Skip to main content
All CollectionsPartnerships
Gusto - How do I set up my integration?
Gusto - How do I set up my integration?

An overview of Merge’s partnership with Gusto and instructions on how to access the integration

Updated over a week ago

Overview

We’re incredibly excited to have entered into a formal partnership with Gusto! Our partnership with Gusto offers a streamlined customer experience to become an approved integration partner with Gusto, and receive partnership credentials to enable API access.

This guide will outline the steps required to become a Gusto integration partner and enable the Gusto integration through Merge.

Prerequisites

To access the Gusto integration, you must be on Merge's Professional or Enterprise plan. If you want to upgrade your plan, please contact us at [email protected] and our team will assist you.

Partnership Process

Step 1: Reach out to Merge and review Gusto's security requirements

As part of our partnership with Gusto, Merge is facilitating the security review and partnership process for our customers. After reading the below steps in detail, please reach out to your Customer Success Manager or Solutions Architect to start the process.

The majority of the onboarding process is a security review of your application. The requirements of that security review will vary depending on your use case with Merge. Your CSM or SA will provide you with the list of required security protocols based on your use case. Upon confirmation of each requirement, the process will continue with the steps below.

To see a list of all security requirements for Gusto, you can refer to this page. Please reach out to your CSM or SA to better understand security requirements for your specific use case.

Step 2: Create an account in Gusto's Developer Portal

Your own Gusto developer app will be used to authenticate your customers, allowing your branding to appear in the OAuth flow. The Merge team will assist you in the management of the app, but you must first sign up for a Gusto DevPortal account through their sign-up form.

  • Ensure you populate No as the answer to Are you building embedded payroll?

Please reach out to your CSM, SA, or [email protected] if you have any questions about this sign-up process.

If you already have a Gusto developer app, please let your CSM or SA know.

Step 3: Complete Gusto's Onboarding Questionnaire

Once you've confirmed you have all the required security protocols in place, we'll send you Gusto's production pre-approval form. The questionnaire will ask some high-level questions about your business, use case, and security measures.

The form will also ask for reports such as a SOC 2 Type 2 Report, ISO 27001 Certificate, or PCI Certificate. Please upload these reports if you have them as it will expedite the security review process.

Complete to the best of your ability, and feel free to reach out to your CSM or SA for additional clarification!

Step 4: Support in completing Gusto's Security Review

Once the questionnaire is submitted, a security review from Gusto and their third party partner, VISO Trust, will be kicked off. Much of the security review is confirming that the documents asked for in Step 1 are in place and that there are acceptable security controls around data and user access.

In some cases, Gusto or VISO Trust may reach out for additional clarification or documentation. We recommend trying to address these requests in a timely manner to keep the security review process as smooth as possible.

The security review will typically take one week. Once approved, Gusto will notify us, provision your Gusto developer account with production API credentials, and configure the scopes based on your use cases.

If you are not approved, we'll work with you and Gusto to resolve any issues.

Step 5: Receive your production API credentials and input them in the Merge Dashboard

Once you've received the Production API Credentials, please input them under your Gusto integration settings on this page.

Important items to note

If you have existing Gusto connections prior to becoming a partner:

Timelines:

  1. If you have any existing Gusto Linked Accounts, please complete the above steps prior to February 27th.

  2. If you have existing Gusto Linked Accounts and do not complete the above steps by April 27th, Merge is required to delete those connections, and the Gusto integration will be disabled for you.

Relinking existing connections:

You must request all of your prior Gusto connections to relink their account - they will now authenticate through the Partnership OAuth flow in which they'll authorize access to your company to access their data.

When your customer relinks their Gusto connection to now go through the Partnership API, Merge is required to delete all existing data from the connection, and resync fresh.

Important: Upon relink, you must fully refresh the data stored in your database by resyncing with Merge. All objects will have new IDs and an updated modified_at timestamp once the first sync after the relink is complete. All objects synced prior to the relink will be deleted.

Integrations Management - API Logs Dashboard and Issues management

At the request of Gusto, the API Logs Dashboard and Issues Dashboard will have redacted request and response bodies.

Related Articles
How does Merge work with API partners?
How do I prepare to onboard my customers?
Gusto - How do I link my demo account?
Xero - How do I set up my partner credentials?
Rippling - How do I set up my integration?
Did this answer your question?