2025 Growth Unified Hits Major Growth Milestones with 6.5x usage & 4.5x revenue growth
Unified.to
All articles

Correct WelcomeKit Scopes for Jungle Integration

April 14, 2026

This guide outlines the required WelcomeKit scopes per Unified object for the Jungle integration.

Scope Mapping (by Unified Object)

Unified ObjectRequired Scope(s)Partnership (su_*) Needed?
ATS · Job (ats_job)su_jobs_rYes
ATS · Candidate (ats_candidate)Read: candidates_r AND my_candidates_r
Write: candidates_rw AND my_candidates_rw		No
ATS · Document (ats_document)Read: documents_r AND (candidates_r & my_candidates_r)
Write: documents_rw AND (candidates_rw & my_candidates_rw)		No
ATS · Activity (ats_activity)Read: emails_r AND (candidates_r & my_candidates_r)
Write: comments_w AND (candidates_rw & my_candidates_rw)		No
HRIS · Company (hris_company)Read: su_organizations_rYes
HRIS · Location (hris_location)Read: offices_r
Write: offices_rw		No
HRIS · Group (hris_group)Read: departments_r & departments_rw
Write: departments_rw		No

Important Notes

Partnership-only scopes

  • su_jobs_r → Required for listing jobs
  • su_organizations_r → Required for listing organizations

These require WelcomeKit partnership approval.

Non-partner access (scope overrides)

If you do not have WelcomeKit partnership approval, you won't be able to use the partnership-only scopes (su_jobs_r for listing jobs, su_organizations_r for listing organizations). Instead, request the standard non-partner scopes by overriding the defaults for this integration. Each Unified permission (like ats_job_read) maps to a default set of the provider's raw scopes, and you can replace that default per integration via the integration's scope override setting. Update the WorkspaceIntegration object with an overriden_scopes map keyed by the Unified permission, where each value is a comma-separated list of the provider's raw scopes:

{ "overriden_scopes": { "ats_job": "jobs_r" } }

With this override, Unified requests jobs_r (org-scoped jobs) instead of su_jobs_r. At runtime, the connector lists jobs via GET /jobs?organization_reference=... using the organization cached on the connection during auth setup, and falls back to GET /users/current for organization discovery — so non-partner keys never depend on the su_* scopes. For full details, see Overriding scopes per integration.

Candidate-dependent scopes

The following always require candidate access:

  • Documents → require candidate read/write scopes
  • Emails → require candidate read scopes
  • Comments → require candidate write scopes

How to Get Partnership Access (Jungle / WelcomeKit)

To access partnership-only scopes (su_*), you will need to be approved by WelcomeKit.

Steps:

  1. Reach out to WelcomeKit support or your account manager (https://help.welcometothejungle.com/en)
    • Request access to partnership scopes (su_jobs_rsu_organizations_r)
    • Clearly mention your use case (e.g. job syncing, org-level data access)
  2. Provide integration details
    • Your application name
    • What data you intend to access
    • Whether access is read-only or includes write operations
  3. Explain your end-user flow
    • How users connect their WelcomeKit account
    • Why elevated (partnership) access is required
  4. Await approval
    • Once approved, the scopes will be enabled for your app
    • You can then include su_* scopes in your OAuth flow
All articles