Gusto Onboarding
Before gaining access to Gusto’s production API, all developers are subject to Gusto’s standard security and compliance review. As an official Gusto development partner, Finch will work closely with you to support you through your onboarding journey. The onboarding process consists of the following steps:
Step 1: Create an account in Gusto’s Developer Portal
Step 2: Inform your Developer Success Representative
Step 3: Complete the Gusto Onboarding Questionnaire
Step 4: Assist Gusto Security Review
Step 5: Provide your Gusto developer credentials to Finch
Step 6: Inform your Developer Success Representative of completion
Step 7: Connect your Employers!
The remainder of this page outlines these steps in greater detail.
Step 1: Create an account in Gusto’s Developer Portal
[5 minutes]
Gusto requires that all developers be set up in their Developer Portal. Finch offers a managed service by default where we will create and manage your DevPortal “organization” - all you need to do is sign up for a DevPortal account and we’ll take it from there.
If you are prompted to create an organization, select “I am joining an existing developer organization”.
Note: Gusto will create your organization and add both your and our user accounts as a part of the onboarding process
Please reach out to your Success Manager or developers@tryfinch.com if you have any questions.
Step 2: Inform your Developer Success Representative
[1 minute]
Please let your Finch Developer Success representative know that you will be requesting access to Gusto.
Hello [Developer Success Representative Name],
We are reaching out to notify you that we intend to request access to Gusto.
Your Developer Success representative will then work with you to confirm that you have the requisite controls in place in order to be able to pass Gusto’s Security Review. If any gaps in controls are identified, your Developer Success Representative will flag them to you for remediation.
Step 3: Complete Gusto’s Onboarding Questionnaire
[30 minutes to 1 hour]
Please fill out this Finch-specific onboarding questionnaire. The questionnaire will ask you about your company, Gusto integration requirements, and your security and control environment (such as whether you have physical security controls, if data is encrypted, etc.). Please ensure to include all supporting documents as they will be necessary for Gusto to complete the review.
The requirements for each developer will depend upon the sensitivity of the data access requested. If you have a SOC 2 Type 2 Report, ISO 27001 Certificate, or PCI Certificate, you will be shown a simplified questionnaire and your review process will be expedited. If you do not have one of these reports, and you require data access to sensitive PII (e.g., benefits data), please contact your Developer Success representative to discuss further.
We understand that answering the questionnaire can be time-consuming but it is a necessary step in ensuring that your application meets Gusto’s data security requirements. In rare cases, Gusto may not approve an application for production access for a reason other than security concerns, such as for a use case Gusto prohibits on their platform (e.g. mature content, etc.). If you have questions on how to respond to a specific question, please don’t hesitate to reach out to our Developer Success team.
Step 4: Gusto Security Review
[1 to 2 weeks]
After you submit the questionnaire, Gusto will conduct a security review via a third party called VISO Trust. The VISO Trust process typically takes one week. In most cases, nothing further will be needed from you; however, we, Gusto or VISO Trust may reach out for additional information or clarification. Please respond to these requests timely, as any delays could impact when production access will be made available to you.
Once you have been approved, the Gusto team will enable production access and issue production credentials within their Developer Portal. Gusto will then apply the appropriate data scopes that were requested as part of the security questionnaire to your configuration, thereby adhering to the security principle of least privilege. Finch will be notified by Gusto as soon as your account credentials are ready for use. We will notify you to provide your credentials to Finch through the developer dashboard.
If you are not approved for production access for security reasons, Gusto will work with us and you to resolve those issues within a reasonable timeframe.
Step 5: Provide your Gusto developer credentials to Finch
[5 minutes]
Navigate to your developer dashboard and to your integrations. Search for Gusto and click Edit.
Copy over your Gusto OAuth credentials from your DevPortal account. Navigate to applications, and then your production application.
Paste the Client ID and then paste the secret from your Gusto developer portal into your Gusto integration config.
Toggle Integration Status to Enabled and click Done.
Your Gusto integration is now configured and enabled!
Step 6: Inform your Developer Success Representative of completion
[1 minute]
Please let your Finch Developer Success representative know that you have provided your Gusto credentials and have enabled your Gusto integration.
Hello [Developer Success Representative Name],
We are reaching out to notify you that we have provided our Gusto credentials and have enabled our Gusto integration.
Step 7: Connect your Employers!
Your employers can then go through Finch Connect and connect to their Gusto account to authorize your application for data access!
If you have any questions, please do not hesitate to reach out to your Finch Developer Success representative. We look forward to working with you to provide a seamless integration with Gusto. We understand that this process can be complex and we are here to help you every step of the way.
Was this page helpful?