Skip to contentSkip to navigationSkip to topbar
Twilio Docs
Page tools
On this page
Looking for more inspiration?Visit the

51130: Twilsock: Token is invalid!

ERROR: 51130

error-51130 page anchor
ERROR

Description

description page anchor

This error occurs when your client tries to connect through Twilsock with an Access Token that is not a valid Twilio Access Token or cannot be parsed as one. Twilio Access Tokens are short-lived JWT credentials for client-side SDKs, and they must have a valid header, payload, signature, and product grant.

Possible causes

possible-causes page anchor
  • The value you passed is not a Twilio Access Token, such as a malformed JWT or a different credential type like an Auth Token or another token format.
  • The token was generated with the wrong credential combination, such as an Account SID, API Key, or API Secret that do not belong together, or it was created with Test Credentials instead of Live Credentials. (help.twilio.com(link takes you to an external page))
  • The token was passed to the SDK as something other than a plain string, such as a JSON object. (help.twilio.com(link takes you to an external page))
  • The token payload is missing a valid grants object or the grant does not match the SDK you are initializing. For example, Conversations tokens need the chat grant, and Sync tokens need a SyncGrant with a serviceSid.
  • If you are using Conversations, an invalid token can cause the client connection state to become denied until you provide a fresh valid token.

Possible solutions

possible-solutions page anchor
  • Generate a new Access Token on your server with a Twilio helper library. Use your Live Account SID, a valid API Key SID, and the matching API Secret. (help.twilio.com(link takes you to an external page))
  • Verify the token structure before sending it to the client. The header must include typ="JWT", alg="HS256", and cty="twilio-fpa;v=1". The payload should include iss, sub, iat, exp, and at least one valid product grant.
  • Pass the token to your SDK as the raw serialized JWT string, not as a wrapped JSON object or another credential type. (help.twilio.com(link takes you to an external page))
  • If you are connecting to Conversations, create the token with the correct chat grant, Chat Service SID, and identity. Avoid reserved characters in the identity value.
  • If you are connecting to Sync, include a SyncGrant with the correct serviceSid for your Sync Service.
  • Keep tokens short-lived. If your client is rotating tokens, fetch a fresh token from your server and update the client before the old token expires.
  • Review the Twilio Debugger or Error Logs for the failing request so you can inspect the error code, description, and log properties tied to the connection attempt.

Additional resources

additional-resources page anchor