Rate this page:

Understanding Visibility: Public, Protected and Private Functions and Assets

When you create Functions or Assets, you must specify their Visibility. There are three options:


A public Function or Asset is publically accessible on the internet at a specific URL once deployed. For example, if you create a Function with the path /send/sms and deploy to an environment then your function will be publically accessible at


A protected Function or Asset requires a valid Twilio request signature to be accessed. This means that the Function or Asset is only accessible if the request to access it contains the X-Twilio-Signature header and the signature is valid. This means you can limit your Functions and Assets only to be accessible to Twilio webhooks, such as on an incoming call or SMS message. Configure a phone number on the Twilio console to set a Function as the response to a webhook.


Private Functions and Assets are library files intended only for access via other Functions. For example, you may have a set of private library Functions that enable functionality that is called from a single protected Function. Or if your Function relied on a JSON file of data to read from, you can deploy that JSON file as a private asset and read it from the Function.

Example: Including a Function in another function.

exports.handler = function(context, event, callback) {
  // First, get the path for the Function
  let path = Runtime.getFunctions()['function-path'].path;
  // Next, simply use the standard require() to bring the library into scope
  let zoltar = require(path);
  // Finally, use the module as you would any other 
  console.log('The answer to your riddle is: ' + zoltar.ask());
  return callback();

Example: Including a private Asset in a function.

exports.handler = function(context, event, callback) {
  const fs = require('fs');
  // First, get the path for the Asset
  let fileName = 'my_file.txt';
  let file = Runtime.getAssets()[fileName].path;
  // Next, read the file in via fs
  let text = fs.readFileSync(file).toString('utf-8');
  // Finally, use the text as required
  console.log('Your file contents: ' + text);
  return callback();
Rate this page:

Need some help?

We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.


        Thank you for your feedback!

        We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

        Sending your feedback...
        🎉 Thank you for your feedback!
        Something went wrong. Please try again.

        Thanks for your feedback!

        Refer us and get $10 in 3 simple steps!

        Step 1

        Get link

        Get a free personal referral link here

        Step 2

        Give $10

        Your user signs up and upgrade using link

        Step 3

        Get $10

        1,250 free SMSes
        OR 1,000 free voice mins
        OR 12,000 chats
        OR more