How do I use Bullhorn REST API without manual User Oauth2 Au

Forum for users and developers of Bullhorn's API service.

Moderators: StaffingSupport, s.emmons, BullhornSupport

Post Reply
MojoNixon
User
Posts: 2
Joined: Sun Apr 14, 2013 7:11 pm

How do I use Bullhorn REST API without manual User Oauth2 Au

Post by MojoNixon »

Hi,

I need to access the Bullhorn REST API automatically without a user. I need to programmatically pull data from Bullhorn without a "user" manually giving authorization in the Oauth 2.0 process. Ideally, I would be able to obtain an authorization token that never expires. How can bullhorn's REST API be used without a user doing the authorization?

What is the best way to approach this problem?

Thanks
yorkapi2
User
Posts: 7
Joined: Sun Apr 14, 2013 11:55 pm

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by yorkapi2 »

I had this same problem.
The documentation fails to mention how to do it programmatically - the trick is the 'action=Login' in the request.

You can make a CURL request to the OAuth url with query string, like so (in PHP):

Code: Select all

function getBHAuthCode()
{
    $bullhornid = '[YOURBULLHORNCLIENTID]';
    $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.$bullhornid.'&response_type=code';
    $data = "action=Login&username=[YOURBULLHORNUSER]&password=[YOURBULLHORNPASS]";

    $options = array( 
			CURLOPT_POST           => true,
			CURLOPT_POSTFIELDS     => $data,
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_HEADER         => true,    
			CURLOPT_FOLLOWLOCATION => true,
			CURLOPT_AUTOREFERER    => true,    
			CURLOPT_CONNECTTIMEOUT => 120, 
			CURLOPT_TIMEOUT        => 120,      
		); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); 
			
    if(preg_match('#Location: (.*)#', $content, $r)) {
	$l = trim($r[1]);
	$temp = preg_split("/code=/", $l);
	$authcode = $temp[1];
    }

    return $authcode;

}
$authcode will be the code you use to get your access_token.

You will need 4 functions:
- getBHAuthCode : to get your authcode from the result URL
- doBullhornAuth : using the authcode to get your access_token and refresh_token (store refresh_token to session)
- doBullhornLogin: using the access_token to login to the REST API (and store your BHRestToken and restUrl to session)
- doBullhornRefresh : using the refresh_token on EVERY page requiring API interactivity to get a new access_token (and storing the NEW refresh_token to session)

I do a check on all pages of my application... if the refresh_token is saved in current session, simply refresh the token; otherwise getBHAuthCode();doBullhornAuth();doBullhornLogin();
Amazing
User
Posts: 3
Joined: Tue Apr 09, 2013 6:12 am

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by Amazing »

Hello Yorkapi2,

Thanks for your fantastic responds. Can you share where you got your 'trick' information?
or better still the source for the other functions you mentioned as trying to do so fails because the access-token expires within
10mins or so.

I'd be glad if you could help.

Thanks
yorkapi2 wrote:I had this same problem.
The documentation fails to mention how to do it programmatically - the trick is the 'action=Login' in the request.

You can make a CURL request to the OAuth url with query string, like so (in PHP):

Code: Select all

function getBHAuthCode()
{
    $bullhornid = '[YOURBULLHORNCLIENTID]';
    $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.$bullhornid.'&response_type=code';
    $data = "action=Login&username=[YOURBULLHORNUSER]&password=[YOURBULLHORNPASS]";

    $options = array( 
			CURLOPT_POST           => true,
			CURLOPT_POSTFIELDS     => $data,
			CURLOPT_RETURNTRANSFER => true,
			CURLOPT_HEADER         => true,    
			CURLOPT_FOLLOWLOCATION => true,
			CURLOPT_AUTOREFERER    => true,    
			CURLOPT_CONNECTTIMEOUT => 120, 
			CURLOPT_TIMEOUT        => 120,      
		); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); 
			
    if(preg_match('#Location: (.*)#', $content, $r)) {
	$l = trim($r[1]);
	$temp = preg_split("/code=/", $l);
	$authcode = $temp[1];
    }

    return $authcode;

}
$authcode will be the code you use to get your access_token.

You will need 4 functions:
- getBHAuthCode : to get your authcode from the result URL
- doBullhornAuth : using the authcode to get your access_token and refresh_token (store refresh_token to session)
- doBullhornLogin: using the access_token to login to the REST API (and store your BHRestToken and restUrl to session)
- doBullhornRefresh : using the refresh_token on EVERY page requiring API interactivity to get a new access_token (and storing the NEW refresh_token to session)

I do a check on all pages of my application... if the refresh_token is saved in current session, simply refresh the token; otherwise getBHAuthCode();doBullhornAuth();doBullhornLogin();
yorkapi2
User
Posts: 7
Joined: Sun Apr 14, 2013 11:55 pm

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by yorkapi2 »

Yes, I can tell you - I FIGURED IT OUT ON MY OWN!!!
I used Firebug to check the POST when I submitted the form manually.

You need to use the refresh_token that you receive in the same JSON response as the access_token. The refresh_token takes a long time to expire (but it DOES expire after a LONG time without any refresh)
Alliance
User
Posts: 40
Joined: Mon Feb 18, 2013 12:16 pm

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by Alliance »

Thank you yorkapi2, and to Mojo and Amazing for asking the questions. Very helpful.
Note to PHP developers, do not use PHP's urlencode() when building query strings for token requests. This resulted in invalid_client errors for me. Instead use a loop to concat args to the url, unencoded.
Big thank you, once again, guys.
sanjaysnair
User
Posts: 1
Joined: Tue Jul 16, 2013 5:29 am

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by sanjaysnair »

This worked for me.
To get session id without any user interaction.

<?php
define('CLIENT_ID', '***********');
define('CLIENT_SECRET', '*******************');
define('USER', '********');
define('PASS', '*************');

function getAuthCode()
{
$url = 'https://auth.bullhornstaffing.com/oauth ... ord='.PASS;
$curl = curl_init( $url );
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_HEADER, true);
//curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($curl, CURLOPT_AUTOREFERER, true);
curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
curl_setopt($curl, CURLOPT_TIMEOUT, 120);

$content = curl_exec( $curl );
curl_close( $curl );//die($content);

if(preg_match('#Location: (.*)#', $content, $r)) {
$l = trim($r[1]);
$temp = preg_split("/code=/", $l);
$authcode = $temp[1];
}

return $authcode;
}

function doBullhornAuth($authCode)
{
$url = 'https://auth.bullhornstaffing.com/oauth ... ENT_SECRET;

$options = array(
CURLOPT_RETURNTRANSFER => 1,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => array()
);

$ch = curl_init( $url );
curl_setopt_array( $ch, $options );
$content = curl_exec( $ch );

curl_close( $ch ); //die($content);

return $content;

}

function doBullhornLogin($accessToken)
{
$url = 'https://rest.bullhornstaffing.com/rest- ... ccessToken;
$curl = curl_init( $url );
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
//curl_setopt($curl, CURLOPT_HEADER, true);
//curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
//curl_setopt($curl, CURLOPT_AUTOREFERER, true);
//curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
//curl_setopt($curl, CURLOPT_TIMEOUT, 120);

$content = curl_exec( $curl );
curl_close( $curl );
return $content;
}

try {
$authCode = getAuthCode();//echo $authCode;die;
$auth = doBullhornAuth($authCode);//echo $auth;die;
$tokens = json_decode($auth);//print '<pre>';print_r($tokens);die;
$session = doBullhornLogin($tokens->access_token);
echo $session;die;
} catch (Exception $e) {
error_log($e->getMessage());
}
jeffsacco
User
Posts: 6
Joined: Thu Jul 25, 2013 1:32 pm

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by jeffsacco »

Very nice code snippet.

Thank you!
gregrbparker
User
Posts: 2
Joined: Wed Oct 01, 2014 1:40 pm

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by gregrbparker »

I am trying to get this solution to work but the curl isnt working. if I var_dump($content) I get bool(false). Thoguhts?
JohnnySix
User
Posts: 4
Joined: Thu Feb 11, 2021 7:34 am

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by JohnnySix »

Thanks @sanjaysnair for sharing this - I added code tags to make it easier to read ( if others search as I did )

I'm a beginner with OAUTH / REST in general, and through trial and error in Postman etc. - it's been a long process trying to get to a stage to get a working connection with PHP.

This code below worked for me with no modification ( outside of adding credentials ) !
sanjaysnair wrote: Tue Jul 16, 2013 5:37 am This worked for me.
To get session id without any user interaction.

Code: Select all


<?php
define('CLIENT_ID', '***********');
define('CLIENT_SECRET', '*******************');
define('USER', '********');
define('PASS', '*************');

function getAuthCode()
{
  $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.CLIENT_ID.'&response_type=code&action=Login&username='.USER.'&password='.PASS;
  $curl  = curl_init( $url ); 
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($curl, CURLOPT_HEADER, true);
  //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($curl, CURLOPT_AUTOREFERER, true);
  curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
  curl_setopt($curl, CURLOPT_TIMEOUT, 120);
  
  $content = curl_exec( $curl );
  curl_close( $curl );//die($content); 

  if(preg_match('#Location: (.*)#', $content, $r)) {
    $l = trim($r[1]);
    $temp = preg_split("/code=/", $l);
    $authcode = $temp[1];
  }

  return $authcode;
}

function doBullhornAuth($authCode)
{
    $url = 'https://auth.bullhornstaffing.com/oauth/token?grant_type=authorization_code&code='.$authCode.'&client_id='.CLIENT_ID.'&client_secret='.CLIENT_SECRET;

    $options = array(
         CURLOPT_RETURNTRANSFER => 1,
         CURLOPT_POST => true,
         CURLOPT_POSTFIELDS => array()
      ); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); //die($content);
         
    return $content;

}

function doBullhornLogin($accessToken)
{
  $url = 'https://rest.bullhornstaffing.com/rest-services/login?version=*&access_token='.$accessToken;
  $curl  = curl_init( $url ); 
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  //curl_setopt($curl, CURLOPT_HEADER, true);
  //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  //curl_setopt($curl, CURLOPT_AUTOREFERER, true);
  //curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
  //curl_setopt($curl, CURLOPT_TIMEOUT, 120);
  
  $content = curl_exec( $curl );
  curl_close( $curl );
  return $content;
}

try {
$authCode = getAuthCode();//echo $authCode;die;
$auth = doBullhornAuth($authCode);//echo $auth;die;
$tokens = json_decode($auth);//print '<pre>';print_r($tokens);die;
$session = doBullhornLogin($tokens->access_token);
echo $session;die;
} catch (Exception $e) {
error_log($e->getMessage());
}
davidarm
User
Posts: 1
Joined: Thu Mar 18, 2021 6:08 am

Re: How do I use Bullhorn REST API without manual User Oauth2 Au

Post by davidarm »

JohnnySix wrote: Wed Feb 24, 2021 7:26 am Thanks @sanjaysnair for sharing this - I added code tags to make it easier to read ( if others search as I did )

I'm a beginner with OAUTH / REST in general, and through trial and error in Postman etc. - it's been a long process trying to get to a stage to get a working connection with PHP.

This code below worked for me with no modification ( outside of adding credentials ) !
sanjaysnair wrote: Tue Jul 16, 2013 5:37 am This worked for me.
To get session id without any user interaction.

Code: Select all


<?php
define('CLIENT_ID', '***********');
define('CLIENT_SECRET', '*******************');
define('USER', '********');
define('PASS', '*************');

function getAuthCode()
{
  $url = 'https://auth.bullhornstaffing.com/oauth/authorize?client_id='.CLIENT_ID.'&response_type=code&action=Login&username='.USER.'&password='.PASS;
  $curl  = curl_init( $url ); 
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  curl_setopt($curl, CURLOPT_HEADER, true);
  //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  curl_setopt($curl, CURLOPT_AUTOREFERER, true);
  curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
  curl_setopt($curl, CURLOPT_TIMEOUT, 120);
  
  $content = curl_exec( $curl );
  curl_close( $curl );//die($content); 

  if(preg_match('#Location: (.*)#', $content, $r)) {
    $l = trim($r[1]);
    $temp = preg_split("/code=/", $l);
    $authcode = $temp[1];
  }

  return $authcode;
}

function doBullhornAuth($authCode)
{
    $url = 'https://auth.bullhornstaffing.com/oauth/token?grant_type=authorization_code&code='.$authCode.'&client_id='.CLIENT_ID.'&client_secret='.CLIENT_SECRET;

    $options = array(
         CURLOPT_RETURNTRANSFER => 1,
         CURLOPT_POST => true,
         CURLOPT_POSTFIELDS => array()
      ); 

    $ch  = curl_init( $url ); 
    curl_setopt_array( $ch, $options ); 
    $content = curl_exec( $ch ); 

    curl_close( $ch ); //die($content);
         
    return $content;

}

function doBullhornLogin($accessToken)
{
  $url = 'https://rest.bullhornstaffing.com/rest-services/login?version=*&access_token='.$accessToken;
  $curl  = curl_init( $url ); 
  curl_setopt($curl, CURLOPT_URL, $url);
  curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
  //curl_setopt($curl, CURLOPT_HEADER, true);
  //curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true);
  //curl_setopt($curl, CURLOPT_AUTOREFERER, true);
  //curl_setopt($curl, CURLOPT_CONNECTTIMEOUT, 120);
  //curl_setopt($curl, CURLOPT_TIMEOUT, 120);
  
  $content = curl_exec( $curl );
  curl_close( $curl );
  return $content;
}

try {
$authCode = getAuthCode();//echo $authCode;die;
$auth = doBullhornAuth($authCode);//echo $auth;die;
$tokens = json_decode($auth);//print '<pre>';print_r($tokens);die;
$session = doBullhornLogin($tokens->access_token);
echo $session;die;
} catch (Exception $e) {
error_log($e->getMessage());
}
Hi Sanjay
Im new here and tried your code in a PHP file putting in my Bullhorn credentials, I got the error "Invalid or expired OAuth access token", I read somewhere else the Token is a long life token and I do not need to refresh.

Your code is the furthest I have got, do you have any idea what I'm missing, All I need to do is get the connection working and pull a users data, just having no luck.

Any advice or help from anyone would be much appreciated.

{"errorMessage":"Invalid or expired OAuth access token.","errorMessageKey":"errors.authentication.invalidOAuthToken","errorCode":400}
Post Reply