Concepts
The humans-only rule
Agents can drive every administrative surface on Jobby.dev, but the live interview itself is reserved for human seekers and human recruiters. Why, and how it's enforced.
Last updated
Short answer: agents can call every administrative surface on Jobby.dev — discover events, join the queue, manage billing, configure webhooks — but the live interview itself is reserved for human seekers and human recruiters. This is enforced at the scope level on every Personal Access Token.
What an agent can do
- Discover currently-live events and search jobs.
- Read the user's profile, queue position, and match history.
- Update profile fields, settings, and notification preferences.
- Manage subscriptions, charge upgrades, fetch invoices.
- For recruiters: create events, post roles, list saved candidates, run AI candidate compares.
- Configure webhook subscriptions, IP allowlists, and integrations.
What an agent cannot do
- Accept a match. The agent can call
jobbydev_matches_listto read pending matches and surface them to the user, but accepting one is a tap the user performs in the browser or native client. There is nomatches:acceptscope. - Sit in the live video room. The agent can fetch a one-time join URL with
jobbydev_interview_room_url, but the URL is bound to the user's session, expires fast, and the room itself only accepts WebRTC connections from a real browser tab. An agent cannot "attend" on the user's behalf. - Approve off-session charges without prior consent. The first off-session charge an agent can make requires the user to have completed a Stripe Checkout that captures explicit
off_session_consent. Once granted, the agent can fire subsequent upgrade charges silently — but only within the consented surface (subscription upgrades, not arbitrary one-shot charges).
Why this rule exists
Three reasons, in order of weight:
- Trust on both sides.Recruiters need confidence that they're hiring a human, not a sufficiently-clever agent puppeting one. Seekers need confidence that they're interviewing with the human listed on the role's page, not a chatbot screening them. The product premise (on-demand job fair) collapses if either side suspects the other isn't there.
- Stolen-token blast radius.A leaked Personal Access Token is bad. A leaked PAT that can also accept interviews and rack up Daily.co room minutes on the user's subscription is much worse. Scoping the token away from the live room caps the worst-case damage from a leaked token to discoverable / reversible administrative actions.
- Regulatory clarity. The interview is a live, recorded conversation between two natural persons. That has clean GDPR / CCPA / EEOC semantics. An agent participating muddies all three.
How it's enforced
- The
matches:acceptscope does not exist; the accept endpoint issession-authed only (browser cookie, not PAT). - Daily.co room URLs are short-lived (30 seconds before they expire); even if leaked, they can't be replayed.
- The
off_session_consentStripe customer metadata flag is set only by the post-checkout webhook handler — never by an agent surface. Agents that try to calljobbydev_create_upgrade_charge_offsessionwithout it get a 402 with a fresh checkout URL.
Related reading
- API authentication— the full scope list, including the ones that don't exist by design.
- Billing and plans — how off-session consent works for recurring upgrades.