We use ActiveCampaign (AC) in conjunction with a 3rd party financial services application (Tamarac CRM) built on Dynamics 365. AC supports webhooks for specific scenarios like "contact data update." We have happily been using this capability for well over a year to send a webhook from AC to a custom cloud flow in our Tamarac tenant when a lead in AC has booked a meeting with one of our staff. The cloud flow's trigger is "When an http request is received" with "Who can trigger the flow" set to "Anyone" with Method=POST. It was still working fine 11 days ago. Then, 5 days ago, the last executed AC webhook, instead of succeeding, received a 401 "unauthorized" error from the cloud flow/Power Automate/Dynamics. AC Support says no changes have been made with their webhooks. I'm baffled by the contradiction between the "Anyone" setting and the authorization failure. Is there some other setting in my environment that might have changed to not allowing authentication-less http requests? I would very much appreciate any thoughts on how to diagnose and address this problem.
I have tried to simulate the AC webhook request in Postman and was able to evoke a 401 error from the cloud flow with the response detail:
{
"error": {
"code": "DirectApiAuthorizationRequired",
"message": "The request must be authenticated only by Shared Access scheme."
}
}