Authentication

The Candidate Import API uses Bearer token authentication. You generate your credentials in the Teamio UI, exchange them for an access token, and include that token in every API request.

Step 1: Generate your credentials

In the Teamio application, navigate to Settings → Integrations → Candidate Import and generate your credentials:

Click Generate new access in the Testing section to create Sandbox credentials
Click Generate new access in the Production section to create Live credentials

The Client Secret is shown only once immediately after generation. Copy and store it securely — it cannot be retrieved later. If you lose it, generate a new one.

Each environment (Sandbox/Testing and Production/Live) has its own separate Client ID and Client Secret.

Step 2: Obtain a Bearer token

Exchange your Client ID and Client Secret for an access token using the token endpoint.

The Client Secret must be Base64 URL-encoded before sending. Most HTTP clients and programming languages have a built-in function for this.

POST /api/v1/auth/token


curl --request POST \
  --url 'https://integrations-api.teamio.almacareer.net/api/v1/auth/token' \
  --header 'Content-Type: application/json' \
  --data '{
    "username": "<YOUR_CLIENT_ID>",
    "password": "<YOUR_CLIENT_SECRET_BASE64URL_ENCODED>"
  }'

Response:


{
  "accessToken": "eyJraWQiOiJ...",
  "expiresAt": "2026-03-04T11:00:00Z",
  "tokenType": "Bearer"
}

The token is valid until expiresAt. Request a new token before it expires.

Step 3: Use the Bearer token

Include the token in the Authorization header of every API request:


Authorization: Bearer <accessToken>

Example request:


curl --request POST \
  --url 'https://integrations-api.teamio.almacareer.net/api/v1/candidate-reactions' \
  --header 'Authorization: Bearer eyJraWQiOiJ...' \
  --header 'Content-Type: application/json' \
  --data '{ ... }'