Can anyone clarify the correct authentication mechanism for SIP trunk registration when utilizing a BYOC Edge deployment in the EU-West region? The environment is running Genesys Cloud version 2023-10-12 with BYOC Edge version 2023.10.0. The SIP trunk configuration appears valid within the Genesys Cloud admin portal, yet the edge logs consistently report a 403 Forbidden error during the initial registration handshake with the carrier’s SIP proxy.
The specific error observed in the edge logs is: SIP Registration Failed: 403 Forbidden - Unauthorized Request. Auth header mismatch or invalid realm. This occurs despite the username and password matching the credentials provided by the carrier and configured in the Genesys Cloud SIP trunk settings. The carrier has confirmed that the IP address of the BYOC Edge is whitelisted and that the SIP INVITE requests are reaching their proxy.
The integration relies on a Data Action webhook to update ServiceNow with trunk status changes. Currently, the webhook triggers on routing.sip.trunk.status-change but fails to capture the detailed error payload because the registration never succeeds. The ServiceNow ticket creation script expects a JSON payload containing the error_code and diagnostic_info fields, which are absent when the trunk state remains offline.
Has anyone encountered similar 403 errors with BYOC Edge deployments? The documentation suggests that the edge should handle the Digest authentication automatically, but the logs indicate a realm mismatch. The carrier’s realm is sip.carrier-example.com, while the Genesys Cloud admin portal shows the realm as genesyscloud.com. Is there a configuration override required in the BYOC Edge settings to specify the external realm for SIP registration?
Any insights into resolving this authentication mismatch would be appreciated. The goal is to ensure reliable SIP trunk registration and accurate status reporting to ServiceNow via Data Actions.