I’m building a Zapier workflow that should automatically transcribe call recordings using OpenAI’s API. The process starts with a webhook that contains recording URLs from my VoIP system.
The Problem:
When Zapier tries to access the audio file URL for transcription, it hits a Cloudflare security challenge that shows:
“Just a moment…Enable JavaScript and cookies to continue”
This prevents OpenAI from actually reaching the audio file. The recording URLs go through a browser security check before serving the actual audio content.
What I’ve Tried:
- Contacted Zapier support who confirmed it’s a security barrier issue
- Asked my phone provider about disabling the security check (not possible)
Possible Solutions I’m Considering:
- Adding a delay step to wait for security validation
- Downloading the file first, then re-uploading it in a separate Zapier action
- Using a different approach to bypass the challenge
Has anyone dealt with similar Cloudflare protection blocking API access to media files? What workarounds have worked for you when automating transcription of protected audio URLs?
had the same issue with a different VoIP provider last month. I ended up running a simple python script on a cheap VPS to grab the files first, then push them to Zapier via webhook. Cloudflare doesn’t block residential IPs as much as it blocks Zapier’s servers.
Had this exact problem with a client’s call center about six months ago. Here’s what worked: set up AWS Lambda as middleware to grab the audio files and dump them in S3 temporarily, then have Zapier pull from the S3 URL instead. Cloudflare handles AWS requests way better than Zapier’s stuff. Lambda deals with the security challenge since it keeps session state, then feeds clean files to your transcription setup. Costs almost nothing since you only pay when it runs, plus files auto-delete after processing. Took maybe two hours to build but hasn’t failed once since.
Hit this exact issue with our phone system integration earlier this year. Google Cloud Functions saved my ass. Skip the Cloudflare workarounds - they don’t work. Set up a function that grabs the audio file with proper headers and spoofs the user agent, dumps it in Cloud Storage temporarily, then gives Zapier a clean download URL. Here’s the thing: Cloudflare treats requests from Google/AWS way differently than Zapier. My function pretends to be a browser, passes their security checks, then serves up a URL that OpenAI can actually use. Costs basically nothing and handles hundreds of recordings without breaking.