Organization OAuth apps
Twilio's organization-level APIs only support OAuth 2.0. API keys and Auth Tokens are not supported.
Organization-level APIs can be accessed using both the Client Credentials and Authorization Code grant types of OAuth 2.0. The steps below explain how to manage both types of OAuth apps.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- Click Create OAuth application.
- For Grant type, select Client credentials.
- Enter the Application name and Application description.
- On the Scopes & permissions step, select the scopes and permission you want to include in the OAuth application. Get the Permission to API mapping details here.
- On the Copy secret page, copy the credentials and store them somewhere secure.
- Select the Got it! checkbox and click Finish.
To generate the access token, use the Token API.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- On the OAuth applications page, click on the App name of the Client Credentials app you want to view or update.
- On the APPLICATION DETAILS tab, view Application name, Description of the application, Date created and Created by. To update the application details, click Edit application details and update the details, then click Save.
- On the ACCESS SETTINGS, view OAuth Scopes. You can update the OAuth scopes.
- On the Credentials tab, view the Client ID with the ability to rotate Client Secret.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- In the Action column of the OAuth app you want to delete, click Delete.
- In the dialog, click Delete.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- Click Create OAuth application.
- Select grant type as Authorization code.
- On the Application details page, enter the application details:
- Application name
- Application description
- Company name
- Images for the application
- Homepage URL
- Terms of service URL
- Redirect URL
- On the Scopes & permissions page, select the scopes and permission you want to include in the OAuth application. Get the Permission to API mapping details here.
- On the Copy secret page, copy the credentials and store them somewhere secure. For the Authorization Code grant type, Twilio generates a Client ID, Client Secret, and Authorization URL.
- Select the Got it! checkbox and click Finish.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- On the OAuth apps page, click on the App name of the Authorization Code app you want to view or update.
- On the APPLICATION DETAILS tab, view Application name, Description of the application, Date created, Created by, Company name, Homepage URL, Terms of service URL and Redirect URL. To update the application details, click Edit application details and update the details, then click Save.
- On the ACCESS SETTINGS, view OAuth Scopes. You can update the OAuth scopes.
- On the Credentials tab, view the Client ID and Authorization URL with the ability to rotate Client Secret.
Twilio ConsoleLegacy Console
- Log in to Twilio Console and navigate to Settings > Organization settings > Organization API access.
- In the Action column of the OAuth app you want to delete, click Delete.
- In the pop-up, click Delete.
(information)
Info
When you delete an Authorization Code OAuth app, its access is revoked immediately and any active access tokens become invalid.
Here are the list of Scopes & Permissions and Organization API endpoints associated with them:
| Scopes / Permissions | Method | API Endpoints | API doc |
|---|---|---|---|
| managed-users/read | GET | https://iam.twilio.com/scim/v2/Users/sid<US> | API Doc |
| managed-users/list | GET | https://iam.twilio.com/scim/v2/Users | API Doc |
| managed-users/create | POST | https://iam.twilio.com/scim/v2/Users | API Doc |
| managed-users/update | PUT | https://iam.twilio.com/scim/v2/Users/sid<US> | API Doc |
| managed-users/delete | DELETE | https://iam.twilio.com/scim/v2/Users/sid<US> | API Doc |
| role-assignments/list | GET | https://iam.twilio.com/v2/Organizations/RoleAssignments | API Doc |
| role-assignments/create | POST | https://iam.twilio.com/v2/Organizations/RoleAssignments | API Doc |
| role-assignments/delete | DELETE | https://iam.twilio.com/v2/Organizations/RoleAssignments/sid<IY> | API Doc |
| roles/list | GET | https://iam.twilio.com/v2/Organizations/Roles | API Doc |