External fetch permissions

Context to my project is that I am triggering a function based on confluence page events. I am using an async function called pageTrigger to determine if they are created or updated events:

    - key: main
      handler: index.run
    - key: pageTriggerFunction
      handler: pageTrigger.pageTrigger
    - key: pageTriggerEvent
      function: pageTriggerFunction
        - avi:confluence:created:page
        - avi:confluence:updated:page
export async function pageTrigger(event, context)

I am then trying to post data to an external API using the Fetch API. Like so:

console.log('TriggerCreatedWebhook at bcp url ', fullURL)

    const result = await fetch(fullURL, {
        method: 'post',
        headers: {
            'Content-Type': 'application/json',
            'x-api-secret-key': apiKey,
        body: JSON.stringify(payload)
    const status = result.status;
    console.log('TriggerCreatedWebhook STATUS ', status)

I have added the permissions in the manifest file like below.
Using these permissions work as expected with forge tunnel:

        - "*"

Deploying and authorizing the forge app in development or staging mode after deployment the pageTrigger function is triggered (seen in forge logs in staging, dev and tunnel), but no POST request to the external API is triggered (not seen in proxy logs or API logs).

Even when I add a domain like:

        - "*"
        - "*.selfhosted.io"

This time authorizing the app mentions 1 external domain. But again, tunnelling works and the development and staging deployments the Fetch don’t reach the API.
Are there any other permissions I am required to add to the manifest file for the requests to reach an external destination?
Thanks for any help