Cloudflare caching REST API endpoints when it shouldn't. Preventing authorization

I’ve been trying to connect Gravity Forms to Zapier via the plugins REST API. When I submit the keys, it says authentication failed. Gravity Forms devs say that it’s due to cloudflare not allowing the endpoints to pass through. I bypassed caching for the endpoint URLs and even went into Development Mode, but they reported that it’s still going through Cloudflare for some reason. Can’t figure out what’s going on here. Any help is appreciated.

This is from the PAW client showing it’s still passing through CF:

HTTP/1.1 401 Unauthorized
Date: Tue, 18 May 2021 18:24:44 GMT
Content-Type: application/json; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
X-Robots-Tag: noindex
Link:; rel=“
X-Content-Type-Options: nosniff
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Vary: Origin
Content-Security-Policy: upgrade-insecure-requests
X-Httpd: 1
Host-Header: 6b7412fb82ca5edfd0917e3957f05d89
X-Proxy-Cache: MISS
X-Proxy-Cache-Info: 0 NC:000000 UP:
CF-Cache-Status: DYNAMIC
cf-request-id: 0a22522ee10000ba5ecfaab000000001
Expect-CT: max-age=604800, report-uri=“
Report-To: {“endpoints”:[{“url”:“"}],“group”:“cf-nel”,"max_age”:604800}
NEL: {“report_to”:“cf-nel”,“max_age”:604800}
Server: cloudflare
CF-RAY: 65171fc49a26ba5e-ATL
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

{“code”:“rest_forbidden”,“message”:“Sorry, you are not allowed to do that.”,“data”:{“status”:401}}

1 Like