Pjsip Unable to find authenticate header in challenge

I ran in to the issue when using twilio that outbound calls fails when using AMI’'s Originate Action to originate an outbound call, it fails with the following error res_pjsip_outbound_authenticator_digest.c:128 digest_create_request_with_auth: Endpoint: 'twilio': Unable to find authenticate header in challenge.

<— Received SIP response (546 bytes) from UDP: —>
SIP/2.0 401 Unauthorized
CSeq: 12478 INVITE
Call-ID: 7973be2e-8826-45cc-a548-934841490351
From: “Ambiorix” sip:905321112211@;tag=fc1e33ae-e070-4eb4-9d59-4ef4d0edacee
To: sip:+13059308746@asteriskpjsip.pstn.us1.twilio.com;tag=33881442_6772d868_485ab891-5f0f-4f65-a1e2-8d6459ff3e97
Via: SIP/2.0/UDP;received=;rport=5066;branch=z9hG4bKPjcfd97efe-4510-4beb-b1ed-944ff65d22e7
Server: Twilio
Contact: sip:
X-Twilio-CallSid: CA2f01696108ea3f2f60bd46a05859ea61
Content-Length: 0

Error is very explanatory, and I realized I was needing an auth section for this endpoint , due that twilio was challenging authentication for this INVITE


It fixed, but I’m no satisfied with a simple fix and I want to understand in deep. So my question is the following why it just happen only using using AMI Originate action and also can you please guys provide a more detailed explenation about the realm option in the SIP authentication procress

Your log is showing a protocol violation by Twilio! The SIP RFC includes RFC 2617 by reference, which says that 401 responses MUST include WWW-Authenticate.

Realm is also defined in that RFC.

Maybe Twilio are trying to do something like alwaysauthreject does, but giving the game away by only giving a well formed response for known clients.

`Thanks for the information, I think that is the reason why Asterisk only reply with an ACK , and dont try to authenticate to the malformed 401

You gave me good hint with the WWW-Authenticate. information I found more info in the following link