We just encountered an issue when creating external stream activity from our add-on. Our dev servers (Jive and Add-on) are on a private network and have been configured to communicate through private network ip's (10.0.0.x).
The first issue we encountered was the jive.apps.proxy.whitelist.cidrs issue as answered by Kevin Brown here Re: Tile Action error - Host is not permitted by whitelist
The next issue we found only occurred when adding external stream activity. The activity had the object.image url set to an icon within the add-on. When Jive was processing the external activity creation, it attempts to read the image to add as an attachment. This was responding to the create web service call with a 400, with a message included that noted:
There was an error fetching file http://my.add.on/images/icon128.png. HTTP error code: 403'
It seemed odd to get a 400 or 403, as I never saw a request coming in for that image url to the add-on server.
I dug through the Jive code and found that this error was coming from AbstractProvider.fetchFile(url) when it determined that the url host was not whitelisted. Turns out there is another whitelist that this code uses. This one uses the APIWhitelistHelper, which is configured by the jive.api.whitelist.cidrs system property. Totally intuitive right?
Anyway, just wanted to point that out to anyone else running into a similar issue.
We actually ran into this one too about 3 months ago but for our enhancement at the time the image was declared "optional" and we just moved on so we had no clue why the failure. Glad to have a solution for the next time.