The endless turtles-all-the-way-down of APIs is turning out to just be a shit show.
Here’s one example. My day job uses a payroll company called “Gusto”. They have a definite “startup” feel but they’re way more solid than ADP or Paychex ever was. Dealing with Paychex was like dealing with the Borg.
Gusto, in their mobile app, helpfully offers to have me file my taxes via a partnership with company I’ve never heard of called “april”. (They only put it in lowercase, but I’m going to uppercase it from here on out). That app uses yet another API from a different company to import my tax data from a fourth company.
Can you imagine how this might go wrong?
Note that Gusto offer this only within their mobile app, not on the desktop.
I get a few steps in, where they tell me that rather than tapping in a bunch of details on a mobile phone, I can attempt to import my prior year tax return from HRBlock by putting in my hrblock username and password:
When I go to put in my password, I spot that there’s a set of terms and conditions from a company that I’ve never heard of to this point. Not my Day job, not HR Block, not Gusto, not April. Our new player: Atomic.
But I hit an error.
Not an error that shows that I have a wrong username or password, though. A much weirder error. An error that implies that…maybe someone is still running in Sandbox Mode:
Please….contact sales? What?
Okay, if I had a site that was hitting this error, I’d want to know. This conversation has been entirely in the Gusto Wallet app, so I attempt a live chat with a Gusto support agent.
The agent…claims there’s no integration with anything called April:
For reference, this is what I just linked to:
I end the chat.
Later on, I’m wondering, have I just been gaslit?
I ask the help on their website again, and get an AI-generated answer:
So their people say they don’t have an April integration, their AI and knowledge base do, but it claims it can’t talk to HR Block. Okay, I send an email pointing out the same thing, and I also reach out to April.
My intent in reaching out is to find a sysadmin who will say “Oh shit, that piece of software hasn’t been fully set up yet, I should fix that”.
Instead, April gets back to me and tells me I can just “work around the problem by entering all my details manually”. On a mobile phone. For tax information.
No thanks.
At any rate, I then hear back from Gusto again:
Is this the twilight zone?
Undaunted, I send them the link to their own knowledge base article…I also send them a bunch of screenshots of the error occurring, and I tell them that I’ve already been in touch with April and decided that entering my entire prior year’s return manually, on a smartphone is not an option I choose to go with, but as an engineer, I want someone to be aware of the brokenness.
They get back to me, telling me now, all about what April is, including repeating an entire paragraph, and not apologizing at all for essentially not knowing what services they offer in the prior email.
Sigh.
I don’t think Elvis there is a real person. I think it’s AI chatbot pablum that doesn’t understand what I’m asking for.
Either that, or he’s a few sandwiches short of a picnic.
But in digging deeper into this I’ve got a clear picture of what’s going on:
Gusto has an integration with April, but only in the mobile app, because it basically loads the April mobile app in the app equivalent of an iFrame and it’s harder to do that in their website.
As part of this, Gusto calls April which in turn calls Atomic to try and import my tax info from HRBlock. But somewhere along the line, the April/Atomic API is still running in Sandbox mode, where the number of transactions is limited.
This error should be going to a sysadmin or account manager somewhere, but instead, it’s being seen by users. Almost as if I go to try to take cash out of an ATM but instead get a pop-up showing that the phone line the ATM uses has been cut off for non-payment. (And positively zero info about my actual account).
But instead of people working to solve the problem, I have everyone pointing at someone else.
And that’s in the 50 percent of the time that Gusto can agree that the integration exists at all. Which should be a given, but isn’t.
Given errors like this, would you continue to trust April to hold on to your information and never be breached? I don’t. My next move is going to be to contact April, (and CC Gusto) and say that in light of the way this was handled, I want confirmation that my Personally Identifiable Information (including my SSN) is purged from their system.
It turns out, anyway, that I can’t file my taxes yet anyway. While my W-2 is ready, and every app is pushing me to do it and use their integration to do it, none of my investment accounts have given me the 1099’s that *they* need to (1099-MISC’s and 1099-INT’s)
Now, getting me that info should be elementary and simple to do, but we live in a world where I can instantly find out how far away my Pizza is, but can’t get reasonable legal documents inside 30 days.
I say it a lot, and I’m going to say it again. “Someone bring me the head of a UX Engineer.”
