Outbound push config

hello @twier ,thanks for this , going to try out and share feedback

@twier @jkuester @diana am running into an issue when an outbound is triggered upon patient enrollment

2025-01-27T19:48:19.514 INFO: Task replications started 
2025-01-27T19:48:19.515 INFO: Task outbound started 
2025-01-27T19:48:19.515 INFO: Task purging started 
2025-01-27T19:48:19.515 INFO: Task transitionsDisabledReminder started 
2025-01-27T19:48:19.515 INFO: Task backgroundCleanup started 
2025-01-27T19:48:19.515 INFO: Task reminders completed 
2025-01-27T19:48:19.515 INFO: Task replications completed 
2025-01-27T19:48:19.515 INFO: Task purging completed 
2025-01-27T19:48:19.515 INFO: Task transitionsDisabledReminder completed 
2025-01-27T19:48:19.524 INFO: Task dueTasks completed 
2025-01-27T19:48:19.530 INFO: Background cleanup batch: 626 -> 626 (0) 
2025-01-27T19:48:19.538 INFO: Task backgroundCleanup completed 
2025-01-27T19:48:19.546 DEBUG: About to send outbound request 
2025-01-27T19:48:19.546 DEBUG: {
  "url": "https://textit.com/api/v2/flow_starts.json",
  "body": {
    "flow": "50537d6-6662-4c0e-9ea3-138298eba8ef",
    "urns": [
      "tel:+18766662153"
    ]
  },
  "json": true,
  "timeout": 10000,
  "headers": {
    "Authorization": "Token M3W4UXMWT3JVPG7BSYNBGCVY3YQ5AXQU7EGNGN"
  }
} 
2025-01-27T19:48:19.705 ERROR: Failed to push eda328ef-045a-8ba2-b72e-99e849928013 to patient triggers enroll workflow in Textit, server responsed with 403 
2025-01-27T19:48:19.705 ERROR: Response body: "<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n</body>\r\n</html>\r\n" 
2025-01-27T19:48:19.705 WARN: Unable to push eda528ef-a-4ba2-b72e-99e849928013 for patient triggers enroll workflow in Textit: StatusCodeError: 403 - "<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n</body>\r\n</html>\r\n"
    at new StatusCodeError (/service/sentinel/node_modules/request-promise-core/lib/errors.js:32:15)
    at plumbing.callback (/service/sentinel/node_modules/request-promise-core/lib/plumbing.js:104:33)
    at Request.RP$callback [as _callback] (/service/sentinel/node_modules/request-promise-core/lib/plumbing.js:46:31)
    at self.callback (/service/sentinel/node_modules/request/request.js:185:22)
    at Request.emit (node:events:518:28)
    at Request.<anonymous> (/service/sentinel/node_modules/request/request.js:1154:10)
    at Request.emit (node:events:518:28)
    at IncomingMessage.<anonymous> (/service/sentinel/node_modules/request/request.js:1076:12)
    at Object.onceWrapper (node:events:632:28)
    at IncomingMessage.emit (node:events:530:35) {
  name: 'StatusCodeError',
  statusCode: 403,
  message: '403 - "<html>\\r\\n<head><title>403 Forbidden</title></head>\\r\\n<body>\\r\\n<center><h1>403 Forbidden</h1></center>\\r\\n</body>\\r\\n</html>\\r\\n"',
  error: '<html>\r\n' +
    '<head><title>403 Forbidden</title></head>\r\n' +
    '<body>\r\n' +
    '<center><h1>403 Forbidden</h1></center>\r\n' +
    '</body>\r\n' +
    '</html>\r\n',
  [stack]: [Getter/Setter]
} 
2025-01-27T19:48:19.711 INFO: Task outbound completed

Hello @cliff this looks like the remote server (textit.com) is refusing the request with error code 403 Unauthorized. I would check that the token is correct; also from the textit docs, it looks like it might want the Authorization header to be Bearer <TOKEN> instead of Token <TOKEN>.

thanks muck @twier for the help

hello @twier ,

I have tested this again and still getting a similar error

2025-02-17T12:15:26.545 DEBUG: calling transition.onMatch for doc 91013ad1-d73c-4963-896a-1016f204df61 and transition mark_for_outbound seq 636-g1AAAAOReJyd0kFOAyEUBmBiTdy4ceEZjJoYGIZS3KgLV6605QA8mMlkUnXl2lN4BW25hKfoJXoGW3yPWXTTmGBY_AmEL48_zBljx90osBP_-ua7ALei0lccl5jj0YFjcGrtrO9G7uwZN45aw7Vx1b4LfzCEWLiIcUkSz1IIWgYQpRIiEW5S2pJ0mSXupZn4plRCJAHONd29rnIuCKVLJURm0Me4IOl8kGqplAylEiJLeE9pQ1KdJakleK5KJUS2L4fsydoPssbZMl5OdFXaFDJTZDC-sHzS7ofetRC1qMu1BTIYPyl9k3Y3zBZ4Y1xbrm2QwXi0dkXaddZU8M6MebmGha0wPmNck6ay1kArq_CP2bCwNQb-tETaQ9YmtQng5L57_S8N1_k9 
2025-02-17T12:15:26.552 DEBUG: About to send outbound request 
2025-02-17T12:15:26.552 DEBUG: {
  "url": "https://textit.com/api/v2/flow_starts.json",
  "body": {
    "flow": "650567d6-6962-4c0e-9ea3-38798eba8ef",
    "urns": [
      "tel:+18763582174"
    ]
  },
  "json": true,
  "timeout": 10000,
  "headers": {
    "Authorization": "Bearer M3W4UXMWT3JVPG7BSYNBGCVY3YQ5AXQU7EGNGN"
  }
} 
2025-02-17T12:15:26.603 ERROR: Failed to push 81013ad1-d73c-4963-896a-1016f204df61 to patient triggers enroll workflow in Textit, server responsed with 403 
2025-02-17T12:15:26.603 ERROR: Response body: "<html>\r\n<head><title>403 Forbidden</title></head>\r\n<body>\r\n<center><h1>403 Forbidden</h1></center>\r\n</body>\r\n</html>\r\n" 
2025-02-17T12:15:26.606 INFO: task:outbound:91013ad1-d73c-4963-896a-1016f204df61 already exists, ignoring 
2025-02-17T12:15:26.606 DEBUG: finished transition mark_for_outbound doc 91013ad1-d73c-4963-896a-1016f204df61 is unchanged seq 636-g1AAAAOReJyd0kFOAyEUBmBiTdy4ceEZjJoYGIZS3KgLV6605QA8mMlkUnXl2lN4BW25hKfoJXoGW3yPWXTTmGBY_AmEL48_zBljx90osBP_-ua7ALei0lccl5jj0YFjcGrtrO9G7uwZN45aw7Vx1b4LfzCEWLiIcUkSz1IIWgYQpRIiEW5S2pJ0mSXupZn4plRCJAHONd29rnIuCKVLJURm0Me4IOl8kGqplAylEiJLeE9pQ1KdJakleK5KJUS2L4fsydoPssbZMl5OdFXaFDJTZDC-sHzS7ofetRC1qMu1BTIYPyl9k3Y3zBZ4Y1xbrm2QwXi0dkXaddZU8M6MebmGha0wPmNck6ay1kArq_CP2bCwNQb-tETaQ9YmtQng5L57_S8N1_k9 
2025-02-17T12:15:26.606 DEBUG: transition results: [null,null,null,null,null,null,null,false] 
2025-02-17T12:15:26.606 DEBUG: nothing changed skipping saveDoc for doc 91013ad1-d73c-4963-896a-1016f204df61 seq 636-g1AAAAOReJyd0kFOAyEUBmBiTdy4ceEZjJoYGIZS3KgLV6605QA8mMlkUnXl2lN4BW25hKfoJXoGW3yPWXTTmGBY_AmEL48_zBljx90osBP_-ua7ALei0lccl5jj0YFjcGrtrO9G7uwZN45aw7Vx1b4LfzCEWLiIcUkSz1IIWgYQpRIiEW5S2pJ0mSXupZn4plRCJAHONd29rnIuCKVLJURm0Me4IOl8kGqplAylEiJLeE9pQ1KdJakleK5KJUS2L4fsydoPssbZMl5OdFXaFDJTZDC-sHzS7ofetRC1qMu1BTIYPyl9k3Y3zBZ4Y1xbrm2QwXi0dkXaddZU8M6MebmGha0wPmNck6ay1kArq_CP2bCwNQb-tETaQ9YmtQng5L57_S8N1_k9 
2025-02-17T12:15:26.615 DEBUG: transitions: queue drained

cc @diana

This is the outbound config

 "patient triggers enroll workflow in Textit": {
      "relevant_to": "doc.type === 'person' && doc.docket",
      "destination": {
        "base_url": "https://textit.com",
        "auth": {
          "type": "header",
          "name": "Authorization",
          "value_key": "rapidpro.app"
        },
        "path": "/api/v2/flow_starts.json"
      },
      "mapping": {
        "flow": {
          "expr": "'flow uuid'"
        },
        "urns": {
          "expr": "['tel:' + doc.phone]"
        }
      }
    },

could there have been a change in regards to what Textit is expecting now with recent CHT versions ?

Since the 403 is coming from Textit, it will be difficult to debug it from the outbound push config alone.

Have you tried to get a request to Textit working with another HTTP client like Postman or curl? If so, can you post the request body and headers that were working? If not, I would recommend starting there; try to get it working with curl or Postman first, and then we can compare that to the outbound push config to see what the difference could be.

thanks @twier i have tried with Postman and it works …

Screenshot 2025-02-17 at 6.13.51 PM2328×1696 329 KB

hello @twier @diana i have been having the chart with the textit team and they say the reason for this is because of the User-Agent missing under headers in the config, Its was a change enforced for security reasons on their firewall.

Don’t we need to make a change in the outbound config code to cater for this ?

i have tried to do manually in the config ie

"patient triggers enroll workflow in Textit": {
      "relevant_to": "doc.type === 'person' && doc.docket",
      "destination": {
        "base_url": "https://textit.com",
        "auth": {
          "type": "header",
          "name": "Authorization",
          "value_key": "rapidpro.app"
        },
        "headers": {
          "User-Agent": "CHT-Integration/1.0 libwww/2.17b3"
        },
        "path": "/api/v2/flow_starts.json"
      },
      "mapping": {
        "flow": {
          "expr": "'750567d6-6462-4c0e-9fa3-138798eba8ef'"
        },
        "urns": {
          "expr": "['tel:' + doc.phone]"
        }
      }
    },

hello @diana @twier , any thoughts ?

@cliff I think you are right, we need to make a change in outbound push for this; I don’t think its currently possible to change the headers, including User-Agent, with outbound push configuration.

I’ve added an issue for this feature. Allow configuring headers in outbound push · Issue #9799 · medic/cht-core · GitHub

In the meantime, I can’t think of a very simple workaround.

There is the cht-interoperability project using OpenHIM, which would allow you to deploy custom code with mediators, but adds a lot of infrastructure complexity that may be unnecessary for this simple integration.

Another option is OpenFn; you could set up a webhook with outbound push to an OpenFn workflow, and then use the HTTP adapter to modify the request to textit in any way that is necessary, including adding the User-Agent header. This does involve adding OpenFn as a third party service in the middle.

So I would recommend waiting for the next CHT release with this feature, or if it’s not possible to wait, looking into OpenFn.

thanks much @twier for the help

hello @diana @twier @jkuester , is it possible to do a branch release with a fix for this that we can use in the meantime and if all goes on well then we could have it in the next release.

Currently its holding us back on doing the integration now

the 9799-add-user-agent-to-outbound branch was deleted automatically because it was merged to the main branch in preparation for release.
I’ve restored it temporarily.
the 4.18 release which includes this feature should be available soon.

thanks @twier , once 4.18 is out we shall upgrade

CHT 4.18.0 is now available with this feature!

thanks @jkuester we are going to upgrade