When first connecting or performing a connection test Zapier pings the /ghost/api/v2/admin/site/ endpoint which does not have authentication enabled and so isn't returning an error when an invalid API key is used.
This should eventually be fixed in Ghost but we can't control the versions of Ghost that Zapier is used with which means we need a fix here too.
During authentication, once the /ghost/api/v2/admin/site/ is found and version checked we need to make a request to an authenticated endpoint so that we can error appropriately when the API key is invalid.
When first connecting or performing a connection test Zapier pings the
/ghost/api/v2/admin/site/endpoint which does not have authentication enabled and so isn't returning an error when an invalid API key is used.This should eventually be fixed in Ghost but we can't control the versions of Ghost that Zapier is used with which means we need a fix here too.
During authentication, once the
/ghost/api/v2/admin/site/is found and version checked we need to make a request to an authenticated endpoint so that we can error appropriately when the API key is invalid.