Access Control

With Twilio's role-based access control (RBAC) platform, you can grant access to Twilio resources in a granular way and prevent access to other resources. Twilio RBAC lets you adopt the security principle of "least privilege access" for users in your Twilio accounts.

Here are the key features of the Access Control product:

• Control access to Twilio resources with built-in roles that range in scope from your whole organization down to viewing only a specific product for a specific subaccount.
• Manage role assignments across multiple accounts and subaccounts in one place using the self-serve RBAC management interface in Organization Settings (Twilio Console) or Twilio Admin (Legacy Console).

Some of the improvements made to RBAC in the Twilio Console compared to the Legacy Console are:

• You can manage RBAC built-in roles on the Account settings > User management > User access page. This isn't supported in the Legacy Console.
• In addition to the existing built-in roles, new built-in roles are available for products such as Email, Memory, and Trust Hub.
• The Twilio Console doesn't have a separate role assignment page. All role assignments are on the User management page. To add or edit a user's role assignment, click a user under Managed users, then click the Role assignments tab.
• The Twilio Console moves the Roles page into a tab under User management page, replacing the standalone Access Control section that existed in the Legacy Console.
• The Twilio Console introduces resource-based roles. These provide more granular access by scoping permissions to specific resources rather than granting global access. You can assign Billing Group Admin and Billing Group Viewer roles to specific Billing Groups at the organization level.