Could someone explain why we are receiving a 403 Forbidden error when invoking a custom API action from an Architect flow deployed to a Private Edge environment? We are building a premium AppFoundry integration for a client in the America/Los_Angeles timezone. The integration is designed to handle sensitive data locally within their BYOC network. The flow triggers a custom API action that calls our external partner service. The OAuth token is generated using the multi-org AppFoundry credentials. The token has full permissions for the required scopes. The external service is whitelisted in the Private Edge firewall rules. The network connectivity tests pass successfully. The issue occurs only when the flow is executed within the Architect environment on the Private Edge. When tested in the public cloud, the same flow works without any issues. The error message in the Architect logs is quite generic. It simply states “Access Denied” with HTTP status code 403. We have verified that the API endpoint is correct. The payload matches the expected schema. The headers include the necessary authorization tokens. We suspect there might be a configuration issue with the Private Edge network settings. Or perhaps there is a limitation with how custom API actions handle outbound requests in a BYOC environment. We have checked the AppFoundry documentation. There is no specific mention of this behavior. We need to understand if this is a known limitation or if we are missing a configuration step. The client is on hold until we resolve this issue. Any insights would be greatly appreciated. Here is the relevant configuration for the custom API action:
action_id: custom_api_call_01
method: POST
url: https://api.partner-service.com/v1/process
headers:
Authorization: "Bearer {{oauth_token}}"
Content-Type: application/json
body: |
{
"transaction_id": "{{transaction_id}}",
"customer_data": {{customer_json}}
}
timeout_ms: 5000
retry_count: 0
The Private Edge version is 2024-1.1. The Genesys Cloud version is 24.1. We are using the standard SDK for authentication. The AppFoundry app is certified and published. We have also tried disabling the firewall temporarily. The error persists. This suggests the issue is not network-related. It might be related to how the Private Edge handles external API calls. We are open to any suggestions or workarounds. Thank you for your help.