Create API keys in Twilio Console
You can create and manage all of your API keys in the Twilio Console. To create and manage API keys using the REST API, refer to Key resource v1.
API keys represent the required credentials that you'll use to authenticate to Twilio's REST API and to create and revoke Access Tokens.
Info
If your API key requires access to the Accounts (/Accounts) or Keys (/Accounts/{SID}/Keys, /v1/Keys) endpoints, then you'll need to use a Main key. You can create Main keys only in the Twilio Console.
The API key types are Main, Standard, and Restricted (Key resource v1 only). The following table describes each type:
| Key type | Access permissions | Create in Console | Create with REST API |
|---|---|---|---|
| Main | Full access to all Twilio API resources. Equivalent to using your Account SID and Auth Token for API requests. | Yes | No |
| Standard | Access to all Twilio API resources, except for Accounts (/Accounts) or Keys (/Accounts/{SID}/Keys, /v1/Keys) resources. | Yes | Yes |
| Restricted | Customized, fine-grained access to specific Twilio API resources. Learn more about Restricted API keys. | Yes | Yes (v1 only) |
-
Log in to Twilio Console and navigate to Settings > Account settings > API keys & auth tokens.
-
From the region selector, select your region, then click Create API key.
-
On the API key details page, enter the API key name and select the key type: Standard or Restricted
- For standard keys, click Next.
- For restricted keys, under Permissions, select the permissions to grant to the API key, then click Next.
The API key is created and the secret is displayed.
-
Copy the secret and store it somewhere secure.
-
Select the Got it! checkbox and click Finish.
Restricted API keys can have complex permissions. You can save time by duplicating a Restricted API key as a starting point for a new key.
- Log in to Twilio Console and navigate to Settings > Account settings > API keys & auth tokens.
- On the API keys tab, click the name of the Restricted API key that you want to duplicate.
- Click Duplicate this key.
- On the API key details page, enter the API key name and adjust the permissions as needed.
- Click Next.
The API key is created and the secret is displayed. - Copy the secret and store it somewhere secure.
- Select the Got it! checkbox and click Finish.
For Standard and Main API keys, you can update only the API key name. For Restricted keys, you can update the API key name and the permissions.
- Log in to Twilio Console and navigate to Settings > Account settings > API keys & auth tokens.
- On the API keys tab, click the name of the API key to update.
- To update the API key name, on the API key details tab, click Edit name, update the name, then click Save.
- To update the permissions for a Restricted key, on the Permissions tab, update the permissions and click Save.
If you no longer use an API key or if a key has been compromised, then you can revoke the key's permissions by deleting the API key.
- Log in to Twilio Console and navigate to Settings > Account settings > API keys & auth tokens.
- On the API keys tab, click the name of the API key to delete.
- Click Delete this key.
- In the pop-up, click Delete to confirm deletion.