Convention for HTTP response header to notify clients of deprecated API

I would not change anything in the status code to be backward compatible. I would add a "Warning" header in the response :

Warning: 299 - "Deprecated API"

You can also specify the "-" with the "Agent" that emits the warning, and be more explicit in the warn-text :

Warning: 299 api.blazingFrog.com "Deprecated API: use betterapi.blazingFrog.com instead. Old API maintained until 2015-06-02"

Warning header is specified here: https://www.rfc-editor.org/rfc/rfc7234#section-5.5. Warn-code 299 is generic, "Deprecated" is not standard.

You have to tell your API clients to log the HTTP warnings and monitor it.

I've never used it until now, but when my company will be more mature in Rest API I will integrate it.

Edit (2019-04-25): As @Harry Wood mentioned it, the Warning header is in a chapter related to caching in the documentation. However, the RFC is clear Warnings can be used for other purposes, both cache-related and otherwise.

If you prefer an alternate method, this draft https://datatracker.ietf.org/doc/html/draft-dalal-deprecation-header-00 suggests a new header "Deprecation".

Edit (2021-01-04) : As @Dima Parzhitsky mentioned it, MDN says this header is deprecated

I would/ have gone with 301 (Moved Permanently) The 300 series codes are supposed to tell the client they have an action to do.

You could use 410 (Gone).

Here's how W3C's Status Code Definitions describe it:

410 (Gone)

The requested resource is no longer available at the server and no forwarding address is known. This condition is expected to be considered permanent. Clients with link editing capabilities SHOULD delete references to the Request-URI after user approval. If the server does not know, or has no facility to determine, whether or not the condition is permanent, the status code 404 (Not Found) SHOULD be used instead. This response is cacheable unless indicated otherwise.

The 410 response is primarily intended to assist the task of web maintenance by notifying the recipient that the resource is intentionally unavailable and that the server owners desire that remote links to that resource be removed. Such an event is common for limited-time, promotional services and for resources belonging to individuals no longer working at the server's site. It is not necessary to mark all permanently unavailable resources as "gone" or to keep the mark for any length of time -- that is left to the discretion of the server owner.