GSA Tech Guides
All guides » API guides
GSA has developed API Standards that capture GSA’s recommended best practices, conventions, and standards for Application Programming Interfaces (APIs).
The standards include these critical items:
- Always Use HTTPS - All APIs should require and use HTTPS encryption (using TLS/SSL). APIs should not allow HTTP connections. CIO.gov guidance on HTTPS
- Add Your API To The GSA API Directory - The GSA API Directory is available at https://open.gsa.gov/api.
- Use The api.data.gov Service - The api.data.gov service is an API management service for federal agencies. GSA APIs should use the api.gsa.gov base domain with this service.
- Provide Support For Versioning - Versioning APIs makes the process of adding new functionality smoother and less disruptive to existing API consumers.
- Provide Public Documentation - The developer’s entry point to an API is its documentation. Clear and functional documentation improves the on-boarding process.
- Provide A Feedback Mechanism That Is Clear and Monitored - Having an obvious mechanism for clients to report issues and ask questions about the API demonstrates that the API can be counted on for production usage.
- Provide An OpenAPI Specification File - Providing this allows consumers to understand the details and can be used by development or testing tools accessing your API.