Identity of candidate in call to /actions/byCandidate/me/jobs/{job}/byName/{action}/byApp



When processing inbound calls to /actions/byCandidate/me/jobs/{job}/byName/{action}/byApp how do I determine the identity of the candidate? The tazzy-saml header value does not seem to be present.

Am using Developer Careers if that has any relevance.




Hey Mike, check the very bottom of the programming guide, titled “Accessing details of signed in user”.


Hi Andrew. My problem is that there is no tazzy-saml in the headers.

I presume you would expect this to be present for a call to this API?



Unfortunately not.

At the moment, there are 2 different mechanisms for getting the saml key (once you have that you can get to the email, name, image etc.)

If you are a web page behind TAS SSO, its easy. You receive the tazzy-saml header, which is the saml key.

If you are producing an API, its more complex right now. As described at you need to:

  • grab the Authorization header
  • base64 unencode it
  • parse it into json

… and then you can access the saml key as a field on that json object. It’s more work,

We do have an enhancement planned to just pass the tazzy-saml header to you to make your life easier. That won’t be available for a while though.