Rate this page:

An application programming interface key (API key) is a unique identifier that is used to authenticate a developer or program to an API.

How Do API Keys Differ from Account Credentials?

When you create an account with Twilio, Twilio generates an Account String Identifier (SID) and an Auth Token; these are your account API Credentials. Anytime you directly share these credentials, say with a colleague, you increase the risk of those credentials becoming compromised. Luckily Twilio also allows you to authenticate using API Keys.

API Keys are the preferred way to authenticate to Twilio's services. There are two types of API Keys: Standard and Main.

Standard API Keys give you access to all of the functionality in Twilio's API, except managing API Keys, Account Configuration, and Subaccounts.

Main API Keys have the same access as standard keys, but can also manage API Keys, Account Configuration, and Subaccounts. Main API Keys give you the same level of access as if you were using the account API Credentials.

How Can I Create API Keys?

You can create API Keys from the Twilio Console by following these steps:

  • Navigate to Settings and select API Keys, or simply follow this link
  • Click on the plus (+) icon if you have other API keys already, otherwise click the Create new API Key button
  • Enter a friendly name for your API Key
  • Select whether the key type should be Standard or Main

Steps to Create a New API Key in the Twilio Console

Upon creation of an API Key, you will be presented with the key as well as a secret. This secret serves as the password for the key, much as your account's auth token serves as the password for your Account SID. Please take note of the secret and ensure that you save it securely, as it is only shown once at creation and never again.

In addition to using the Twilio Console, you can also create standard API Keys using the Twilio CLI, SDK, and API as shown in the Twilio Documentation.

How do I Authenticate with an API Key?

Instead of authenticating with Twilio using your Account SID and Auth Token, you can now use the API Key, its secret, and the Account SID.

For example, if you were creating a Twilio Client in Node.js with the Account Credentials, you would do as follows:

const accountSid = process.env.TWILIO_ACCOUNT_SID;
const authToken = process.env.TWILIO_AUTH_TOKEN;
const client = require('twilio')(accountSid, authToken);

Creating a Twilio Client using an API Key is very similar. Note that the Account SID is still used:

const accountSid = process.env.TWILIO_ACCOUNT_SID;
const apiKey = process.env.TWILIO_API_KEY;
const apiSecret = process.env.TWILIO_API_SECRET;
const client = require('twilio')(apiKey, apiSecret, { accountSid });

When interacting with the API directly instead of using a helper library, you simply use the API Key and secret as your Basic Auth header like so:

curl -X GET 'https://api.twilio.com/2010-04-01/Accounts.json?PageSize=20' \
Rate this page:

Thank you for your feedback!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

Sending your feedback...
🎉 Thank you for your feedback!
Something went wrong. Please try again.

Thanks for your feedback!

Refer us and get $10 in 3 simple steps!

Step 1

Get link

Get a free personal referral link here

Step 2

Give $10

Your user signs up and upgrade using link

Step 3

Get $10

1,250 free SMSes
OR 1,000 free voice mins
OR 12,000 chats
OR more