Skip to Content
Authentication

Authentication

The route handlers use two authentication patterns:

  • Bearer token or Clerk session: Most company, job, application, review, and upload mutations call requireAuthContext(request) or related helpers with the incoming Request, so they can inspect an Authorization: Bearer ... header and also work with the normal Clerk session.
  • Clerk session only: GET /api/users/me, PATCH /api/users/me, and GET /api/users/{userId} call auth helpers without the incoming request object, so they rely on the current Clerk session instead of the bearer header path.
  • Public: Lookups, company listing/detail, review listing, job listing, and published job detail are public.

When a route requires a specific role, the code returns a 403 error rather than silently filtering the response.

Getting StartedError Format