At a glance
- Availability: Experimental (how to enable).
- Auth: Basic auth.
- Connection: HTTP Basic auth with
ASHBY_API_KEYas the username andASHBY_API_PASSWORDas the password. - Docs: https://developers.ashbyhq.com/docs/authentication
Credentials
Set these per environment. See Connect an integration.Setup
- Sign in to Ashby: Go to https://app.ashbyhq.com and sign in as an organization admin. Ashby is a paid product - use your company workspace or request a sandbox from Ashby support.
- Create an API key: Open Admin → API → API Keys and create a key. Grant read permissions for Candidates, Jobs, and Applications (plus candidate write if you will use Create Candidate).
- Set environment variables: Add ASHBY_API_KEY=<your key> to your .env. Leave ASHBY_API_PASSWORD unset or empty - Ashby uses the key as the Basic auth username with a blank password.
- Verify access: Run List Jobs to confirm the key works.
- All Ashby endpoints are POST-based RPC calls (e.g. candidate.list) with JSON bodies; list/info/search calls do not modify data
- Authentication is HTTP Basic with the API key as username and an empty password
- Responses are wrapped as {success, results, moreDataAvailable, nextCursor}; tools unwrap ‘results’
Tools
| Tool | Access | Description |
|---|---|---|
| List Candidates | Read | List all candidates in the organization (read-only RPC via POST) |
| Get Candidate | Read | Get a candidate by ID (read-only RPC via POST) |
| Search Candidates | Read | Search candidates by email or name (read-only RPC via POST) |
| Create Candidate | Write | Create a new candidate |
| List Jobs | Read | List jobs, optionally filtered by status (read-only RPC via POST) |
| List Applications | Read | List applications, optionally filtered by job or status (read-only RPC via POST) |
Example prompts
- List my open Ashby jobs and the active applications for each, grouped by stage.
- Search Ashby for a candidate by email and show their profile and applications.