GPT Actions don't appear to honour query string schema requests

When setting up a GPT Action using an OpenAPI schema that creates a request with URI query strings, it looks like that action tries to pass the values in the body as JSON instead, which causes the request to fail.

Expected behaviour
The GPT action honours the schema and sends the request as specified with the URI query strings intact.

The OpenWeather API uses a simple query string to send requests:

I have a basic OpenAPI schema for this API which works as expected when running in other applications including Postman.

When this OpenAPI schema is entered into a GPT Action and the working auth is set to API Key > Basic, the action succeeds in contacting the API but the request fails with the explanation “It seems there is an issue with accessing the weather data for Seattle due to an invalid API key.”

In the dropdown next to the request it says:

Weather machine sent this info to api . openweathermap . org

{ "lat": 59.9139, "lon": 10.7522, "appid": "YOUR_API_KEY" }

To me this reads as the action passing the values in the request body as JSON which is not what the schema specifies. The API can’t receive data from the body so if that’s what’s happening, the failure makes sense.

With no debugging tools or transparency in what’s happening during the request it’s difficult to debug this issue further. The key point here is this OpenAPI schema works when running in other applications, so there’s something about how the action is executed that’s causing this problem.

If you think the values were passed in the body rather than as query params because that’s what the GPT reported to you, I don’t think you can rely on that report.

For example, I found that the GPT would say “Talked to” and then show JSON like {“x”: “123”} as if the x var were sent as JSON in the HTTP body. Yet, when I log what my REST endpoint actually saw I can see the request was in fact sent as “”. So, I suggest verifying exactly what your REST endpoint is receiving and not relying on this self reporting.

If you still find that the vars are not being sent as query params, it would probably help to post your actual schema.

it appears you can sort of get the system to log what it’s doing. here’s what it said about the request:

frustratingly the forum system won’t let me post links (yet) or I would share the schema

I really would not trust the self reporting. Logging the request details from the REST endpoint itself is probably the most straightforward way to troubleshoot this.

Regarding the schema, why not paste it inline?

1 Like

After further investigation Actions do not appear to support query-based API keys.

I was able to intercept the actual request sent by the action. It looks like this:


The actual API key is passed in the Authorization header as a Basic token even though the schema explicitly states the key to be passed in a query:

"securitySchemes": {
  "apiKeyAuth": {
    "type": "apiKey",
    "in": "query",
    "name": "appid"

This is a feature limitation which manifests as a bug since many APIs use query-based API keys.

You were right about the self-reporting and logging (see new comment.) As for pasting the schema inline, it has links in it (of course) so therefore I can’t. I’m guessing the “you can’t post links” thing is a new forum member limitation that will go away after a while.

Oh, haha, I totally parsed your original comment wrong. Yeah, frustrating.