GuidesAPI ReferenceChangelogAPI PolicyAPI StatusGusto Security
Guides

API Versioning

Suggest Edits

At Gusto we're committed to enhancing the developer experience by continuously improving our services and introducing new features through the Embedded API. Using a date-based API versioning system allows us to release backward incompatible changes in new versions while ensuring existing versions continue to receive support and benefit from new features.

For more information on all API updates, including new version releases, visit our API Changelog.

Release schedule

When backward incompatible changes are made to the API, we will release a new version on a monthly cadence. Additionally, smaller fixes or tweaks may be batched into future versions. However, if there are no changes requiring an immediate release in a given month, a new version will not be released.

After a version is released, it is guaranteed to receive support for a minimum of 12 months. For improved performance and security, we strongly advise upgrading to the latest API version every quarter. To learn more about setting up API versioning visit our getting setup guide.

Deprecation practices

We strive to keep the Embedded API secure and up-to-date. If certain components become insecure, outdated, or unnecessary, we may mark them as deprecated. A deprecated version indicates that it is no longer supported and will be removed. Specifically, this entails updating the minimum API version in partner integration apps to the next stable version. Further details regarding the deprecated version will be announced in our API Changelog and guidance to aid in upgrading will live in our version upgrade guide.

Once a version is removed, it becomes unusable. If your request header specifies a version older than the oldest supported stable version, your API request will return a 406 Not Acceptable error. If no version is specified in the request header, your API request will default to the minimum API version listed in your Developer Portal.

Deprecation headers

Once an API version is marked as deprecated, our API will begin returning deprecation headers to notify you of upcoming changes. These headers indicate when a resource has been scheduled for removal and where to find more information about how to upgrade your integration.

Here is what you can expect:

  • Deprecation header: an HTTP datetime value that indicates when the resources has been marked as deprecated.
  • Link header: a link with the "deprecation" link relation type to communicate where to find more information about the deprecated resource and upgrade instructions.
  • Sunset header: Specifies the date when the resource will be removed. After this date, all calls to the resource will return a 406 Not Acceptable error.

We recommend you to monitor these changes by logging the presence of the aforementioned headers and plan ahead to avoid breaking integrations. This practice also ensures your compatibility with future API versions and helps you stay informed about new features and enhancements.

Backward-incompatible changes

We consider the following to be backward-incompatible changes:

  • Deleting a resource or API endpoint.
  • Deleting a response field.
  • Modifying a resource or method URI.
  • Modifying an existing field name.
  • Modifying required query parameters.
  • Modifying authorization.

Backward-compatible changes

We consider the following to be backward-compatible changes:

  • Adding new API endpoints.
  • Adding new optional parameters to existing endpoints.
  • Adding new response fields.
  • Changing the order of properties in existing API responses.

These non-breaking changes are additive in nature. They will be documented and applied to previously released API version.

Updated 2 months ago

What’s Next