Skip to main content

This is the error we’re receiving:

We hit an error adding your new account

authentication failed: We ran into an error and were unable to complete the request. This kind of error is usually cause by a malformed Base URL, but could have other causes. Please provide this error message to Support if you wish to escalate: AppError: {"message":"Invalid Base URL or REST API not configured properly on WordPress website. Please verify your URL is from Settings > General > Site URL and verify that REST API is working properly on your website by checking the Tools > Site Health for Errors."}

  1. Make sure you click "Allow" or "Accept" on the permission popup
  2. Double check your Account has the correct permissions
  3. Check out our help docs for more information

     

We had previously opened up a ticket back on the 30th of July 2024, speaking to Abdullah U. in regards to this issue and were suggested some fixes, however none have worked. 

Part of the ticket response:

However, from the video, I can confirm that the Site URL, the consumer key, and the consumer secret are correct so there may be a broader issue here. 
 
Based on the reports from existing users it may be one of the following issues that's causing this:

  • Basic Authentication isn't set up properly on the website. These are at the WordPress website level, and they will need to correct this to get REST API working.
  • Bad redirection rules or a plugin performing redirection that is routing the REST API requests and stripping the POST or DELETE verb from the request. That makes it default to a GET request. This can happen if they have the "www" left in the "Site URL" or added it if that's not how the site is actually registered. Some redirection plugins may also be causing this issue.
  • Plugins or security settings at the website that are blocking REST API. These are a lot harder to troubleshoot, but we've seen WordFence doing this, and there are other plugins or site security settings that they will need to have https://hooks.zapier.com/* whitelisted to correct.

 
Moreover, here are some tips for you while you're attempting to troubleshoot:

  • The Gravity Forms API logging will show the REST API basic authentication and OAuth tests.
  • It also validates that you're connecting the right account.
  • There will be a GET request for every connection attempt and every time the Zapier setup reads the forms.
  • There will be a post request when the feed is created and, at present, a delete request when the zap is disabled, and a post request when it's enabled.
  • In the Zapier Add-On log, the /standard/ hooks are the new API requests, and the /catch/ are the Legacy API requests. Other than that, they look identical.



We’ve tried all of the above with no luck.

It may be worth mentioning that it seems to be an issue with Zapier itself and nothing to do with site settings, seeing as how everything seems to be set up correctly on our end (Gravity Forms up to date, correct URL and API key, enabled permissions etc.) on this Form/Website as well as other various websites, which all seem to be working and linking fine otherwise. 

Could I get you to take a look into this? 

Thanks in advance,
Trung Tran

Hi @Divcom Digital 

Help links for using Gravity Forms in Zaps: https://zapier.com/apps/gravity-forms/help

Try this workaround:

 


Hey Troy,

We’ve searched through that link already with no luck.

Thanks,
Trung


@Divcom Digital 

Did you try the suggested workaround?

Try this workaround:

 


Hi @Divcom Digital, welcome to the Community! 🎉

Do you by any chance use Cloudflare?

Asking as I’ve seen cases of that same error occurring when Cloudflare’s "Bot Fight Mode" feature is enabled. When connecting your Gravity Forms account to Zapier this needs to be disabled. For context, this is what the Gravity Forms team had shared with our Support team in the past regarding Cloudflare:

“Depending on the type of paid plan you have with CloudFlare (and whether it's server hosted or not), you probably have CloudFlare Bot Fight mode enabled. Bot Fight Mode is incredibly aggressive when it comes to its blocking of API activity.

This is what we know about Bot Fight Mode: Cloudflare bot products — FAQs – Cloudflare Help Center It states that You can’t bypass or skip Bot Fight Mode/Super Bot Fight Mode using Firewall Rules, Page Rules or IP Access Rules.

If you're using a free CloudFlare account, the documentation above indicates the only workaround is to turn off the Bot Fight Mode. You can find this setting in the Security > Bots menu of your account.”


Once reconnected, you can then turn "Bot Fight Mode" feature back on.


Looking forward to hearing from you on this!


Hey Sam,

Thank you so much for your help! 
That seems to have worked, however it disconnects again as soon as I turn Bot Fight Mode back on.
Is there any way around this? Is there high risk in keeping Bot Fight Mode off?

Looking forward to hearing back from you. 

Thanks, 
Trung


Glad to hear disabling that feature did the trick, @Divcom Digital! Sorry that it’s then disconnecting after turning it back on. We’d had reports previously that the connecting persisted once it was enabled again, but it seems like things have changed and that’s no longer the case. 

I’m not super familiar with Cloudflare’s “Bot Fight Mode” feature so I can’t speak to what level of risk there would be in keeping it disabled. Instead of disabling it, maybe you could add Firewall Rules that allow traffic from Zapier? 🤔

You can find our current IP addresses by visiting our documentation here: Can't access or use Zapier with other apps. Once you have the IP addresses, you can potentially create a Firewall Rule in CloudFlare that allows traffic from those IP addresses. Though it may be quicker to allow the User-Agent: Zapier header instead as there’s quite a lot of possible IP addresses! 

I found this thread on the Cloudflare community that explains how to prevent Cloudflare from blocking Zapier which you might find useful: Issues with Zapier Integration Depending on Cloudflare Status 

Hope that helps. If you run into any further issues or have any further questions in the meantime do let me know! 


Reply