Wistia Deprecation Schedule

Sometimes, we need to remove functionality from our website due to safety concerns or for code health purposes. Any forthcoming deprecatons will be listed below.

July 5th: Authentication in query parameters

What is it?

Passing authentication tokens or passwords via query parameters is unsafe - from malicious actors and from passwords being exposed in logs. Wistia will be deprecating this functionality in favor of bearer tokens or other authentication schemes. please see the docs for more info on how to query the API.

When is it happening?

We will deprecate this functionality on July 5th, 2022

Please note, we will be performing brownouts on May 16th, 2022 and June 1st, 2022. Brownouts will disable query param auth functionality for a period of time so that our customers may test their new authentication and any customers unaware of the deprecation can be notified before the deprecation fully comes into effect.

On May 16th, 2022 we will be browning out query param auth for one hour during normal business hours.

On June 1st, 2022 we will be browning out query param auth for one business day.

Who is affected?

We will anonymously audit our API logs and reach out to customers who recently used our API with query param auth. In the meantime if you find you are passing authentication by query param, don’t wait for us! Please switch to using bearer tokens or any other form of authentication as soon as possible.

March 7th: Rate limiting status code change

What is it?

Our rate limiting code currently throws a 503 status code when an account has reached its rate limit. There is a code specific to rate limiting - 429 - that we should be using instead.

When is it happening?

We will Deprecate this functionality on March 7th, 2022

Who is affected?

A code audit will be needed to see if your API code is affected by this code change.

February 18th, 2022: TLS Deprecation

What is it?

TLS stands for Transport Layer Security and is the protocol used for securing HTTPS pages. The IETF has deprecated TLS 1.0 and 1.1 as they are vulnerable to attacks that can recover potentially sensitive information.

When is it happening?

We plan to deprecate the ability to request information from any Wistia webpage by Febuary 18th, 2022.

Who is affected?

Wistia has anonymously gathered log information and will be contacting account owners if they have accessed the API recently with a TLS 1.0 or 1.1 connection.

Otherwise, if you are using a modern browser you should be unaffected by this deprecation.