XML Feed Integration

Developer documentation for connecting your ATS via XML feeds.

How XML Feeds Work

  1. Your ATS exposes an XML feed URL with active jobs.
  2. You configure mapping so your XML tags map to JobStak fields.
  3. The feed is polled on schedule and jobs are imported automatically.
  4. New jobs are queued with status Received.
  5. Jobs no longer present in the feed are marked Removed.

Expected XML Structure

<?xml version="1.0" encoding="UTF-8"?>
<source>
  <publisher>Your Company Name</publisher>        <!-- optional -->
  <publisherurl>https://www.yourcompany.com</publisherurl> <!-- optional -->

  <job>
    <!-- REQUIRED FIELDS -->
    <title><![CDATA[Software Engineer]]></title>
    <date>2026-01-15 09:00:00</date>
    <referencenumber>JOB-001</referencenumber>
    <url>https://yoursite.com/job/001</url>
    <company><![CDATA[Acme Corp]]></company>
    <description><![CDATA[<p>Full job description...</p>]]></description>
    <city>New York</city>
    <state>NY</state>
    <country>US</country>
    <postalcode>10001</postalcode>
    <jobtype>Full-Time</jobtype>
    <category>Engineering</category>
    <notification>hr@acme.com</notification>
    <job_status>ADD</job_status>
    <job_board>Monster</job_board>
    <username>your_board_username</username>
    <password>your_board_password</password>
    <expiry>2026-06-30 21:06:18</expiry>

    <!-- OPTIONAL FIELDS -->
    <address>123 Main Street</address>             <!-- required for OFCCP -->
    <salary>$80,000 - $120,000</salary>
    <branch>USWF</branch>
    <owner>254519</owner>
    <priority>Yes</priority>
    <statewide>No</statewide>
    <nationwide>No</nationwide>
    <indeed_sponsor_value>$50.00</indeed_sponsor_value>
  </job>
</source>

Required Nodes

Optional Nodes

Feed URL Security & Authentication

If your XML feed contains sensitive data (such as job board credentials), you can password-protect your feed URL using HTTP Basic Authentication. This is optional — if your feed is already restricted or you are comfortable with it being open, you can leave authentication disabled.

How It Works

  1. Configure your web server or ATS to require HTTP Basic Auth on your feed URL.
  2. In JobStak, edit your feed configuration and enable "Require Authentication".
  3. Enter the username and password your server expects.
  4. Our system sends these credentials securely via the Authorization: Basic header with every poll request over HTTPS.

Why Not IP Whitelisting?

Our polling infrastructure runs on distributed serverless nodes with dynamic outbound IP addresses. We cannot provide a fixed IP for whitelisting. HTTP Basic Auth is the recommended and most reliable method to secure your feed.

Credential Security

Feed authentication credentials are stored securely server-side and are only used when polling your feed. They are never exposed in the browser, included in API responses, or shared with any third party.

Server Configuration Examples

# Apache (.htaccess)
AuthType Basic
AuthName "XML Feed"
AuthUserFile /path/to/.htpasswd
Require valid-user

# Nginx
location /feed.xml {
    auth_basic "XML Feed";
    auth_basic_user_file /etc/nginx/.htpasswd;
}

Important: Always use HTTPS for your feed URL, especially when authentication is enabled, to ensure credentials are encrypted in transit.

Related Documentation