Skip to main content

Loxo's Open API

Create a custom integration to retrieve information in your database using Loxo's API

Loxo has built an Open API to make all sorts of interactions easier. Whether that means job listings on your website, custom reporting, VOIP services, user analytics, data cleanup, contact validation, or any other use case, Loxo is committed to making access to your data simple and easy.

It also supports seamless integration with tools like Zapier, enabling businesses to streamline and automate workflows efficiently.

Loxo's Open API can also be used for integrations that you don't see listed under our Settings > Integrations page in-app. If you have a provider who is interested in integrating their platform with Loxo or if you'd like to give a developer access to your Loxo account to help with setting up a custom integration, they will need to join our Developer Program. Please reach out to Loxo Support for more information on this!

Note: Access to our Open API is a paid feature. If you do not have an active subscription with us, please schedule a demo to learn more!

API Keys (Bearer Tokens)

API Documentation

Common Endpoint Use Cases

Webhooks

API Keys (Bearer Tokens)

These tokens can be created and managed by navigating to the Settings > API Keys page in your Loxo account. If you do not see the API Keys option available, please reach out to Loxo Support to request the feature be enabled for your account.

Note: Only account admins can access this page.

​API Documentation

Our ReadMe documentation can be found here: https://loxo.readme.io/reference/loxo-api

All endpoints are formed using the Agency Domain & Agency Slug, and use bearer token authentication in the header. Contact Loxo Support for assistance in generating these items. For example, the URL format for job endpoints is: https://{domain}/api/{agency_slug}/jobs/{id}.

Common Endpoint Use Cases

Below are some of our more commonly used endpoints along with a brief description of its use case. Each endpoint is preceded by: https://{domain}/api/{agency_slug}

  • /activity_types

    • GET a list of Progression Triggers in the account's workflows

  • /companies

    • GET a list of Companies Supports query parameters to search by keyword

    • POST a new Company

  • /companies/{id}

    • GET specific details about a Company

    • PUT new details about a Company

  • /countries

    • GET a list of Countries & country_id(s) Supports query parameters to search by keyword

  • /countries/{country_id}/states

    • GET a list of States & state_id(s) Supports query parameters to search by keyword

  • /countries/{country_id}/states/{state_id}/cities

    • GET a list of Cities & city_id(s)

  • /dynamic_fields

    • GET a list of Dynamic Fields, their item_type(s), and their field_type(s)

  • /job_categories

    • GET a list of Job Tags

  • /jobs

    • GET a list of Jobs Supports query parameters to search by keyword

    • POST a new Job When posting a job, mandatory fields must be provided, such as valid job type ID, existing company assignment, and salary details using job[salary]. Missing fields may result in "Invalid parameters" errors. Use /compensation_types endpoint to verify valid salary types.

  • /jobs/{id}

    • GET specific details about a Job

  • /jobs/{job_id}/apply

    • POST a new candidate for a specific Job Requires Name, Email, and Phone fields as well as a Resume file To prevent unwanted errors, verify all required fields and use the related /compensation_types endpoint to check for valid values.

  • /people

    • GET a list of people
      Supports query parameters to search by keyword

    • POST a new Person

  • /people/{id}

    • GET specific details about a Person

    • PUT new details about a Person

  • /webhooks

    • GET a list of webhooks

    • POST a new webhook Requires item_type, action, and endpoint_url

  • /compensation_types

    • GET a list of valid salary types and their IDs

  • /webhooks/{id}

    • GET specific details about a webhook

    • PUT new details about a webhook

    • DELETE an existing webhook

Note: Profiles obtained from Loxo Source contain proprietary data and as such are limited to only person_name, person_id, and custom_field results. As always, data that users bring into their database is always theirs to retrieve.

Webhooks

A common use of integration with our Open API is to know when a field is updated in the database. Rather than sending a request for information periodically to see whether the information is different than previous (i.e. polling), we offer webhooks.

Webhook item_type is limited to:

  • candidate

  • company

  • deal

  • job

  • person_education_profile

  • person_event

  • person_job_profile

  • person

  • placement_split

  • placement

Webhook action is limited to:

  • create

  • update

  • destroy

Troubleshooting Common 403 Forbidden Errors

Common Causes of 403 Forbidden Errors

1. Incorrect or Missing API Key

A 403 Forbidden error often occurs if the API key being used is invalid, incorrect, or absent. To avoid this issue:

  • Verify that you are using the correct and valid API key associated with your Loxo account.

  • Ensure the API key is included in the authorization header of your request.

2. Usage of Unsupported Endpoints

Some endpoints, such as /api/v1/people and /api/v1/jobs, are not part of the Loxo Open API. Attempting to call these endpoints will result in a 403 error.

  • Refer to the official Loxo Open API documentation to identify and use only supported endpoints.

  • Update your integration to align with the API reference.

3. Extra Spaces in Parameters (Slug Formatting)

Erroneous formatting, such as extra spaces in the slug parameter, can lead to a 403 error. To resolve this:

  • Remove any leading or trailing spaces in the URL or parameters.

  • Carefully copy and paste values to ensure proper formatting.

  • When correctly formatted, a valid result or a "zero results found" response will be returned instead of a 403 error.

4. Authentication Issues (Bearer Token)

Authentication issues, such as an invalid or expired API key (used as a Bearer token), can also trigger this error. To avoid authentication-related 403 errors:

  1. Use a properly authenticated GET request, ensuring the headers contain:

    • accept: application/json

    • authorization: Bearer [API_KEY]

  2. Consider generating a new API key and replacing the existing one in your integration.

Example cURL Request:

curl --request GET \
  --url [JOB_CATEGORIES_API_ENDPOINT] \
  --header "accept: application/json" \
  --header "authorization: Bearer [API_KEY]"

Step-by-Step Troubleshooting Guide

Follow these steps to troubleshoot the 403 Forbidden error:

  1. Verify API Key: Ensure that the correct API key is used in the request.

  2. Check Endpoint Compatibility: Confirm that the requested endpoint is supported by the Loxo Open API.

  3. Inspect URL Parameters: Remove any extra spaces or incorrect formatting in the slug or other parameters.

  4. Ensure Proper Authentication: Use the correct API key as a Bearer token in your request header. If necessary, generate a new API key.

  5. Refer to Documentation: Consult the official Loxo API reference for details on supported endpoints and request structures.

Additional Tips

  • Always validate the API key and endpoint before initiating requests.

  • Avoid copy-pasting mistakes that can add spaces or incorrect characters to your parameters.

  • Use tools like cURL or Postman for testing and debugging your API requests.

By methodically checking each of the above factors, you can identify and resolve the root cause of 403 Forbidden errors in the Loxo API.

Did this answer your question?