Acceptable Use Policy

Last Modified: December 20, 2022

This API Acceptable Use Policy (the “AUP”) is part of any separate agreement or terms agreed upon or entered into by and between you and ICIMS and sets forth the acceptable and prohibited activities that relate to your use of the ICIMS Developer Site, found at https://developer-community.icims.com/ (the “Developer Site”). In the event of a conflict between this AUP and any such agreement or terms, unless otherwise expressly provided, the agreement or terms will control. All capitalized terms not defined herein have the meaning ascribed to them in the agreement or terms.

What is Covered in this Policy?

  • Introduction
  • Efficiency Legal
  • Data Privacy
  • Design
  • Submitting for Review

Introduction

ICIMS recognizes that employers need a way to bring their increasingly complex talent acquisition world together. ICIMS UNIFi, a Platform-as-a-Service solution (the “UNIFi Platform”), may be the answer. The UNIFi Platform makes it easy to integrate and build solutions to deliver a streamlined talent acquisition experience. We are excited to have you join the ICIMS development community and hope that you are confident in your solution and the value that it will deliver. Once you complete the development of your solution, our marketplace is available to you as a way for you to share your innovative solutions and services as part of our growing ecosystem that is uniquely focused on Talent Acquisition (the “Marketplace”).

Providing an efficient and robust experience, while maintaining our security standard is our primary objective. With our objective in mind, ICIMS sets forth usage guidelines and conducts functional reviews to ensure that you, as the developer, can derive value from your experience and that our subscribers can be assured of its quality. As we are constantly investing in new capabilities to add to the UNIFi Platform, we have a passion for scrutinizing the talent acquisition industry and striving for transparency. Ultimately, we aim to provide the proper context necessary to build high value solutions. Below are some key items for you to keep in mind:

  • Data integrity is critical as ICIMS diligently strives to protect the interests of its subscribers. As a developer, you have an active role in these efforts to protect the security and integrity of the data. You must be aware of that roll and your obligations.
  • We will deactivate or restrict your access to any development effort that is not in accordance with ICIMS Best Practices (available at https://developer-community.icims.com/, the “ICIMS Best Practices”), industry security standards or misrepresents the intended use case (as used herein, the “Intended Use Case” shall mean the scope as defined and outlined by you and ICIMS prior to you gaining access to the API).
  • In all interactions represent yourself, your use case, your limitations and your problems accurately and truthfully. Any act that is perceived by ICIMS, in its sole discretion, to be unfair, deceptive or a misrepresentation of the Intended Use Case, will result in your integrations being deactivated and immediate expulsion from the ICIMS Developer and/or Partner Program. Should you have or suspect a conflict of interest, notify ICIMS immediately.
  • Be professional. Remember you are working with people. Profanity, aggressive language or inappropriate actions are not acceptable to ICIMS. Any actions deemed by ICIMS, in its sole discretion, to be profane, aggressive or otherwise inappropriate, may result in suspension of your access, in the deactivation of your integrations, and/or immediate expulsion from the ICIMS Developer and/or Partner Program.
  • We understand that during stressful times, things can go... sideways. Please be aware, however, that everyone is operating within their own constraints, interests, and objectives. It is important that you acknowledge and respect these constraints.

As the capabilities of the UNIFi Platform consistently change and expand, the needs of the talent acquisition solution also change. Accordingly, please recognize that this AUP is a living document, and as such, the requirements and your obligations may change at any time and for any reason.

Efficiency

The ICIMS Talent Acquisition Suite (the “Subscription”) is based upon a “true SaaS” solution, which conceptually can be considered as a multitenant shared resource. Accordingly, excessive use or abuse of the UNIFi Platform by one developer and/or integration, may negatively impact all other subscribers. Within this operating context, any misuse of resources and/or access, whether deliberately, accidentally or for any other reason, is prohibited and may result in your loss of functionality, the termination of your ICIMS relationship and/or revocation of your access to the UNIFi Platform.

We do understand, however, that negative outcomes can be the result of good intent. For example:

  • Retry Logic – Although faults are not uncommon when integrating to a true SaaS solution, an application should be designed to handle such faults efficiently and transparently. Such an approach can help minimize the effects that faults can have on the business tasks being performed by the application. Generally, retry logic may be considered a good idea when looking to minimize the impact of a fault. ICIMS Best Practices, however, requires that developers only use retry logic that leverages an exponential back-off approach. The general idea behind an exponential back-off is to use progressively longer waits between retries for consecutive error responses. Any other approach may not align with ICIMS Best Practices and should not be taken by developers.
  • Exceeding API Call Limit – Usage of the ICIMS Subscription, and your integrations thereto, has limits that are detailed in our Web Services Licenses (available at https://developer-community.icims.com/). As a developer you need to be aware of these limits and the impacts of exceeding such limits. Today, in all cases, exceeding the daily limit may halt functionality of that integration until the next calculation period, resulting in a possible service interruption of the integration.

As you can see from the above, good intentions are not enough. As a developer, it is important that you are aware of ICIMS Best Practices, keep up to date with industry best practices and be fully transparent with ICIMS in defining the Intended Use Case. Failure to be diligent in your efforts may deliver an integration that fails to meet expectations and functional requirements, may impact billing, and may inadvertently impact ICIMS’ subscribers on a broader scale.

Prohibited Uses

ICIMS grants you the right, in its sole discretion, to integrate with the UNIFi Platform, subject to you meeting specific requirements and expectations. The data privacy of ICIMS’ users and subscribers, adherence to all applicable laws and regulations, and the following of security best practices are all areas that you are responsible for as a developer. Further, it is your responsibility to understand and make sure that your actions and solutions conform with all applicable system requirements, as well as all laws and regulations, not just the guidelines set forth below or as otherwise may be set forth in this document. You agree that due to ICIMS’ security requirements, you may be required to undergo a security assessment.

You acknowledge that ICIMS may establish, in its sole and absolute discretion, as may be described in its user, technical, and other similar documentation, general practices and limits concerning your conduct, use of the content or data, and use or access to the UNIFi Platform (or part thereof).

Below are some of your responsibilities that may affect your continued access to the UNIFi Platform:

  • Do not share your credentials with anyone for any reason.
  • Use credentials only for the intended and agreed upon purpose.
  • Any action to deliberately leverage, test, probe and/or exploit the UNIFi Platform, whether intentionally, knowingly or unknowingly, is strictly prohibited.
  • You shall not make available any viruses, bots, worms, scripting exploits, or other similar materials that are intended in any manner to damage, destroy, alter, or adversely affect the operation of the UNIFi Platform.
  • You shall not bypass or allow any third-party to bypass security or authentication measures. You shall not copy or reproduce any portion of the UNIFi Platform in any form or medium.
  • You shall not modify, reverse engineer, decompile, adapt, restructure, rearrange, reorganize, recompile, reformat, create derivative works of, change, or add to any portion of the UNIFi Platform or in any way attempt to reconstruct or discover any source code or algorithms of the UNIFi Platform, or any portion thereof, by any means whatsoever.
  • You shall not remove any copyright, proprietary rights, or restrictive legends, or bypass or disable any protections that have been put in place against unlicensed use of the UNIFi Platform.
  • You shall not provide, or otherwise make available, the UNIFi Platform to any unauthorized third party.
  • You shall not engage in any use of the UNIFi Platform other than as expressly permitted, without the prior written consent of ICIMS, which consent ICIMS may grant or refuse in its sole and absolute discretion.
  • You shall not make available any content, or engage in any behavior, action, or conduct, that is unlawful, harmful, untrue, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, fraudulent, deceptive, illegal, invasive of another's privacy, hateful, racist, or otherwise objectionable.
  • You shall ensure that only named users access or use the UNIFi Platform and that each named user is a unique person. Sharing of usernames and/or passwords for access to the UNIFi Platform is prohibited.

If you believe or have reason to believe that a security event, of any type, involving ICIMS and/or in relation to the UNIFi Platform has occurred or is likely to occur, you are required to let us know immediately, by emailing the UNIFi team.

If you are interested in a particular security topic, want to better understand ICIMS’ security practices, or have any other general topic of interest or concern, you may contact ICIMS directly, by emailing the UNIFi team. We will discuss, address, and in the off chance an issue does exist, we will use commercially reasonable efforts to work with you in mitigating and remediating such concern. We all benefit from partnership and collaboration in the dynamic world of security and we should all expect each party to do its part.

Data Privacy

To deliver the value and benefits of an integration with the UNIFi Platform, an exchange of data is necessary. Data privacy extends beyond the exchange of the data between two systems and your obligations extend beyond that exchange. Understanding and operating in accordance with your obligations and applicable requirements is your responsibility.

Subscriber data and content is the property of the subscriber (the “Subscriber Data”), and any modification, use and/or redistribution of that Subscriber Data is subject to prior consent by the subscriber. You are responsible for obtaining any such consent from the subscriber. Below are some of your obligations as they relate to your access and/or use of Subscriber Data:

  • Your integration and access to use the integration interfaces (REST API, Flat File or others) are LIMITED to the use and scope as defined and approved by ICIMS and as accepted by the subscriber. This means that as the developer you cannot change, expand or modify the use and/or scope without prior review, acceptance and agreement from both the subscriber and ICIMS.
  • Questions on the review, acceptance and agreement process? No problem, keep reading.
  • Be transparent with the subscriber. Explain how the Subscriber Data will be obtained, used, cached and/or stored. Make sure to obtain the required consent prior to any such use, caching or storage of Subscriber Data.
  • If your solution requires that a Subscriber’s Data be moved, manipulated and/or analyzed by any third party and/or provider, be explicit with the subscriber and ensure that you have express approval to proceed with any such third-party.
  • You acknowledge and agree that you are entirely responsible for your use of any Subscriber Data. Under no circumstances will ICIMS be liable in any way for any Subscriber Data, including any errors or omissions in any Data, or any loss or damage of any kind incurred as a result of the use of any Subscriber Data.

Technology solutions are often difficult for subscribers to understand, especially when the focus is on delivering a business solution. In order to help subscribers better understand the technology, ICIMS requires transparency in the process, and as mentioned above, developers are required to provide a clear explanation to subscribers and to obtain specific and express approval for any solution from subscribers. Should a solution not align with the scope as agreed upon with the subscriber, a use case be unclear, or if any other aspect of the solution is questionable to ICIMS, in its sole and absolute discretion, ICIMS may restrict enabling the solution or prohibit implementation of a change to any active solution.

Design

The design and delivery of a solution requires investment from all parties. This investment may be in the form of expertise, technology, time, resources, etc. Despite the investment involved, however, the parties must respect their individual input. Below are several items that will help you to better understand our respective investments as they relate to the design and delivery of a solution.

  • Interaction with the ICIMS Subscription is only available through secure endpoints that are owned and managed by either ICIMS and/or the subscriber. This means that ICIMS endpoints cannot be accessed from mobile applications, developer workstations or web browsers. This is a design requirement that you must address in any solution being developed in the UNIFi Platform to avoid rejection of your solution and misalignment of expectations with subscribers.
  • ICIMS provides a robust offering of REST APIs and delivers a flexible integration approach. We encourage you take advantage of the investment we make in documenting our capabilities with content on the Developer Site so that you can better understand our offerings.
  • You may have access to ICIMS developer environment, commonly referred to as a 'Sandbox.' Sandbox environments are there to assist you in your development efforts for the limited purpose of delivering the solution requirements. The Sandbox environment is provided to you as-is, without any warranties, expressed or implied. ICIMS will not be able to provide you with customer support or assistance for your use of a 'Sandbox' environment to demonstrate a solution, explore workflows or discover additional functionality. In addition, using a Sandbox to capture screens for documentation, education or other discovery purposes is prohibited. Should you have a requirement to use imagery for any purpose, you must first contact the UNIFi team for permission, which it shall grant or reject in its sole and absolute discretion. Some other Sandbox items to keep in mind are:
    • Sandboxes are only available to Developers working to submit their integration for validation by ICIMS.
    • ICIMS shall provide up to five (5) users from any organization with access to a Sandbox.
    • You are required to generate any test data that may be necessary for testing.
  • Determining what aspects of your solution to incorporate into the ICIMS Subscription, while delivering a cohesive experience can often be tricky. Fortunately, there are proven methods to help you along. Your first step should be to review the workflows as defined in the standard integrations (available at https://developer-community.icims.com/), experiences and the ICIMS Best Practices documentation that can be found on the Developer Site. Reviewing and adhering to these methods is the fastest path to building a high-quality solution.
  • What do you do if the Developer Site does not have the information for the solution you are seeking to build? If the Developer Site does not have the standard integration that you are looking for, the good news is that we are always looking to add more. If you cannot wait to get started, the best approach is to identify an ICIMS subscriber with a need for an integration or solution that you are seeking to build. By identifying a subscriber, you will be better able to determine the required functionality and clarify the 'scope' of your solution. Once you determine the functionality and scope, you will be well on your way to building the intended integration or solution.
  • Subscribers of ICIMS may have access to ICIMS test sites. Once you have determined the scope and functionality of your solution with the subscriber, the subscriber may grant you access to build within their test site, or, if they so elect, may grant you access to their production environment. You can work with the subscriber on the preferred approach.

Submitting for Standard Validation

Want to have your solution in the Marketplace sooner?

For those developers that have reviewed the ICIMS’ documentation, have the functionality to meet ICIMS’ Standard Workflows, experiences and best practices, and have decided to build to the standard integration, we would like to welcome you to our community. To get started, it would be of value to outline what you can expect from us and what we expect from you. The team here at ICIMS understands that building any solution can be a bit of a journey. Competing priorities, developer focus, and backlog management are aspects that must be managed. You are directly responsible for both how the overall experience is perceived by subscribers and the speed which you receive the necessary validation to complete the solution.

Let us play out a possible scenario…

You: How can it be true that I, the developer, am in the driver’s seat? It is an ICIMS process... you can't be serious? ICIMS...

ICIMS: We are serious... and here's why.

  • ICIMS has taken the time to thoroughly document its APIs and made them available to you for review. Included in this documentation are a series of best practices modules available to our developer community. When reviewed and applied properly, this documentation will aid in your development efforts.
  • Provisioning of Sandboxes generally occurs within one business day of request.
  • Guidance on how to use the 'Sandboxes' and other relevant content is available on demand to our developer community.
  • ICIMS generally completes its review of the results and provides to the developer its feedback and decision on the next business day, so as not to delay the developer’s autonomous process.
  • ICIMS uses its best efforts to schedule review sessions within ten (10) business days from when the developer is ready to validate.

You: OK... OK... So how do I ensure a great experience for me and the subscriber?

ICIMS: Well, we are very glad that you asked!

  • Please take the time to review the ICIMS documentation that you can easily find on the Developer Site.
  • Review the Standard Workflows, experiences and best practices. These have been developed based on our experience and are meant to guide you through the process. Use them.
  • Recognize early in your process whether your solution will meet the requisite expectations. Whether you want to be different or want to offer flexibility as part of your value proposition, whatever the reason may be, decide early on that you will not pursue validation. Please do NOT pursue validation, while knowing that you do not want to limit your integration to the expectations defined by ICIMS. Let us be clear, we want to support you on your path, but we cannot detour from our proven process or bend the rules. If you cannot operate without the set forth expectations, your solution will not be validated.
  • If you have questions take advantage of our developer forum. You can interact with other developers in the ICIMS developer community who may have had and worked through similar issues. If the forum does not provide sufficient information, you can request a Developer live question and answer session to address your specific question.
  • If you are confident in what you have built, book a validation meeting. Prior to doing so, please ensure that:
    • You know the process you are supporting and understand the workflow.
    • Your solution is handling errors and in-line with ICIMS Standard Workflows, experiences and best practices.
    • You are ready to demonstrate the experience end-to-end and not just a 'manufacturing' of the experience where you try to explain what should or would happen.

In summary, ICIMS aims to provide a positive experience with a process that is designed to be a lightweight addition to your integration efforts. Our recommendation is that you understand what you are building and ensure you give yourself adequate time and set the proper priorities to work through what is needed to build a quality experience.