Developers

The Spoon API & webhooks.

A read-only REST API and signed webhooks to connect Spoon to Zapier, n8n, Make or your own systems.

Built so it can't be misused

The API is read-only and never returns a candidate's name, email, phone or photo. Candidates are identified only by an anonymous profile id, exactly as in the recruiter UI. Contact details are only ever revealed through a paid in-app connect — never via the API or webhooks. Keys are scoped to your account.

Authentication

Create a key in Recruiter → API & webhooks and send it as a bearer token. Base URL https://spoonhire.com.

curl https://spoonhire.com/api/v1/jobs \
  -H "Authorization: Bearer spk_live_..."

Endpoints

GET/api/v1/meThe account your key belongs to (plan, credits).

GET/api/v1/jobsYour roles.

GET/api/v1/jobs/{id}/candidatesAnonymized candidates with pipeline status + AI match score.

GET/api/v1/jobs/{id}/interviewsAI interview scores and summaries (by anonymous profile id).

Webhooks

Register an endpoint URL (e.g. a Zapier/n8n/Make catch-hook). We POST JSON { event, createdAt, data } on each event, signed with your endpoint secret as X-Spoon-Signature: sha256=<hmac>.

candidate.appliedA candidate applied to one of your roles.

interview.completedAn AI interview finished (includes score).

candidate.shortlistedYou shortlisted a candidate.

screening.completedA screening test came back (score + band).

candidate.hiredA candidate accepted your offer.

offer.declinedA candidate declined your offer.

Verify a signature (Node):

import { createHmac } from "crypto";
const sig = createHmac("sha256", endpointSecret).update(rawBody).digest("hex");
const ok = req.headers["x-spoon-signature"] === "sha256=" + sig;

Get a key and start building.

Open API settings