Manual API access
No instant key issuance

Approved access to
XaiGH labor rails.

Enterprise teams can request scoped API access for job posting, employer workflow, and workforce status integrations. Keys are reviewed and issued manually so hiring, pay, and worker trust stay controlled.

Request API access Enterprise review

Request access

Send company, contact, use case, scopes, volume, and callback URL. The gateway returns a review ticket, not a live key.

Manual review

Founder or API Ops reviews data class, employer authority, requested scopes, route risk, and integration readiness.

Key issued by hand

Approved keys are configured server-side, scoped to exact route families, and can be revoked without app changes.

Scoped production calls

Enterprise systems call approved XaiGH job and employer routes with idempotency keys and audit-safe request IDs.

Build against the approval path first.

The first public contract is the access request and scoped key gate. Production job-writing access is granted after XaiGH reviews use case, employer ownership, volume, and failure handling.

Gateway accepts API-key auth only after the key is manually configured as approved.

Scopes are route-bound, so a jobs key cannot call payroll or unrelated employer routes.

SDK credentials are server-side only; browser clients stay away from secret headers.

Request ticket
await fetch("https://api.xaigh.com/v1/developer/api-access/request", {
  method: "POST",
  headers: { "content-type": "application/json" },
  body: JSON.stringify({
    companyName: "Northline Warehousing",
    contactName: "Maya Patel",
    contactEmail: "[email protected]",
    useCase: "Post approved warehouse shifts from our labor plan.",
    requestedScopes: ["jobs:write", "employer:read"],
    monthlyVolumeEstimate: 2500,
    callbackUrl: "https://ops.example.com/xaigh/events"
  })
});
ATS source-of-truth contract

The client ATS writes the job. XaiGH runs the work.

The current backend treats ATS roles as CLIENT_ATS records: XaiGH mirrors the posting, preserves local operating controls, and closes stale jobs only when the authoritative sync says they disappeared.

Integration docs ATS-owned roles

Canonical record

jobContent
publicationStatus
payRange
applicationDestination

Source

CLIENT_ATS

Stale gate

24h default

Apply mode

ATS redirect / forward

Review

provider raw hash

Client ATS owns

Job content, publication state, pay range, apply destination

CLIENT_ATS is the source of truth; direct job-post writes are rejected with ATS_INGEST_REQUIRED.

XaiGH controls

Fill workflow, matching, attendance, payroll handoff

Local operating fields are preserved across sync: auto-offer, geofence, documents, readiness, and worker audience controls.

Audit record

Created, updated, closed, missing-from-ATS events

AtsIntegration, AtsJobLink, and AtsJobSyncEvent keep provider, raw hash, status, and close policy traceable.

01

Privileged ATS sync

/v1/jobs/ats/sync

Workday, Greenhouse, Lever, Ashby, iCIMS, or a custom feed sends up to 200 authoritative records per batch.

02

Stable mirror record

ats_[org:provider:externalJobId]

XaiGH normalizes title, pay, location, requirements, apply URL, canonical URL, status, and requisition identity.

03

Operations attach

XaiGH work layer

Matching, messages, fill, geofence, documents, worker audience, readiness, and payroll signals attach without rewriting ATS fields.

04

Authoritative close

ATS_MISSING_FROM_AUTHORITATIVE_SYNC

When closeMissing is true, roles missing from the client feed close locally and stop matching.

05

Status contract

/v1/jobs/ats/status

Provider count, managed/open/closed roles, stale sync detection, and field ownership feed the employer command center.

WorkdayGreenhouseLeverAshbyiCIMSCustom feedRedirect-onlyApplication forward
Approved key call
import { createXaighClient } from "@xaigh/sdk-js";

const xaigh = createXaighClient({
  baseUrl: "https://api.xaigh.com",
  apiKey: process.env.XAIGH_API_KEY
});

await xaigh.post("/v1/jobs/post", {
  employerUserId: "employer_123",
  title: "Warehouse closeout crew",
  slots: 12,
  startsAt: "2026-06-18T08:00:00.000Z"
}, { idempotencyKey: "shift-plan-2026-06-18-a" });

Key control is part of the product.

XaiGH APIs touch real work: open shifts, employer approvals, route readiness, and payroll-adjacent closeout. Access stays gated until the integration can prove ownership and recovery behavior.

Manual approval boundary

A request ticket is not a credential. Live API keys require founder or API Ops approval, scoped configuration, and a reviewable rollback path.

Request reviewed access.

Bring the use case, route families, estimated volume, callback URL, and the failure mode your operators need covered.

Start access review