Skip to main content
The Taptalent Partner API uses API keys to authenticate requests. API keys are scoped to your company and provide secure access to the Partner API endpoints.

API Key Format

API keys follow this format:
  • Production: sk_live_ followed by 22 base62 characters
  • Test/Staging: sk_test_ followed by 22 base62 characters
Example: sk_live_AbCdEfGhIjKlMnOpQrStUv

Authentication Method

All API requests must include your API key in the Authorization header using Bearer token authentication: 
Authorization: Bearer sk_live_AbCdEfGhIjKlMnOpQrStUv

Generating API Keys

API keys are generated through the TapTalent dashboard:
  1. Log in to your Taptalent Dashboard
  2. Navigate to Account Settings > Developers > API Key Management
  3. Click Generate API Key
  4. Copy the API key immediately - it will only be shown once
API keys are sensitive credentials. Store them securely and never expose them in client-side code or public repositories. Treat them like passwords.

Request Format

Headers

All API requests must include:
  • Authorization: Bearer YOUR_API_KEY - Your API key
  • Content-Type: application/json - For POST/PUT requests

Example Request

curl -X GET "https://partner-api.taptalent.io/v1/partner/jobs/job-id" \
  -H "Authorization: Bearer sk_live_AbCdEfGhIjKlMnOpQrStUv" \
  -H "Content-Type: application/json"

API Key Management

API keys can only be created, regenerated, and managed through the TapTalent dashboard. The Partner API provides a read-only endpoint to check your API key status.
API key creation and management operations are not available via the Partner API. You must use the TapTalent dashboard to generate, regenerate, activate, or deactivate API keys.

API Key Status

You can activate or deactivate your API Key from Dashboard. Once deactivated, all API calls using that API key will be prohibited.

Security Best Practices

Store Keys Securely

  • Never commit API keys to version control
  • Use environment variables or secure secret management systems
  • Use different keys for different environments (dev, staging, production)

Rotate Keys Regularly

  • Change your API keys periodically for security
  • Regenerate keys if you suspect they’ve been compromised
  • Deactivate unused keys immediately

Monitor Usage

  • Regularly check your API usage in the dashboard
  • Set up alerts for unusual activity
  • Review access logs regularly

Environment Isolation

  • Use sk_test_ keys for development and testing
  • Use sk_live_ keys only in production
  • Never mix test and production keys

Error Responses

Invalid API Key

If you receive a 401 Unauthorized or 403 Forbidden error: 
{
  "message": "Invalid API key"
}
Common causes:
  • API key is incorrect or missing
  • API key has been revoked or deactivated
  • Using wrong Bearer token format

Inactive Subscription

If your subscription is inactive: 
{
  "code": "ACCOUNT_INACTIVE",
  "message": "Your subscription is inactive. Please renew your plan to continue using this feature."
}
Solution: Renew your TapTalent subscription to continue using the API.

API Key Not Found

When fetching API key status: 
{
  "message": "API key not found",
  "isApiKeyExists": false
}
Solution: Generate a new API key through the dashboard.

Troubleshooting

401 Unauthorized

  • Verify your API key is correct
  • Check that you’re using Bearer token format
  • Ensure the API key hasn’t been revoked
  • Verify the API key is active (status: ACTIVE)

403 Forbidden

  • Check your subscription status
  • Verify your API key is active
  • Ensure you have the necessary permissions

Key Not Working After Regeneration

  • Old API keys are immediately invalidated when regenerated
  • Update all applications using the old key
  • Verify the new key is active

Next Steps