API strategy
Platform integration
API versioning strategy for SaaS platforms in the agent era: schemes that hold up, deprecation policy, sunset headers, and breaking change communication.

How should a SaaS platform version its API when the consumers now include AI agents that can't read a migration guide? The old playbook — bump the major version, publish a changelog, give humans twelve months to migrate — assumes a developer sits between your API and the thing calling it. That assumption is breaking. Agents don't read email. They don't attend office hours. They fail silently when a field name changes.
Our view: versioning strategy is no longer a documentation exercise. It's a runtime contract. The teams that get this right treat every breaking change as a production incident waiting to happen, and design their lifecycle so agents degrade gracefully rather than crash quietly.
This piece walks through five things: why the classic strategy fails under agent load, the versioning schemes that survive contact with reality, how a deprecation policy should actually work when agents are the consumer, what a sunset header does and doesn't do, and how to communicate breaking changes to a consumer that can't read.
The classic SaaS API versioning playbook has three moves. Version in the URL path. Deprecate on a schedule. Email your developer list. It worked because the consumer was a human engineer with a Jira ticket and a runway.
Agents change the shape of the problem in three ways.
First, the consumer can't be reached. Your API has a registered developer somewhere in a CRM. The agent calling it doesn't. It was configured six months ago by a customer's internal AI team, wrapped in a tool definition, and hasn't been touched since. When you send the deprecation email, it goes to the developer who built the agent — not the agent itself, and often not the team currently operating it.
Second, the failure mode is silent. A human developer notices a 410 Gone response, reads the error body, and files a ticket. An agent gets the same 410, tells the model "the tool returned an error," and the model — depending on how it was prompted — either retries, hallucinates around the missing capability, or gives up. None of those outcomes surface as "the vendor deprecated our version." They surface as "the agent got worse."
Third, the migration cost is asymmetric. When you shipped v2 of your REST API in 2019, the customer's engineering team migrated their integration in a sprint. When you ship v2 in 2026, the customer has to re-scan their agent tool definitions, re-run their agent evals, re-verify trajectories, and — if the tool signatures changed — potentially re-prompt the whole workflow. Migration is no longer a code change. It's a re-evaluation of a probabilistic system.
The implication: breaking changes are more expensive to the consumer than they used to be, and less visible when they land. Your versioning strategy has to reflect both.
The three common schemes — URL path (/v1/users), custom header (Accept-Version: 2), and date-based (2026-01-15, typically also delivered via a header) — each have a distinct failure mode under agent load. Here's how they compare.
URL path versioning is the honest default for public APIs. It's visible, it survives caching and logging cleanly, and when a tool definition points at /v2/customers, there's no ambiguity about what the agent is calling. Its weakness is coarseness — every breaking change forces a major bump, which nudges teams to batch changes and ship less often.
Header versioning (as used by GitHub's Accept header and others) lets you version per-endpoint at a finer grain. It reads well in a browser-tested world where humans configure clients. Under agent load, it introduces a specific risk: if the tool definition doesn't set the version header explicitly, the agent floats on whatever your default is — and your default changes when you release. The fix is to require the header and reject requests without it, but that's a hostile default for early integrations. Note that a header is a transport mechanism, not a scheme in its own right — you still have to decide what the header carries (an integer, a date, a semver string).
Date-based versioning (Stripe's model) is the most granular option. Each customer pins to a date; that date becomes their contract. Stripe delivers this via a header (Stripe-Version: 2026-06-24), which is why it's often confused with header versioning — the two are orthogonal, and Stripe combines both. It works well when your consumers are sophisticated and your release cadence is high. It works less well when agents are the consumer, because the date pin has to live in the tool definition and be part of every request — which puts more pressure on how tool definitions are generated and maintained.
Our recommendation for most SaaS platforms shipping agents: use URL path versioning for the outer boundary (v1, v2), and use date-based pinning inside a major version for finer-grained changes. That gives agents a stable, discoverable outer contract, and gives your team room to iterate without a semver bump every fortnight.
Whatever you pick, encode the version in your OpenAPI specification explicitly. The spec is what SDK generators and agent tool generators read. If the version isn't in the spec, it isn't in the tool definition, and the agent has no way to pin.
A deprecation policy is the rule your team follows every time you want to change something a customer depends on. Most SaaS deprecation policies were written for human developers and haven't been updated. Here's what a policy that survives agent traffic actually needs.
Not all breaking changes are equal. A field rename is not the same as removing an endpoint. Grade them.
RFC 8594 defines a Sunset HTTP response header that carries the date after which a resource will stop working. It looks like this:
Sunset: Wed, 11 Nov 2026 23:59:59 GMT
Link: <https://docs.example.com/deprecation/v1>; rel="sunset"
The sunset header is useful. It's not a policy. It's a signal that a policy exists. Two things to be clear about.
First, the header tells a client the endpoint is going away — it doesn't tell the client what to do about it. If the client is an agent, the header lands in a response the agent's runtime may or may not surface. Whether the agent's operator ever sees it depends entirely on the tools layer between the model and the API. This is a hard argument for investing in the tools layer: the runtime is where sunset warnings become actionable, or where they get swallowed.
Second, the header should always ship with a companion Deprecation header (RFC 9745) and a Link header pointing to migration documentation. A sunset date with no migration path is a countdown clock, not a policy.
A good deprecation policy makes usage observable to the vendor and to the customer.
For the vendor: instrument every deprecated endpoint. Log the caller, the version, the frequency, and — if you can — the tool definition ID or agent identifier. When you're 90 days from sunset, you should know exactly which customers still call the deprecated path, from which agents, and how often. If you can't answer that question, you're going to break a production system on sunset day.
For the customer: give them a dashboard, an API, or at minimum a monthly report that shows their deprecated-endpoint traffic. Enterprise customers with active agent projects will want this in their own observability stack. Expose it.
The hardest part of an agent-era versioning strategy isn't the schema. It's the communication.
Human developers read email, changelogs, and Slack. Agents read tool definitions and API responses. Anything you communicate outside those two channels is invisible to the actual consumer.
This reframes what "communication" means. It's not just a blog post and a mailing list. It's a set of runtime signals that a well-built agent runtime can act on:
Deprecation and Sunset headers on every response from a deprecated endpoint. Machine-readable dates. Machine-readable links.endpoint_sunset), the replacement endpoint, and a link to migration docs. This lets a sophisticated agent runtime detect the pattern and route around it.additive, breaking, deprecation). This lets customers' tools-layer platforms subscribe and re-scan tool definitions when relevant changes ship. See our piece on detecting API breaking changes for the CI side of this.The underlying principle: treat every breaking change as an event that needs to propagate to a probabilistic consumer through a deterministic channel. Email is not a deterministic channel. Response headers and structured error bodies are.
Everything above assumes something has to sit between the model and your API — a layer that reads sunset headers, watches for deprecation signals, re-scans tool definitions when specs change, and keeps agents on a supported version without a customer's engineering team catching it in review. That's the tools layer, and it's the layer most SaaS teams don't have yet.
Pontil operates in that layer. We scan the APIs a customer already has, generate agent-facing tools from them, and hold those tools current as the underlying API evolves — including handling deprecation signals, version pins, and breaking-change propagation. The runtime executes tool calls as the authenticated user, so version changes don't compromise the per-user audit trail your security team asked for. If you're thinking about how versioning strategy interacts with an agent programme that has to actually ship, this is the surface where the two problems meet. The Pontil product page has more on how the pieces fit together.
The answer most teams will land on over the next two years: versioning becomes less about the URL scheme and more about the runtime contract. The URL is a label. The contract is what your customers' agents actually execute against — and that contract now includes headers, sunset dates, error shapes, and machine-readable changelogs.
The teams that get this right will look, from the outside, like they release faster. That's because they'll be shipping breaking changes cleanly instead of holding them for six-month batches. The teams that get it wrong will look like they've become slower, more cautious, more afraid to touch the API. Both directions are downstream of the same choice: how much of the migration work do you make the consumer do, and how much do you absorb into your own platform?
Start with an honest audit. Which endpoints are actually called by agents today? Which will be a year from now? If you don't know, that's the first thing to fix — before the versioning policy, before the sunset header, before anything else.
Stay up to date on the ever changing agentic landscape.