Gravity Forms is the gold standard for WordPress forms. But it was built for one scenario: visitor loads a page, fills in a form, clicks Submit.
The moment your project gets more interesting, that model breaks:
- Your front-end is a React app hosted on a different domain
- A mobile app needs to push sign-up data into WordPress
- A product configurator generates a custom PDF and needs to carry the buyer’s details forward into a quote request form
- Two WordPress sites need to share a single form back-end
- A third-party service needs to trigger a Gravity Forms entry as part of an automated workflow
You’re left wrestling with Gravity Forms’ built-in REST API — OAuth key pairs, complex authentication, incomplete add-on support — or hacking together workarounds that bypass GF entirely and lose all your notifications and integrations. It goes beyond the baseline functionality of the Gravity Forms API to expose ways to retrieve form entries, display some of that data in the front end and even feed the some of the data into related forms.
There’s a better way.
The Solution
Everything Gravity Forms. Anywhere.
GF REST Submissions adds a clean, authenticated REST API to your Gravity Forms installation and a set of powerful shortcodes that turn any WordPress page into a dynamic, data-driven confirmation experience.
One API call. One hash ID. Unlimited possibilities.
Submit an entry from any HTTP client, receive a short public hash ID in response, and use it to build personalised confirmation pages, pre-populated follow-up forms, and PDF download links — all driven by the original submission data.
Feature Highlights
Secure API Key Authentication
Generate and manage keys directly inside Gravity Forms Settings. Scope each key to specific forms. Revoke instantly if compromised. No OAuth complexity — just a header.
Three Powerful Shortcodes
- [gfrs_output] — Display any entry field on a page using human-readable label tokens like {First Name} and {Email Address}
- [gfrs_form] — Render a pre-populated Gravity Form using entry data from the URL
- [gfrs_debug] — Admin-only token inspector that shows every available field and its value — no more guessing token names
Public Hash IDs
Every submission gets a short, opaque, URL-safe hash ID (e.g. Mj3kXq7P). Safe to put in URLs and emails. Mathematically reversible back to the entry — no extra database column needed.
Full GF Integration — Nothing Breaks
Fires gform_after_submission so every add-on integration you already have — Zapier, Mailchimp, ActiveCampaign, Webhooks, HubSpot — works exactly as it would from a native front-end submission. Admin emails, user confirmations, conditional notifications — all fire automatically.
Works Across Domains and Devices
Submit from React, Vue, Next.js, mobile apps, Zapier, Make, n8n, or any tool that can make an HTTP request. CORS-friendly. Proxy-aware IP logging.
Opt-In Security Model
Forms are disabled by default. You enable REST access form-by-form. Each API key can be scoped to specific form IDs. One compromised key can only reach what you gave it access to.
Hash ID Column in Entries List
Add the Hash ID as a column in Gravity Forms’ entries table. Click to select, copy, and use — no digging through entry IDs.
Form Discovery Endpoint
GET /forms returns your available forms with complete field definitions — field IDs, labels, types, required status — so you can build your submission client without touching the WordPress admin.
How It Works
- Submit → POST to the REST endpoint with your API key
Returns entry_id + hash_id
- Redirect → /thank-you/?hash_id=Mj3kXq7P
- Display → [gfrs_output]
<h2>Thanks, {First Name}!</h2>
<a href=”{PDF Link}”>Download Your Report</a>
[/gfrs_output]
- Convert →
[gfrs_form id="46" field_values="first_name={First Name}&email={Email Address}"]
That’s the entire flow. Four steps. Zero custom PHP required.
Use Cases
Product Configurators
A visitor builds a custom product, submits their configuration, and lands on a personalised thank-you page showing their spec sheet, a download link to their custom PDF, and a quote request form pre-filled with their name, email, and product details. Zero re-entry. Zero friction.
Headless WordPress
Running Next.js, Gatsby, or a custom React front-end? Keep using Gravity Forms as your notification engine and CRM bridge on the back-end. Submit from your front-end via a single fetch() call.
Mobile Apps
iOS or Android app collecting registrations, surveys, or contact requests? Push them straight into Gravity Forms entries — complete with admin notifications, CRM routing, and Zapier triggers.
Multi-Site Funnels
Collect form data across multiple WordPress sites and funnel everything into a central Gravity Forms installation. One dashboard. One set of notifications. One CRM integration.
Confirmation Page Personalization
Replace your generic “Thanks for submitting!” page with a dynamic experience that addresses the visitor by name, shows what they submitted, and offers a contextually relevant next step — all driven by the entry they just created.
Automation Pipelines
Trigger Gravity Forms entries from Make, Zapier, n8n, or any automation platform that can make HTTP requests — no GF add-on required on the sending end.
Testimonial Placeholder
“We needed to submit Gravity Forms entries from a React configurator and carry the data forward into a quote request form. GF REST Submissions had us up and running in under an hour — and the debug shortcode saved us from hours of token-name guesswork.” — Web Developer, Traffic Safety Industry
Pricing
| Plan | Sites | Price |
| Personal | 1 site | $49 CAD/year |
| Developer | Up to 5 sites | $99 CAD/year |
| Agency | Unlimited sites | $179 CAD/year |
All plans include plugin updates and email support for 12 months. A valid Gravity Forms license is required.
Prices in Canadian dollars. Approx. USD $35 / $72 / $129 at current rates.
Compatibility
- WordPress 6.0+
- Gravity Forms 2.5+ (required)
- PHP 8.0+
- Works with WooCommerce, Zapier Add-On, Mailchimp Add-On, HubSpot Add-On, Webhooks Add-On, and all other GF add-ons
- Compatible with Breakdance, Elementor, Divi, and any WordPress page builder
FAQ
Do I need a Gravity Forms licence? Yes. GF REST Submissions is an add-on that extends Gravity Forms — a valid GF licence is required. Get Gravity Forms →
Does it work with Zapier and other GF add-ons? Yes. REST submissions fire gform_after_submission, which is the hook all GF add-ons listen to. Your existing integrations work without any changes.
What’s a hash ID and why not just use the entry ID? The entry ID is a sequential integer — exposing it in a URL reveals your submission volume and lets anyone guess adjacent entry IDs. The hash ID is a short, opaque, URL-safe string that reveals nothing and can’t be guessed. It decodes back to the entry ID server-side without any extra database storage.
Can I pre-populate a different form than the one that was submitted? Yes — that’s one of the main use cases. Submit to form 3 (your configurator), receive a hash ID, and use it to pre-populate form 46 (your quote request form) on the thank-you page.
What if the page is cached? Exclude URLs containing hash_id from your caching plugin. In WP Fastest Cache, add a rule to exclude query strings containing hash_id. Each hash-based URL is unique to its visitor, so caching them doesn’t make sense anyway.
Is there a free version? The plugin is available as a paid annual license. We are offering a short term 100% discount for early adopters. Check out Facebook for details.