HireLoop

• 

  Landing Page

• 

  Rejection Analysis

• 

  Dashboard

• 

  AI Follow-up mail replies with human consent

Inspiration

I'm a final year engineering student from Nagpur, India. Over the last few months, I applied to over 100 companies. My inbox became a graveyard of rejection emails and silence. I had no idea why I kept getting rejected -was it my resume? My interviews? The types of companies I was targeting? I was exhausted, confused, and had no system.

I built HireLoop because I lived this problem. Every job seeker deserves to understand their own data. Not just track applications but actually learn from them.

What it does

HireLoop is an AI-powered job search agent that:

• Connects to your Gmail securely via Auth0 Token Vault your tokens never touch our database
• Automatically categorizes job emails into Applied, Interviewing, Rejected, and Offered buckets
• Analyzes rejection patterns using Gemini AI tells you exactly what stage you're failing at, what company types are rejecting you, and gives 3 specific actionable recommendations
• Drafts follow-up emails for applications that have gone silent but critically, the agent cannot send anything without your explicit approval (human-in-the-loop async authorization)

How I built it

Tech Stack:

• Frontend: Next.js 16, Tailwind CSS, Shadcn UI
• Auth & Token Management: Auth0 for AI Agents (Token Vault)
• Email: Gmail API via Auth0 Token Vault token exchange
• AI Analysis: Google Gemini 1.5 Flash
• Deployment: Vercel

The Auth0 Token Vault integration was the core architectural decision. Instead of storing Google OAuth refresh tokens in our own database (a massive security liability), I use Token Vault to securely manage the entire OAuth lifecycle. The SDK's getAccessTokenForConnection() method handles token exchange, refresh, and storage we never see the raw tokens.

For the follow-up agent, I implemented async authorization, the agent queues actions and waits for explicit human approval before executing any write operations on the user's Gmail.

Challenges I ran into

• Auth0 v4 SDK breaking changes, the new @auth0/nextjs-auth0 v4 completely changed the API from v3. No route handlers needed anymore, middleware handles everything. Took significant debugging to understand getAccessTokenForConnection() vs manual token exchange.

• Token Vault scopes, configuring Gmail scopes correctly in Auth0's Google social connection for Token Vault required precise setup in both Google Cloud Console and Auth0 dashboard.

• Session management in API routes, Next.js App Router + Auth0 v4 session handling in API routes required passing the request object correctly.

Accomplishments that we're proud of

• Successfully implemented Auth0 Token Vault for Gmail OAuth, tokens are never stored in our database
• Built a working AI rejection analyzer that gives real, personalized insights from real emails
• Implemented human-in-the-loop async authorization for the follow-up agent
• Used all 4 Auth0 AI Agents use cases: User Auth, Calling APIs, Async Auth, and secure token management
• Built a production-ready UI that feels like a real SaaS product

What we learned

• Auth0 Token Vault is genuinely powerful for agentic applications, it solves the hardest problem in AI agents (secure credential delegation) with just a few lines of code
• Human-in-the-loop design is not a limitation, it's a feature. Users trust agents more when they stay in control.
• The best AI applications solve problems the builder has personally experienced

What's next for HireLoop

• Google Calendar integration - automatically add interview slots to calendar
• Multi-inbox support - LinkedIn messages, job portal notifications
• Resume scoring - compare your resume against job descriptions you applied to
• Weekly digest - automated weekly email summarizing your job search progress
• Mobile app - so job seekers can approve follow-ups on the go

---

📝 BLOG POST: Building Human-in-the-Loop AI Agents with Auth0 Token Vault

This section qualifies for the Bonus Blog Post Prize

The Problem With Giving AI Access to Your Inbox

When I started building HireLoop, the scariest part wasn't the AI it was security. Giving an agent access to your Gmail means giving it access to everything. One misconfiguration and the agent reads things it was never supposed to touch.

The naive solution is storing Google OAuth refresh tokens in your own database. This is how most projects work and it's a disaster waiting to happen. Your database becomes a treasure chest of credentials.

How Auth0 Token Vault Changes Everything

Token Vault acts as a secure intermediary between your AI agent and external APIs. Instead of storing tokens yourself, Auth0 handles everything via one line of code:

const { token } = await auth0.getAccessTokenForConnection({
  connection: 'google-oauth2'
})

Auth0 handles token storage, refresh, and consent management. Your app never sees the raw refresh token. This is a fundamentally safer architecture for AI agents.

Async Authorization: The Follow-Up Agent

When HireLoop's follow-up agent wants to send an email, it doesn't just send it. It:

1. Drafts the email and queues it
2. Notifies the user in the dashboard
3. Waits for explicit human approval

Only when the user clicks "Approve & Send" does the app retrieve the Gmail token from Token Vault and dispatch the email. The agent pauses and asks - that's the difference between an agent users trust and one they fear.

Auth0 Token Vault made building a trustworthy AI agent possible. That's what HireLoop taught me.

Built With

• auth0
• gemini
• google-gmail-oauth
• next.js
• node.js
• shadcn
• tailwind
• typescript
• vercel