Authentication
The Kula API uses Bearer token authentication. Include your token in the Authorization header of every request.
Token Format
Include your API token in the Authorization header:
Authorization: Bearer your_api_token_here
Getting Your Token
- Log in to your Kula dashboard
- Go to Settings → API Management
- Click Create API Key
- Enter an API key name (e.g., "Careers Page Integration")
- Choose API type:
- Job Boards — For career page integrations
- Application API — For system integrations
- Click Generate API key
- Copy and store the token securely
Making Requests
curl -X GET "https://api.kula.ai/v1/job-boards/job-posts" \
-H "Authorization: Bearer your_api_token_here" \
-H "Content-Type: application/json"
API Key Types
| Type | Scope | Use Case |
|---|---|---|
| Job Boards | Limited | Career page integrations, job listing widgets |
| Application API | Full access | System integrations, ATS workflows |
Best Practices
- Store tokens in environment variables
- Use different tokens for each environment
- Rotate tokens periodically
- Never commit tokens to version control
- Never expose Application Api token in client-side code
- Never share tokens between applications
Environment Variables
Store your token securely:
export KULA_API_TOKEN="your_api_token_here"
Then use it in your code:
const token = process.env.KULA_API_TOKEN;
Resetting Your Token
If your token is compromised:
- Go to Settings → API Management
- Find the compromised API key and click Revoke
- Create a new API key following the steps above
- Update all applications with the new token
Important: Revoking immediately invalidates the old token. Ensure you have the new token ready before updating your applications.
Error Responses
| Status | Code | Description |
|---|---|---|
| 401 | ERR_TOKEN_MISSING | No token provided |
| 401 | ERR_INVALID_TOKEN | Token is invalid or expired |
| 403 | ERR_FEATURE_NOT_ENABLED | API access not enabled |
Next Steps
- Quickstart — Make your first API call