Beskar Alloy Integration Guide

Three integration paths for verified hiring. Pick the shortest one that fits your stack — direct API for batch verification, an ATS bridge for existing hiring flows, or the full Beskar Jobs board on your career site. Each gets you to the same place: deterministic evidence, sourced from 14+ public registries, with no AI opinion in the loop.

Greenhouse Approved Partner · SOC 2 Type II · DFARS-aligned

Choose your path

01 / Direct API

Most teams start with Path 01 on a sourcing list to feel the result, then move to Path 02 once they trust it, then graduate to Path 03 when the ATS friction outweighs the gain.

Endpoints The embed widget loads from https://beskar.io/embed.js. Public read-only dossiers live at https://beskar.io/alloy/{code}. Direct-API access (Path 01) is included on Growth and Enterprise plans — your endpoint and Bearer token are issued from the dashboard when you activate API access. The Greenhouse and Ashby connectors run server-side from Beskar to your ATS — there's no webhook to register on your side.

01 — Verify Direct

A single endpoint takes a name and email — a resume is optional, not required — and returns a verified dossier with sourced evidence, an evidence tier, and a corroboration graph across 14 independent public sources.

Workflow· synchronous · ~12s p50

Input

Candidate

Name, email, optional resume

→

Engine

Verify

14 sources, parallel

→

Result

Tier & evidence

Verified · Strong · Partial

→

Ship

Your DB

JSON, CSV, or webhook

Authentication

Direct-API access is included on Growth and Enterprise plans. Sign in at dashboard.beskar.io, open Settings → API access, and copy your endpoint URL + Bearer token. Pricing: Starter $500/mo + $0.50/verify (10 free trial), Growth $2,000/mo + $0.40/verify, Enterprise custom.

POST {your-endpoint}/verify

Single verification

The minimum payload is a name and email. Adding a techStack or timeline shifts the result from name-only verification (Limited Online Footprint) to full triangulation (Verified).

curl SHELL

# Single candidate, name-only verification
curl -X POST "$BESKAR_API_URL/verify" \
  -H "Authorization: Bearer $BESKAR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "profile": {
      "name": "Christopher Tineo",
      "identifiers": {
        "email": "christopher@example.com",
        "linkedinUrl": "https://linkedin.com/in/christopher-tineo"
      }
    }
  }'

Returns a verified dossier — score, tier (Verified, Strongly Verified, Partially Verified, etc.), the per-claim evidence graph, and a list of every public source consulted.

Batch processing

For batch jobs (resume database refresh, pipeline triage, sourcing list), call /verify in parallel with concurrency capped at 8. Each verification is independent — there is no separate batch endpoint.

batch.js JavaScript

import { readFile } from 'node:fs/promises';
import pLimit from 'p-limit';

const verify = async (profile) => {
  const r = await fetch(`${process.env.BESKAR_API_URL}/verify`, {
    method: 'POST',
    headers: {
      'Authorization': `Bearer ${process.env.BESKAR_API_KEY}`,
      'Content-Type': 'application/json',
    },
    body: JSON.stringify({ profile }),
  });
  return r.json();
};

// Process 1,000 candidates with 8-way concurrency
const rows = JSON.parse(await readFile('pipeline.json', 'utf8'));
const limit = pLimit(8);
const results = await Promise.all(
  rows.map(p => limit(() => verify(p)))
);

// Triage by tier
const verified = results.filter(r => r.tier === 'Verified');
console.log(`${verified.length}/${rows.length} Verified`);

Rate limits 80 verifications / minute on Growth, 20 / minute on Starter. Batches above your monthly cap auto-queue and run as credits refresh — set X-Beskar-Queue: throttle if you'd rather receive a 429.

Request fields

Anchor the verification with as many identifiers as you have — they make triangulation deterministic. Anything you don't have, leave out.

Field	Type	Description
profile.namerequired	string	Full name as it would appear on a resume.
profile.identifiers.email	string	Best single anchor for identity. Confirms via deliverability + name + employer match.
profile.identifiers.linkedinUrl	string	Auto-discovered if omitted, but providing it skips a Brave search.
profile.identifiers.githubUrl	string	Triggers commit author + repo + org membership analysis.
profile.timeline	array	List of `{org, period, title}`. Gates employer corroboration via SAM.gov, SEC EDGAR, web search.
profile.certifications	array	Cert names. Triangulated against Credly + CompTIA directories.
profile.techStack	array	Skills. Used for archetype detection and GitHub stack-match scoring.

02 — ATS Bridge

Connect your ATS once. Every new applicant flowing through your existing pipeline gets verified the moment they apply. Tier, evidence sources, and confirmed employers land back on the candidate record as custom fields and an activity-feed note.

Supported ATS

Greenhouse

Harvest API · live

Approved Partner

Ashby

Q3 2026

Lever

Q3 2026

Workable

Q3 2026

Approved Greenhouse Partner Beskar is listed in the official Greenhouse Partner Marketplace. The Harvest API integration uses Greenhouse-issued credentials and writes to dedicated custom fields on the candidate record — no scraping, no shadow access. Webhook signatures are verified on every request.

Workflow· async · verification completes ~30s post-apply

External

Apply

Beskar Jobs or Verify Direct

→

Engine

Verify

Evidence dossier

→

Push

Harvest API

Server-side, no scraping

→

Write

Custom fields + note

Tier, sources, Alloy ID

Step 1 — Connect

From your dashboard, open Integrations → Greenhouse and paste your Harvest API key. Beskar tests connectivity, lists your jobs, and shows the custom fields it'll write to. No webhook registration needed on your side — verification fires automatically whenever a candidate enters your Beskar pipeline (via Beskar Jobs apply, Verify Direct, or the Verify product UI).

Scopes needed Greenhouse: candidates.create, candidates.edit, custom_fields.read, custom_fields.edit, users.read. We never request scopes we don't use.

Step 2 — Verify the custom fields exist

Beskar writes to six dedicated custom fields on the candidate record. On first connect we'll surface any that need to be created — one click in your dashboard provisions them via the Harvest API.

Step 3 — Receive the result

The moment verification completes (typically 20–30 seconds after apply), Beskar uses the Harvest API to PATCH the candidate record. You see six custom fields populated and an activity-feed note that leads with the candidate's three-word Alloy ID + a link to their public profile.

Field	Type	Example
Beskar Tier	single_select	Verified · Strongly Verified · Partially Verified · Limited Online Footprint · Low Public Signal
Beskar Sources	short_text	Credly, GitHub, LinkedIn, SAM.gov, SEC EDGAR
Beskar Employers	long_text	Kessel Run, Clarity Innovations, Sikorsky Aircraft
Beskar Skills	long_text	Kubernetes (Credly), AWS (Credly + GitHub), Terraform (Credly)
Beskar Summary	long_text	One-line dossier headline
Beskar JD Match	short_text	87% (7/8) · gaps: rust

The activity-feed note also includes the candidate's three-word Alloy ID (e.g. void-vine-mesh) and a click-through link to https://beskar.io/alloy/{code} — recruiters use the code in outreach and share the public profile with hiring managers.

Filter your pipeline Save a Greenhouse view filtered to Beskar Tier = Verified OR Strongly Verified — that's your high-signal stack ranked. The rest is still there, just lower-priority.

If you don't want every applicant verified (high-volume hourly roles, for example), add a verify-with-beskar tag in your ATS to candidates you care about. Beskar will only process tagged applications.

03 — Beskar Jobs

Replace your job board with one that verifies on apply, not after. Create roles in our admin, drop a single <script> tag on your careers page, and ship verified-only candidates straight into your ATS. Same engine, packaged for self-serve.

Workflow· end-to-end

Create job

AI-drafted JD

→

Embed

3 lines of HTML

→

Apply

Resume optional

→

Auto-verify

Same engine

→

Push to ATS

Greenhouse, Ashby

Step 1 — Create a job

Open job-admin.beskar.io. Paste in a one-liner ("Senior DevSecOps engineer, TS/SCI eligible, Kubernetes-heavy") and Beskar drafts the full JD — title, summary, responsibilities, requirements, screening questions. Edit, publish.

Compliance Auto-checks for U.S. salary transparency rules (CO/NY/CA/IL/WA), EEO statements, and ban-the-box phrasing. If anything's missing for the candidate's locale, you'll see a red flag before publish.

Step 2 — Embed on your site

One <script> + one custom element. The widget renders inside a Shadow DOM, so your CSS doesn't fight ours and our CSS doesn't fight yours. Override accent colors with CSS variables to match your brand.

careers.html HTML

<script src="https://beskar.io/embed.js" defer></script>

<!-- Drop this anywhere in your page body -->
<beskar-jobs
  org="acme-robotics"
  style="--beskar-brand: #ff4d6d; --beskar-radius: 4px;"></beskar-jobs>

Attribute	Type	Description
orgrequired	slug	Your organization's URL slug. Visible at `/jobs/{slug}`.
job	slug	Render a specific job inline (skips the listings page).
theme	"light" \| "dark"	Default is dark; `light` if your site is light.
--beskar-brand	CSS var	Override the accent color.

Step 3 — Candidate applies

The widget guides applicants through name → email → optional resume → screening questions. If they upload a resume, it's posted to the API and parsed server-side (Claude Vision PDF extraction). If they don't, name + email + LinkedIn URL is enough for a Verified-tier dossier in most cases.

Why name-only works We tested this on 10 candidates without resumes. 7 of 10 returned Verified or Strongly Verified tiers using only name + email + employer-anchor from the JD. The 3 outliers had common names + minimal public footprint — same outcome you'd get from a resume keyword scan.

Step 4 — Deliver to your ATS

If you've connected your ATS in Path 02, every Beskar Jobs application is automatically pushed across. Tier, sources, employers, and skills become custom fields on the candidate. The applicant sees one form; you see two systems in lockstep.

JSON pushed to ATS JSON

{
  "first_name": "Christopher",
  "last_name": "Tineo",
  "email_addresses": [{ "value": "chris@example.com", "type": "personal" }],
  "custom_fields": [
    { "id": 6910118009, "value": "Verified" },
    { "id": 6910119009, "value": "Credly, GitHub, LinkedIn" },
    { "id": 6910120009, "value": "Game Plan Tech, Kessel Run" },
    { "id": 6910121009, "value": "Kubernetes, AWS, Terraform" }
  ]
}

Step 5 — Listings API

Want full visual control? Skip the embed widget and call our public listings API. Same data, your renderer.

GET https://beskar.io/jobs/{org_slug}

listings.js JavaScript

// Returns all open jobs for an org — no auth required (public board).
const r = await fetch('https://beskar.io/jobs/acme-robotics');
const { jobs } = await r.json();

jobs.forEach(j => {
  console.log(j.title, j.location, j.salaryRange);
  // j.applyUrl  → 'https://beskar.io/jobs/acme-robotics/senior-devops'
  // j.embedSlug → use with <beskar-jobs job="...">
});

Compare paths

If you can't decide, start small. Most teams start with Path 01 (Direct API on a sourcing list) to feel the result, then move to Path 02 once they trust it, then graduate to Path 03 when the ATS friction outweighs the gain.

Capability	01 · Direct	02 · ATS Bridge	03 · Beskar Jobs
Time to first result	~10 min	~30 min	~1 hr
Replaces ATS	No	No	Optional
Embeddable widget	—	—	Yes (Shadow DOM)
Auto-verify on apply	—	Yes	Yes
Batch mode	Unlimited	Tag-triggered	—
Custom branding	N/A	Via ATS	CSS variables
Best for	Pipeline triage, sourcing	Existing hiring stack	Greenfield careers page

Evidence tiers

Each verification produces one of five tiers based on how much corroborating evidence converged. The underlying score is hidden by default — show it only when a hiring manager wants to dig.

Tier 1

Verified

85 – 100

Tier 2

Strongly Verified

70 – 84

Tier 3

Partially Verified

50 – 69

Tier 4

Limited Online Footprint

25 – 49

Tier 5

Low Public Signal

0 – 24

Per-claim tiers

Inside each dossier, individual claims (Identity, Employment, Skills, Education, Clearance, Contributions) get a corroboration tier from the evidence graph:

Tier	Sources	Meaning
Ironclad	≥5 independent	Saturated corroboration across multiple domains, no contradictions.
Established	4 independent	A pattern of evidence — multiple corroborations strengthen each other.
Validated	3 independent	Public record matches the claim across distinct registries.
Corroborated	2 independent	A second source agrees with the candidate's claim.
Confirmed	1 strong source	One authoritative source confirms the claim.
Claimed	0 sources	The candidate's own claim, not yet corroborated.

Legal & FCRA

Not a background check Beskar verifies publicly available evidence — what the candidate has said elsewhere, and whether independent sources corroborate it. We are not a Consumer Reporting Agency under the FCRA. Tiers reflect evidence weight, not hiring recommendations.

You remain responsible for any adverse-action notices, EEO compliance, and final hiring decisions. Beskar's evidence dossier is one input among many, designed to surface what is or isn't verifiable from public sources.