example
const token = process.env.KULA_API_TOKEN; // Keep token secure
async function getCandidates() {
const response = await fetch(
'https://api.kula.ai/v1/candidates',
{
headers: {
'Authorization': `Bearer ${token}`,
'Content-Type': 'application/json'
}
}
);
return response.json();
}
Available Endpoints
| Endpoint | Description |
|---|---|
GET /candidates | List candidates |
GET /candidates/{id} | Get candidate details |
GET /applications | List applications |
GET /jobs | List jobs |
POST /webhooks | Create webhook |
GET /webhooks | List webhooks |
Token Scope
Use a token with ats_api scope for this API. This scope provides full access and should only be used in secure server environments.
Security Best Practices
- Store tokens in environment variables
- Never expose tokens in client-side code
- Use HTTPS for all API calls
- Rotate tokens periodically
- Monitor API usage for anomalies
Next Steps
- Applications API Reference — Complete endpoint documentation
- Webhooks Setup — Configure real-time notifications