Skip to main content

Truffle API

Create and manage API keys to connect your tools and automate your hiring workflow.

Updated over a month ago

Truffle's API lets you integrate your hiring process with your existing tools and systems. Connect your CRM, build custom dashboards, automate candidate syncing, or create custom integrations that fit your workflow.

This article explains how to request API access, create API keys, set permissions, and keep your keys secure.

Check out the API documentation here

Who can use the API

The Truffle API is available exclusively for paid accounts.

Requirements

To access the API, you need:

  1. An active paid Truffle subscription.

  2. API access approval from Truffle.

Request API access

  1. Go to Company Settings in your Truffle account.

  2. Click Integrations in the sidebar.

  3. Click Request API Access.

  4. Submit your request.

The Truffle team will review your request and enable API access for your account. Once approved, you can create and manage API keys.

Note: Don't have a paid account yet? Upgrade your plan to unlock API access and other advanced features.

Create an API key

Once API access is enabled, you can create your first API key.

  1. Go to Company Settings and click API & Integrations.

  2. Click Create API Key.

  3. Enter a descriptive name for your key (example: "Zapier Integration" or "CRM Sync").

  4. (Optional) Add a description to help your team understand what this key is for.

  5. Select the permission level for your key (Read, Write, or Admin).

  6. Click Create to generate your key.

Important: Copy your API key immediately after creation. You won't be able to see it again. If you lose the key, you'll need to regenerate it.

API key permissions

Choose the right permission level based on what your integration needs to do.

Read access

Use Read access for:

  • Pulling candidate data into your CRM

  • Creating custom reports and dashboards

  • Syncing hiring data with other tools

  • Viewing job postings and screening results

Write access

Write access includes everything in Read access, plus:

  • Adding new candidates directly to Truffle

  • Updating candidate information

  • Sending interview invitations

  • Creating new job postings

Admin access

Admin access includes everything in Read and Write access, plus:

  • Managing webhooks

  • Accessing account settings

  • Full integration capabilities

Tip: Always use the minimum permissions needed for your specific use case. This improves security and makes keys easier to manage.

Keep API keys secure

Treat your API keys like passwords. They provide direct access to your hiring data.

Best practices

  • Store API keys in secure environment variables, not in your code.

  • Use different keys for different integrations so you can revoke one without affecting others.

  • Regenerate keys immediately if you suspect they've been compromised.

  • Keep keys out of public repositories and client-side code.

  • Never share API keys in public spaces like GitHub, forums, or documentation.

  • Don't include keys in screenshots or shared documents.

Regenerate a key

If you need to regenerate a compromised key:

  1. Go to Company Settings and click API & Integrations.

  2. Find the key you want to regenerate.

  3. Click Regenerate.

  4. Update your integration with the new key.

The old key will stop working immediately after regeneration.

Did this answer your question?