POST
/
passthrough
/
{tool}
/
{api}
{
  "status": "success",
  "data": {
    "url": "<string>",
    "status": 0,
    "headers": {},
    "data": "<string>"
  }
}

At Kombo we put a lot of work into making sure that our unified API covers all our customers’ use cases and that they never have to think about integration-specific logic again. There are cases, however, where our customers want to build features that are very integration-specific. That’s where this endpoint comes in.

Pass in details about the request you want to make to the integration’s API and we’ll forward it for you. We’ll also take care of setting the right base URL and authenticating your requests.

To get started, please pick the relevant API (some tools provide multiple to due different base URLs or authentication schemes) from the table below and pass in the {tool}/{api} identifier as part of the path.

Integration{tool}/{api}Description
Personiopersonio/personnelPersonio’s Personnel Data API. We automatically authenticate all requests using the client ID and secret and use https://api.personio.de/v1 as the base URL.
Workdayworkday/soapWorkday’s SOAP API. We automatically authenticate all requests. Set data to your raw xml string. Use / as your path, as we will always send requests to https://{domain}/ccx/service/{tenant}/{service_name}. Set your method to POST. You need to specify the api_options object and set service_name to the name of the service you want to call. Find all available services here. The string that you submit as data will be the content of the soapenv:Body tag in the request.
SAP SuccessFactorssuccessfactors/odata-v2SuccessFactors’ OData V2 API. We automatically authenticate all requests and use https://{api_domain}/odata/v2 as the base URL.
SmartRecruiterssmartrecruiters/defaultSmartrecruiters API. We automatically authenticate all requests using OAuth and use https://api.smartrecruiters.com as the base URL.
SmartRecruiterssmartrecruiters/defaultSmartrecruiters API. We automatically authenticate all requests using the credentials supplied by the customer and use https://api.smartrecruiters.com as the base URL.
Leverlever/v1Lever’s v1 API. We automatically authenticate all requests using the partner credentials which have been configured in the Lever tool settings (this uses Kombo’s partner credentials by default).
Recruiteerecruitee/defaultThe Recruitee API. We automatically authenticate all requests and use https://api.recruitee.com/c/{company_id} as the base URL.
Greenhousegreenhouse/harvestGreenhouse Harvest API. We automatically authenticate all requests using the API key and use https://harvest.greenhouse.io/v1 as the base URL.
Teamtailorteamtailor/v1Teamtailor’s JSON-API. We authenticate all request with the Teamtailor API key and use the base URL https://api.teamtailor.com/v1.
Personiopersonio/recruitingPersonio’s Recruiting API. We automatically authenticate all requests using the Recruiting access token and use https://api.personio.de/v1/recruiting as the base URL.
Personiopersonio/jobboardAPI endpoints exposed on Personio’s public job board pages (currently just the XML feed). We automatically use the right https://{company}.jobs.personio.de base URL.
BambooHRbamboohr/v1BambooHR’s API. We automatically authenticate all requests using the customer credentials https://api.bamboohr.com/api/gateway.php/{subdomain}/v1 as the base URL.
Bullhornbullhorn/defaultBullhorn’s API. We automatically use the right https://rest{swimlane#}.bullhornstaffing.com/rest-services/{corpToken} base URL.
Workableworkable/v1Workable’s API. We automatically authenticate all requests using the client ID and secret and use https://subdomain.workable.com/spi/v3 as the base URL.
HiBobhibob/v1HibBob’s v1 API. We automatically authenticate all requests using the service user credentials (or, for old integrations, the API key) and use https://api.hibob.com/v1 as the base URL.
Cezanne HRcezannehr/dataserviceCezanneHR’s v7 dataservice API.We automatically authenticate all requests and use the base URL https://subdomain.cezanneondemand.com/cezanneondemand/v7/dataservice.svc
Microsoft Entra IDentraid/v1AzureAD’s API. We automatically authenticate all requests.
Microsoft Azure ADazuread/v1AzureAD’s API. We automatically authenticate all requests.
Pinpointpinpoint/v1Pinpoint’s JSON:API. We automatically authenticate all requests using the X-API-KEY header and use https://{subdomain}.pinpointhq.com/api/v1 as the base URL.
Remoteremotecom/defaultRemote’s API. We automatically authenticate all requests using provided credentials.
TRAFFITtraffit/v2Traffit’s v2 API. We authenticate all requests with the Traffit API key and use the base URL https://yourdomain.traffit.com/api/integration/v2.
Abacus Umantisabacusumantis/v1Umantis API v1. We automatically authenticate all requests and use https://{subdomain}.umantis.com/api/v1 as the base URL.
Haufe Umantisumantis/v1Umantis API v1. We automatically authenticate all requests and use https://{subdomain}.umantis.com/api/v1 as the base URL.
HRworkshrworks/v2HRWorks’s v2 API. We automatically authenticate all requests using the customer credentials.
JazzHRjazzhr/v1JazzHR’s v1 API. We automatically authenticate all requests.
Please note that the passthrough API endpoints are only meant for edge cases. That’s why we only expose them for new integrations after understanding a concrete customer use case. If you have such a use case in mind, please reach out to Kombo.

Authorizations

Authorization
string
headerrequired

Create an API key on the Secrets page in the Kombo dashboard.

Headers

X-Integration-Id
string
required

ID of the integration you want to interact with.

Path Parameters

tool
string
required

The ID of the tool whose passthrough API you want to call (e.g., personio).

api
string
required

The ID of the passthrough API you want to call (some tools provide multiple). Check the endpoint description for a list of all available APIs.

Body

application/json
method
enum<string>
required

The HTTP method (e.g., GET) of the request.

Available options:
GET,
POST,
DELETE,
PUT,
PATCH
path
string
required

The path of the endpoint you want to call. We automatically prepend the base URL of the API (all base URLs are documented in the endpoint description).

headers
object

The headers to send with the request. Note that we automatically supply any authentication-related headers.

params
object

The query parameters to send in addition to the ones in the path.

data
string

The data to submit as part of the request body. This can either be an array or object (in which case we will forward it as JSON) or a string (in which case we will forward it raw).

response_as_base64
boolean

If set to true, the response will be returned as a base64-encoded string. This is useful for binary data (e.g., PDFs).

multipart_form_data
object[]

The data to submit as part of the request body if the request's Content-Type is multipart/form-data.

api_options
object

Custom options interpreted by the passthrough API adapter you've selected. These options are not documented right now as they're only for very advanced use cases.

Response

200 - application/json
status
enum<string>
required
Available options:
success
data
object
required