2

We are creating an application for TBE, which will bring all the requisitions and candidate from the Taleo Business Edition via Taleo Web API, so I have two questions.

  1. Is there necessary to send client's user credentials to obtain sessionId?
  2. Isn't there a way where we can send partner credentials(username, password) and get sessionId of the client which will be used further to make API call?
Vardan Gupta
  • 3,505
  • 5
  • 31
  • 40
  • Can you clarify question 2? You can send the credentials of any user that is an administrator. I'm not sure what you mean by 'partner credentials'. – Nick Pearce Oct 14 '13 at 03:09
  • Partner Credentials means creating an application(Likewise we see for any social media site today) which has token/secret and let the Taleo user authenticate himself on that application and giving us his access token which may be utilized for any API call. – Vardan Gupta Oct 15 '13 at 11:59

1 Answers1

4

  1. The short answer is yes, you need to send credentials for an administrator to obtain an authToken. It's suggested that a new authToken be obtained for each 'transaction'. You need to make sure you logout by calling '/logout' after each transaction in order to release the slot back into the pool. You only get 20 concurrent connections.

  2. I'm not sure exactly what you mean by partner credentials. I suggest you create a separate user called something like 'APIAccess' and use it exclusively for all API calls.

Nick Pearce
  • 720
  • 5
  • 14
  • Partner Credentials means creating an application(Likewise we see for any social media site today) which has token/secret and let the Taleo user authenticate himself on that application and giving us his access token which may be utilized for any API call. – Vardan Gupta Oct 15 '13 at 11:59
  • In that case, the partner credentials can be forwarded in the same way to retrieve an access token. However, the Taleo unit-of-work approach would seem to suggest that you login/logout for each transaction. This does not lend itself to a longer term token-based solution as you've seen with social media sites. Additionally, with the 20 connection pool limit, I would still think it advisable to design around a single user connection and handle any user-related logic or annotation yourself. – Nick Pearce Oct 21 '13 at 20:00
  • 1
    Been having trouble ending sessions. Logouts don't seem to occur. Trying to pass authToken cookie in logout request, but still not logging out. – doublejosh Jan 29 '15 at 21:11