Creating Access Tokens

In the last guide, we covered SDK client initialization mechanics and the need for a generated Access Token. This Access Token is the credential your SDK client endpoints must use to identify and authenticate themselves with the Chat Service.

This Token is generated on your server or backend as you authenticate your user and is then utilized by the Chat SDK client to authorize with the Chat Service.

Create an Access Token

On your server, we must decide, based on the token request that was sent to us, who the user is and what they should be allowed to do.

To figure out who the user is (their identity), you might use your existing login system, using session cookies, an API token, or whatever mechanism you use to secure API requests or pages today. Who the user is and how you authorize their use will vary from app to app.

If you determine that the user should indeed be allowed to access your Chat application, you will grant your user access to Chat by generating an Access Token as part of your authentication flow. You will then return the token to the user client for use in the Chat SDK.

When creating an Access Token for Programmable Chat, the following information is needed:

Twilio Account Sid

This is the Account Sid of your Twilio account and must be the account in which you have created your Programmable Chat Service. Manage your Chat Services.

Programmable Chat Service Sid

This is the Chat Service Sid where your Users, Channels, Messages and other chat related data resides. This is the Chat Service you grant the SDK client access to.

Twilio API Key Sid

This is the Sid of an API created for your Twilio Account, which is used to sign the Access Token cryptographically. You can create these API keys here.

Twilio API Secret

This is the secret part of the API Key above, also managed here.

Identity

The identity of your User. For example, user@some.domain.com.

Loading Code Samples...
Language
SDK Version:
  • 4.x
  • 5.x
SDK Version:
  • 6.x
  • 7.x
SDK Version:
  • 2.x
  • 3.x
SDK Version:
  • 4.x
  • 5.x
SDK Version:
  • 5.x
  • 6.x
SDK Version:
  • 4.x
  • 5.x
var AccessToken = require('twilio').AccessToken;
var IpMessagingGrant = AccessToken.IpMessagingGrant;

// Used when generating any kind of tokens
var twilioAccountSid = 'ACxxxxxxxxxx';
var twilioApiKey = 'SKxxxxxxxxxx';
var twilioApiSecret = 'xxxxxxxxxxxx';

// Used specifically for creating IP Messaging tokens
var serviceSid = 'ISxxxxxxxxxxxxx';
var appName = 'HipFlowSlackDockRC';
var identity = 'user@example.com';
var deviceId = 'someiosdeviceid';
var endpointId = appName + ':' + identity + ':' + deviceId;

// Create a "grant" which enables a client to use IPM as a given user,
// on a given device
var ipmGrant = new IpMessagingGrant({
    serviceSid: serviceSid,
    endpointId: endpointId
});

// Create an access token which we will sign and return to the client,
// containing the grant we just created
var token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);
token.addGrant(ipmGrant);
token.identity = identity;

// Serialize the token to a JWT string
console.log(token.toJwt());
const AccessToken = require('twilio').jwt.AccessToken;
const ChatGrant = AccessToken.ChatGrant;

// Used when generating any kind of tokens
const twilioAccountSid = 'ACxxxxxxxxxx';
const twilioApiKey = 'SKxxxxxxxxxx';
const twilioApiSecret = 'xxxxxxxxxxxx';

// Used specifically for creating Chat tokens
const serviceSid = 'ISxxxxxxxxxxxxx';
const appName = 'HipFlowSlackDockRC';
const identity = 'user@example.com';
const deviceId = 'someiosdeviceid';
const endpointId = `${appName}:${identity}:${deviceId}`;

// Create a "grant" which enables a client to use Chat as a given user,
// on a given device
const chatGrant = new ChatGrant({
  serviceSid: serviceSid,
  endpointId: endpointId,
});

// Create an access token which we will sign and return to the client,
// containing the grant we just created
const token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);

token.addGrant(chatGrant);

token.identity = identity;

// Serialize the token to a JWT string
console.log(token.toJwt());
using System;
using Twilio.Auth;

class Example
{
	static void Main(string[] args)
	{
    // These values are necessary for any access token
    var twilioAccountSid = "ACxxxxxxxxxxxx";
    var twilioApiKey = "SKxxxxxxxxxxxx";
    var twilioApiSecret = "xxxxxxxxxxxxxx";

    // These are specific to IP Messaging
    var ipmServiceSid = "ISxxxxxxxxxxxx";
    var identity = "user@example.com";
    var deviceId = "someiosdevice";

    // Create an Access Token generator
    var token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);
    token.Identity = identity;

    // Create an IP messaging grant for this token
    var grant = new IpMessagingGrant();
    grant.EndpointId = $"HipFlowSlackDockRC:{identity}:{deviceId}";
    grant.ServiceSid = ipmServiceSid;
    token.AddGrant(grant);

    Console.WriteLine(token.ToJWT());
  }
}
<?php
require_once('./twilio-php/Services/Twilio.php');

// Required for all Twilio access tokens
$twilioAccountSid = 'ACxxxxxxxxxxxx';
$twilioApiKey = 'SKxxxxxxxxxxxx';
$twilioApiSecret = 'xxxxxxxxxxxxxx';

// Required for IP messaging grant
$ipmServiceSid = 'ISxxxxxxxxxxxx';
$appName = 'HipFlowSlackDockRC';
$identity = 'user@example.com';
$deviceId = 'someiosdevice';
$endpointId = $appName . ':' . $identity . ':' . $deviceId;

// Create access token
$token = new Services_Twilio_AccessToken(
    $twilioAccountSid, 
    $twilioApiKey, 
    $twilioApiSecret, 
    3600, 
    $identity
);

// Create IP Messaging grant
$ipmGrant = new Services_Twilio_Auth_IpMessagingGrant();
$ipmGrant->setServiceSid($ipmServiceSid);
$ipmGrant->setEndpointId($endpointId);

// Add grant to token
$token->addGrant($ipmGrant);

// render token to string
echo $token->toJWT();
require 'twilio-ruby'

# Required for any Twilio Access Token
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# Required for IP Messaging
service_sid = 'ISxxxxxxxxxxxx'
device_id = 'someiosdevice'
identity = 'user@example.com'
endpoint_id = "HipFlowSlackDockRC:#{identity}:#{device_id}"

# Create an Access Token
token = Twilio::Util::AccessToken.new account_sid, api_key, api_secret,
                                      3600, identity

# Create IP Messaging grant for our token
grant = Twilio::Util::AccessToken::IpMessagingGrant.new
grant.service_sid = service_sid
grant.endpoint_id = endpoint_id
token.add_grant grant

# Generate the token
puts token.to_jwt
using System;
using System.Collections.Generic;
using Twilio.Jwt.AccessToken;

class Example
{
    static void Main(string[] args)
    {
        // These values are necessary for any access token
        const string twilioAccountSid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string twilioApiKey = "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string twilioApiSecret = "your_secret";

        // These are specific to Chat
        const string serviceSid = "ISXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string identity = "user@example.com";
        const string deviceId = "someiosdevice";

        // Create an Chat grant for this token

        var grant = new ChatGrant
        {
          ServiceSid = serviceSid,
          EndpointId = $"HipFlowSlackDockRC:{identity}:{deviceId}"
        };

        var grants = new HashSet<IGrant>
        {
            { grant }
        };

        // Create an Access Token generator
        var token = new Token(
            twilioAccountSid,
            twilioApiKey,
            twilioApiSecret,
            identity,
            grants: grants);

        Console.WriteLine(token.ToJwt());
    }
}
<?php
// Get the PHP helper library from https://twilio.com/docs/libraries/php
require_once '/path/to/vendor/autoload.php'; // Loads the library
use Twilio\Jwt\AccessToken;
use Twilio\Jwt\Grants\ChatGrant;

// Required for all Twilio access tokens
$twilioAccountSid = 'ACxxxxxxxxxxxx';
$twilioApiKey = 'SKxxxxxxxxxxxx';
$twilioApiSecret = 'xxxxxxxxxxxxxx';

// Required for Chat grant
$serviceSid = 'ISxxxxxxxxxxxx';
// An identifier for your app - can be anything you'd like
$appName = 'TwilioChatDemo';
// choose a random username for the connecting user
$identity = "john_doe";
// A device ID should be passed as a query string parameter to this script
$deviceId = 'somedevice';
$endpointId = $appName . ':' . $identity . ':' . $deviceId;

// Create access token, which we will serialize and send to the client
$token = new AccessToken(
    $twilioAccountSid,
    $twilioApiKey,
    $twilioApiSecret,
    3600,
    $identity
);

// Create Chat grant
$chatGrant = new ChatGrant();
$chatGrant->setServiceSid($serviceSid);
$chatGrant->setEndpointId($endpointId);

// Add grant to token
$token->addGrant($chatGrant);

// render token to string
echo $token->toJWT();
from twilio.access_token import AccessToken, IpMessagingGrant

# required for all twilio access tokens
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# required for IP messaging grants
ipm_service_sid = 'ISxxxxxxxxxxxx'
identity = 'user@example.com'
device_id = 'someiosdevice'
endpoint_id = "HipFlowSlackDockRC:{0}:{1}".format(identity, device_id)

# Create access token with credentials
token = AccessToken(account_sid, api_key, api_secret, identity)

# Create an IP Messaging grant and add to token
ipm_grant = IpMessagingGrant(
    endpoint_id=endpoint_id, service_sid=ipm_service_sid
)
token.add_grant(ipm_grant)

# Return token info as JSON
print(token.to_jwt())
require 'twilio-ruby'

# Required for any Twilio Access Token
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# Required for Chat
service_sid = 'ISxxxxxxxxxxxx'
device_id = 'someiosdevice'
identity = 'user@example.com'
endpoint_id = "HipFlowSlackDockRC:#{identity}:#{device_id}"

# Create Chat grant for our token
grant = Twilio::JWT::AccessToken::ChatGrant.new
grant.service_sid = service_sid
grant.endpoint_id = endpoint_id

# Create an Access Token
token = Twilio::JWT::AccessToken.new(
  account_sid,
  api_key,
  api_secret,
  [grant],
  identity: identity
)

# Generate the token
puts token.to_jwt
package com.twilio;
import com.twilio.sdk.auth.AccessToken;
import com.twilio.sdk.auth.IpMessagingGrant;

public class TokenGenerator {
  
  public static void main(String[] args) {
    // Required for all types of tokens
    String twilioAccountSid = "ACxxxxxxxxxxxx";
    String twilioApiKey = "SKxxxxxxxxxxxx";
    String twilioApiSecret = "xxxxxxxxxxxxxx";

    // Required for IP Messaging
    String ipmServiceSid = "ISxxxxxxxxxxxx";
    String deviceId = "someiosdevice";
    String identity = "user@example.com";
    String appName = "HipFlowSlackDockRC";
    String endpointId = appName + ":" + identity + ":" + deviceId;
      
    // Create IP messaging grant
    IpMessagingGrant grant = new IpMessagingGrant();
    grant.setEndpointId(endpointId);
    grant.setServiceSid(ipmServiceSid);
    
    // Create access token
    AccessToken token = new AccessToken.Builder(
      twilioAccountSid,
      twilioApiKey,
      twilioApiSecret
    ).identity(identity).grant(grant).build();

    System.out.println(token.toJWT());
  }
}
from twilio.jwt.access_token import AccessToken
from twilio.jwt.access_token.grants import ChatGrant

# required for all twilio access tokens
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# required for Chat grants
service_sid = 'ISxxxxxxxxxxxx'
identity = 'user@example.com'
device_id = 'someiosdevice'
endpoint_id = "HipFlowSlackDockRC:{0}:{1}".format(identity, device_id)

# Create access token with credentials
token = AccessToken(account_sid, api_key, api_secret, identity=identity)

# Create an Chat grant and add to token
chat_grant = ChatGrant(endpoint_id=endpoint_id, service_sid=service_sid)
token.add_grant(chat_grant)

# Return token info as JSON
print(token.to_jwt())
import com.twilio.jwt.accesstoken.AccessToken;
import com.twilio.jwt.accesstoken.ChatGrant;

public class Example {
  public static void main(String[] args) {
    String twilioAccountSid = "ACxxxxxxxxxxxx";
    String twilioApiKey = "SKxxxxxxxxxxxx";
    String twilioApiSecret = "xxxxxxxxxxxxxx";

    String serviceSid = "ISxxxxxxxxxxxx";
    String deviceId = "someiosdevice";
    String identity = "user@example.com";
    String appName = "HipFlowSlackDockRC";
    String endpointId = appName + ":" + identity + ":" + deviceId;

    ChatGrant grant = new ChatGrant();
    grant.setEndpointId(endpointId);
    grant.setServiceSid(serviceSid);

    AccessToken token = new AccessToken.Builder(twilioAccountSid, twilioApiKey, twilioApiSecret)
        .identity(identity).grant(grant).build();

    System.out.println(token.toJwt());
  }
}
Creating an Access Token (Chat)

Endpoint ID

Note: This is only needed if you are using any of the following prior Chat SDK versions:

  • JS SDK: <= 0.11.x
  • iOS SDK: <= 0.16.x
  • Android: <= 0.11.x

Versions of the SDK newer than these automatically generate endpoint_id for you and will ignore this property.

An "endpoint" in Chat is a unique app, device, and user combination that can receive a message in a disambiguated way. Therefore, a User (identity ) can have multiple endpoints (browser, phone, tablet).

For example, "alice@example.com" using "SquareChat" on her iPhone is a different endpoint (addressable message destination) than "alice@example.com" using "SquareChat" on her Kindle Fire tablet. The Endpoint Id you generate on the server should be unique per device, application, and identity. While it can be a string in any format you want, your Endpoint ID should include at least these three dimensions:

  • The identity of the user (for example, "alice@example.com")
  • An identifier that uniquely identifies your application (for example, "SquareChat")
  • A unique identifier for the device, either generated by your application or the OS (for example, a system-provided UUID)

As mentioned above, this identifier is generated for you in newer versions of the Chat SDK, so you only need to generate or provide this property if using an older version.

Optional: TTL (Time To Live) Access Tokens are only valid for a period of time, in seconds. The default is 3600 seconds (1 hour), but you can adjust this to your needs up to a maximum of 24 hours.

Once your client receives an Access Token from your server, you can initialize the Twilio Chat SDK and start sending and receiving messages, as covered in the previous guide.

Next: Access Token Lifecycle

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.

1 / 1
Loading Code Samples...
SDK Version:
  • 4.x
  • 5.x
SDK Version:
  • 6.x
  • 7.x
SDK Version:
  • 2.x
  • 3.x
SDK Version:
  • 4.x
  • 5.x
SDK Version:
  • 5.x
  • 6.x
SDK Version:
  • 4.x
  • 5.x
var AccessToken = require('twilio').AccessToken;
var IpMessagingGrant = AccessToken.IpMessagingGrant;

// Used when generating any kind of tokens
var twilioAccountSid = 'ACxxxxxxxxxx';
var twilioApiKey = 'SKxxxxxxxxxx';
var twilioApiSecret = 'xxxxxxxxxxxx';

// Used specifically for creating IP Messaging tokens
var serviceSid = 'ISxxxxxxxxxxxxx';
var appName = 'HipFlowSlackDockRC';
var identity = 'user@example.com';
var deviceId = 'someiosdeviceid';
var endpointId = appName + ':' + identity + ':' + deviceId;

// Create a "grant" which enables a client to use IPM as a given user,
// on a given device
var ipmGrant = new IpMessagingGrant({
    serviceSid: serviceSid,
    endpointId: endpointId
});

// Create an access token which we will sign and return to the client,
// containing the grant we just created
var token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);
token.addGrant(ipmGrant);
token.identity = identity;

// Serialize the token to a JWT string
console.log(token.toJwt());
const AccessToken = require('twilio').jwt.AccessToken;
const ChatGrant = AccessToken.ChatGrant;

// Used when generating any kind of tokens
const twilioAccountSid = 'ACxxxxxxxxxx';
const twilioApiKey = 'SKxxxxxxxxxx';
const twilioApiSecret = 'xxxxxxxxxxxx';

// Used specifically for creating Chat tokens
const serviceSid = 'ISxxxxxxxxxxxxx';
const appName = 'HipFlowSlackDockRC';
const identity = 'user@example.com';
const deviceId = 'someiosdeviceid';
const endpointId = `${appName}:${identity}:${deviceId}`;

// Create a "grant" which enables a client to use Chat as a given user,
// on a given device
const chatGrant = new ChatGrant({
  serviceSid: serviceSid,
  endpointId: endpointId,
});

// Create an access token which we will sign and return to the client,
// containing the grant we just created
const token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);

token.addGrant(chatGrant);

token.identity = identity;

// Serialize the token to a JWT string
console.log(token.toJwt());
using System;
using Twilio.Auth;

class Example
{
	static void Main(string[] args)
	{
    // These values are necessary for any access token
    var twilioAccountSid = "ACxxxxxxxxxxxx";
    var twilioApiKey = "SKxxxxxxxxxxxx";
    var twilioApiSecret = "xxxxxxxxxxxxxx";

    // These are specific to IP Messaging
    var ipmServiceSid = "ISxxxxxxxxxxxx";
    var identity = "user@example.com";
    var deviceId = "someiosdevice";

    // Create an Access Token generator
    var token = new AccessToken(twilioAccountSid, twilioApiKey, twilioApiSecret);
    token.Identity = identity;

    // Create an IP messaging grant for this token
    var grant = new IpMessagingGrant();
    grant.EndpointId = $"HipFlowSlackDockRC:{identity}:{deviceId}";
    grant.ServiceSid = ipmServiceSid;
    token.AddGrant(grant);

    Console.WriteLine(token.ToJWT());
  }
}
<?php
require_once('./twilio-php/Services/Twilio.php');

// Required for all Twilio access tokens
$twilioAccountSid = 'ACxxxxxxxxxxxx';
$twilioApiKey = 'SKxxxxxxxxxxxx';
$twilioApiSecret = 'xxxxxxxxxxxxxx';

// Required for IP messaging grant
$ipmServiceSid = 'ISxxxxxxxxxxxx';
$appName = 'HipFlowSlackDockRC';
$identity = 'user@example.com';
$deviceId = 'someiosdevice';
$endpointId = $appName . ':' . $identity . ':' . $deviceId;

// Create access token
$token = new Services_Twilio_AccessToken(
    $twilioAccountSid, 
    $twilioApiKey, 
    $twilioApiSecret, 
    3600, 
    $identity
);

// Create IP Messaging grant
$ipmGrant = new Services_Twilio_Auth_IpMessagingGrant();
$ipmGrant->setServiceSid($ipmServiceSid);
$ipmGrant->setEndpointId($endpointId);

// Add grant to token
$token->addGrant($ipmGrant);

// render token to string
echo $token->toJWT();
require 'twilio-ruby'

# Required for any Twilio Access Token
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# Required for IP Messaging
service_sid = 'ISxxxxxxxxxxxx'
device_id = 'someiosdevice'
identity = 'user@example.com'
endpoint_id = "HipFlowSlackDockRC:#{identity}:#{device_id}"

# Create an Access Token
token = Twilio::Util::AccessToken.new account_sid, api_key, api_secret,
                                      3600, identity

# Create IP Messaging grant for our token
grant = Twilio::Util::AccessToken::IpMessagingGrant.new
grant.service_sid = service_sid
grant.endpoint_id = endpoint_id
token.add_grant grant

# Generate the token
puts token.to_jwt
using System;
using System.Collections.Generic;
using Twilio.Jwt.AccessToken;

class Example
{
    static void Main(string[] args)
    {
        // These values are necessary for any access token
        const string twilioAccountSid = "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string twilioApiKey = "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string twilioApiSecret = "your_secret";

        // These are specific to Chat
        const string serviceSid = "ISXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
        const string identity = "user@example.com";
        const string deviceId = "someiosdevice";

        // Create an Chat grant for this token

        var grant = new ChatGrant
        {
          ServiceSid = serviceSid,
          EndpointId = $"HipFlowSlackDockRC:{identity}:{deviceId}"
        };

        var grants = new HashSet<IGrant>
        {
            { grant }
        };

        // Create an Access Token generator
        var token = new Token(
            twilioAccountSid,
            twilioApiKey,
            twilioApiSecret,
            identity,
            grants: grants);

        Console.WriteLine(token.ToJwt());
    }
}
<?php
// Get the PHP helper library from https://twilio.com/docs/libraries/php
require_once '/path/to/vendor/autoload.php'; // Loads the library
use Twilio\Jwt\AccessToken;
use Twilio\Jwt\Grants\ChatGrant;

// Required for all Twilio access tokens
$twilioAccountSid = 'ACxxxxxxxxxxxx';
$twilioApiKey = 'SKxxxxxxxxxxxx';
$twilioApiSecret = 'xxxxxxxxxxxxxx';

// Required for Chat grant
$serviceSid = 'ISxxxxxxxxxxxx';
// An identifier for your app - can be anything you'd like
$appName = 'TwilioChatDemo';
// choose a random username for the connecting user
$identity = "john_doe";
// A device ID should be passed as a query string parameter to this script
$deviceId = 'somedevice';
$endpointId = $appName . ':' . $identity . ':' . $deviceId;

// Create access token, which we will serialize and send to the client
$token = new AccessToken(
    $twilioAccountSid,
    $twilioApiKey,
    $twilioApiSecret,
    3600,
    $identity
);

// Create Chat grant
$chatGrant = new ChatGrant();
$chatGrant->setServiceSid($serviceSid);
$chatGrant->setEndpointId($endpointId);

// Add grant to token
$token->addGrant($chatGrant);

// render token to string
echo $token->toJWT();
from twilio.access_token import AccessToken, IpMessagingGrant

# required for all twilio access tokens
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# required for IP messaging grants
ipm_service_sid = 'ISxxxxxxxxxxxx'
identity = 'user@example.com'
device_id = 'someiosdevice'
endpoint_id = "HipFlowSlackDockRC:{0}:{1}".format(identity, device_id)

# Create access token with credentials
token = AccessToken(account_sid, api_key, api_secret, identity)

# Create an IP Messaging grant and add to token
ipm_grant = IpMessagingGrant(
    endpoint_id=endpoint_id, service_sid=ipm_service_sid
)
token.add_grant(ipm_grant)

# Return token info as JSON
print(token.to_jwt())
require 'twilio-ruby'

# Required for any Twilio Access Token
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# Required for Chat
service_sid = 'ISxxxxxxxxxxxx'
device_id = 'someiosdevice'
identity = 'user@example.com'
endpoint_id = "HipFlowSlackDockRC:#{identity}:#{device_id}"

# Create Chat grant for our token
grant = Twilio::JWT::AccessToken::ChatGrant.new
grant.service_sid = service_sid
grant.endpoint_id = endpoint_id

# Create an Access Token
token = Twilio::JWT::AccessToken.new(
  account_sid,
  api_key,
  api_secret,
  [grant],
  identity: identity
)

# Generate the token
puts token.to_jwt
package com.twilio;
import com.twilio.sdk.auth.AccessToken;
import com.twilio.sdk.auth.IpMessagingGrant;

public class TokenGenerator {
  
  public static void main(String[] args) {
    // Required for all types of tokens
    String twilioAccountSid = "ACxxxxxxxxxxxx";
    String twilioApiKey = "SKxxxxxxxxxxxx";
    String twilioApiSecret = "xxxxxxxxxxxxxx";

    // Required for IP Messaging
    String ipmServiceSid = "ISxxxxxxxxxxxx";
    String deviceId = "someiosdevice";
    String identity = "user@example.com";
    String appName = "HipFlowSlackDockRC";
    String endpointId = appName + ":" + identity + ":" + deviceId;
      
    // Create IP messaging grant
    IpMessagingGrant grant = new IpMessagingGrant();
    grant.setEndpointId(endpointId);
    grant.setServiceSid(ipmServiceSid);
    
    // Create access token
    AccessToken token = new AccessToken.Builder(
      twilioAccountSid,
      twilioApiKey,
      twilioApiSecret
    ).identity(identity).grant(grant).build();

    System.out.println(token.toJWT());
  }
}
from twilio.jwt.access_token import AccessToken
from twilio.jwt.access_token.grants import ChatGrant

# required for all twilio access tokens
account_sid = 'ACxxxxxxxxxxxx'
api_key = 'SKxxxxxxxxxxxx'
api_secret = 'xxxxxxxxxxxxxx'

# required for Chat grants
service_sid = 'ISxxxxxxxxxxxx'
identity = 'user@example.com'
device_id = 'someiosdevice'
endpoint_id = "HipFlowSlackDockRC:{0}:{1}".format(identity, device_id)

# Create access token with credentials
token = AccessToken(account_sid, api_key, api_secret, identity=identity)

# Create an Chat grant and add to token
chat_grant = ChatGrant(endpoint_id=endpoint_id, service_sid=service_sid)
token.add_grant(chat_grant)

# Return token info as JSON
print(token.to_jwt())
import com.twilio.jwt.accesstoken.AccessToken;
import com.twilio.jwt.accesstoken.ChatGrant;

public class Example {
  public static void main(String[] args) {
    String twilioAccountSid = "ACxxxxxxxxxxxx";
    String twilioApiKey = "SKxxxxxxxxxxxx";
    String twilioApiSecret = "xxxxxxxxxxxxxx";

    String serviceSid = "ISxxxxxxxxxxxx";
    String deviceId = "someiosdevice";
    String identity = "user@example.com";
    String appName = "HipFlowSlackDockRC";
    String endpointId = appName + ":" + identity + ":" + deviceId;

    ChatGrant grant = new ChatGrant();
    grant.setEndpointId(endpointId);
    grant.setServiceSid(serviceSid);

    AccessToken token = new AccessToken.Builder(twilioAccountSid, twilioApiKey, twilioApiSecret)
        .identity(identity).grant(grant).build();

    System.out.println(token.toJwt());
  }
}