Zapier 4.0 Consumer Key & Secret Not Working

Now that we’ve been forced to use API v2 for our authentication to Zapier, I have gone through the steps to set it up. I created the API v2 key using an administrator account and granted ‘read/write’ access. However, when I tried to authenticate the connection in Zapier I continually receive the error “authentication failed: Invalid Consumer Key and/or Consumer Secret”. I’ve copied the Consumer Key & Secret directly from Gravity Forms, but it still won’t connect when I try to authenticate it in Zapier.

Here is the error in Zapier…

I turned on Logging in Gravity Forms as well. Here is the message I get in the Gravity Forms API log…

2021-03-09 13:46:55.844715 - DEBUG → GF_REST_Authentication::authenticate(): Running.
2021-03-09 13:46:55.844851 - DEBUG → GF_REST_Authentication::perform_basic_authentication(): Running.
2021-03-09 13:46:55.844885 - ERROR → GF_REST_Authentication::perform_basic_authentication(): Aborting; credentials not found.
2021-03-09 13:46:55.844911 - DEBUG → GF_REST_Authentication::perform_application_password_authentication(): Running.
2021-03-09 13:46:55.844938 - ERROR → GF_REST_Authentication::perform_application_password_authentication(): Aborting; user not found.
2021-03-09 13:46:55.844959 - DEBUG → GF_REST_Authentication::perform_oauth_authentication(): Running.
2021-03-09 13:46:55.844997 - ERROR → GF_REST_Authentication::perform_oauth_authentication(): Aborting; OAuth parameters not found.
2021-03-09 13:46:55.845951 - DEBUG → GF_REST_Controller::current_user_can_any(): method: GET; route: /gf/v2/zapier-requirements; capability: “gravityforms_edit_forms”; result: false.

I’ve searched everywhere to see if someone has had the same issue but haven’t found any viable solutions. I have gone through a number of troubleshooting steps, but nothing has works. > (i.e. revoking key, creating new key, enabling basic authentication on our website, turning off firewall, disabling plugins, etc.)

Hoping someone in the community/support might have some ideas on what could be happening?

Thanks in advance!

UPDATE: This has been resolved!

For anyone interested in the solution, the error was happening because of the way our htaccess file was setup. We have multisite running and just needed to start with a fresh htaccess setup for it. A simple replacement of the code…

#BEGIN WordPress

{replace contents with fresh code from WordPress}

#END WordPress

We used the SubDomain Example on WordPress.

Again, this solution worked for us, but may not work for everyone.

1 Like

Thank you for sharing that here.

I am encountering the exact same problem authenticating via API v2 through Zapier. I followed all of the same basic troublshotting, including deactivating plugins, refreshing my htacess (Multisite Network Administration | but am still receiving the same errors in GF debug log. Because I am on a very old multisite installation, I have to use the older format of multisite htaccess or else all of my subsites (subfolder setup) go down. Thankfully all of the legacy Zapier feeds still work, but I am unable to create any new connections. I will have to utilize Webhooks to connect to Zapier until there some sort of update or workaround.

what WP version are you running?

I am in the same exact boat you are right now.

I’m running the latest version of everything - WP 5.7, Gravity 2.4.23, gf zapier 4.0

I am in the same boat. Using the latest versions of everything.

For anyone having an issue with this, I recommend opening a support ticket with Gravity Forms so that support can help you with the troubleshooting:

Identical issue. Refreshed .htaccess, and even spoke with Zapier support, who told me:

“I took a look in our log records here and see there is an error ‘Invalid Consumer Key and/or Consumer Secret’. We do have a report with the Gravity Forms team that manages this app integration about this error message and I have added you to this bug report.”

I opened a priority support ticket w/ GF and will reply to this if they have a solution. Fingers crossed.

Hey people,

If you’re here because you get the aforementioned error, make sure you have the following setting checked: GForms > Settings > REST API > Enabled

We found that if you don’t tick that, you’ll get the exact error mentioned above.

I was having this same issue on two different website, and found the problem was with the Bulletproof Security plugin’s edits to .htaccess

Removing the code added by the plugin fixed the issues.

1 Like

Thank you for that update @n8web.

I was also having a similar type of issue which was ‘authentication failed: Invalid Base URL’ with some help from @jimtrue this was down to I was on Cloudflare and not having the correct page rules which are

If you’re using CloudFlare,
You’re probably going to need to open up the REST API endpoints through Cloudflare using this process:

Basically from that Documentation:

I also found out that you have to turn off Bot fight Mode which is under the Firewall app > Bots tab.

That’s good information @webmgt - thank you for sharing.

Ok I’ve been pulling my hair out for about an hour on this. Here’s what solved the issue for me. It was the update (save) button at the bottom of the screen on the Rest API page. I was able to create my keys but I never clicked “update.”

I feel that this could have been designed better. After you get your keys and close the popup box. You definitely feel like your keys have been created and saved. It feels that way. It never occurred to me to click the update button that was in fact below the fold and not visible to me. They should put a save button right near the key and also a popup if you try to leave the page without saving it. Or some tool tip that says you must save this key in order for it to work. Ok that’s my 2 cents.


Thank you for the feedback. I’ll pass that along to the product team Jordan.

Hey, same issue here. Tried with multiple website setups and can’t make it work. Any ETA with a fix? Thanks!

Hello @enhance_support - I recommend opening a support ticket for your issue.

We’ve been successful in helping everyone get their Zapier Add-On connected on their site. Thank you.


I’m experiencing the same thing just now. It’s really annoying, i tried the solutions suggested above but no success. Have anyone found any other solutions yet?

Thanks in Advance!

Hi Hasan. Every one of these Zapier REST API issues is unique, and for that reason I recommend opening a support ticket here:

Thank you.