Skip to contentSkip to navigationSkip to topbar
Twilio Docs
On this page

REST API: Key Resource v2010

(warning)

Key resource v2010 limitations

The Key resource v2010 doesn't support creating Restricted API keys. The latest version of the Key resource Key resource v1. The Key resource v1 supports all the features of Key resource v2010 and adds the ability to create Restricted API keys.

Use the Key resource to create and manage Standard API keys.

API keys represent the required credentials that you'll use to authenticate to Twilio's REST API and to create and revoke Access Tokens.

(information)

Info

If your API key requires access to the Accounts (/Accounts) or Keys (/Accounts/{SID}/Keys, /v1/Keys) endpoints, then you'll need to use a Main key. You can create Main keys only in the Twilio Console(link takes you to an external page).

Types of keys

types-of-keys page anchor

The API key types are Main, Standard, and Restricted (Public Beta, Key resource v1 only). The following table describes each type:

Key typeAccess permissionsCreate in ConsoleCreate with REST API
MainFull access to all Twilio API resources. Equivalent to using your Account SID and Auth Token for API requests.YesNo
StandardAccess to all Twilio API resources, except for Accounts (/Accounts) or Keys (/Accounts/{SID}/Keys, /v1/Keys) resources.YesYes
RestrictedCustomized, fine-grained access to specific Twilio API resources. Learn more about Restricted API keys.YesYes (v1 only)

Key Properties

key-properties page anchor
Property nameTypeRequiredDescriptionChild properties
sidSID<SK>

Optional

Not PII

The unique string that that we created to identify the Key resource.

Pattern: ^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34
friendlyNamestring

Optional

PII MTL: 30 days

The string that you assigned to describe the resource.

dateCreatedstring<date-time-rfc-2822>

Optional

Not PII

The date and time in GMT that the resource was created specified in RFC 2822(link takes you to an external page) format.

dateUpdatedstring<date-time-rfc-2822>

Optional

Not PII

The date and time in GMT that the resource was last updated specified in RFC 2822(link takes you to an external page) format.

Create an API key

create-an-api-key page anchor

POST https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys.json

(warning)

Warning

To create Standard API keys with the API, you must use one of the following credentials: your Account SID and Auth Token, a Main API key, or a Restricted API key with the permission for /twilio/iam/api-keys/create.

Path parameters

path-parameters page anchor
Property nameTypeRequiredPIIDescription
accountSidSID<AC>
required
Not PII

The SID of the Account that will be responsible for the new Key resource.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34

Request body parameters

request-body-parameters page anchor
Encoding type:application/x-www-form-urlencoded
SchemaExample
Property nameTypeRequiredDescriptionChild properties
friendlyNamestring

Optional

PII MTL: 30 days

A descriptive string that you create to describe the resource. It can be up to 64 characters long.

The response contains a sid property and a secret property. Store the secret in a secure location, because you won't be able to retrieve it again. Twilio uses the Key resource's sid and the secret as the credentials when making API requests.

Create an API keyLink to code sample: Create an API key
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function createNewKey() {

11
  const newKey = await client.newKeys.create({

12
    friendlyName: "Mario's API key",

13
  });

14


15
  console.log(newKey.sid);

16
}

17


18
createNewKey();

Response

1
{

2
  "sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",

3
  "friendly_name": "Mario's API key",

4
  "date_created": "Mon, 13 Jun 2016 22:50:08 +0000",

5
  "date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",

6
  "secret": "foobar"

7
}

Fetch a Key resource

fetch-a-key-resource page anchor

GET https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

Returns a representation of the API key.

(warning)

Warning

For security reasons, Twilio returns the secret field only when the API key is first created and never includes the secret field when you fetch the resource. Your application should store the API key's SID and secret in a secure location to authenticate to the API.

Path parameters

path-parameters-1 page anchor
Property nameTypeRequiredPIIDescription
accountSidSID<AC>
required
Not PII

The SID of the Account that created the Key resource to fetch.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34
sidSID<SK>
required
Not PII

The Twilio-provided string that uniquely identifies the Key resource to fetch.

Pattern: ^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34
Fetch an API keyLink to code sample: Fetch an API key
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function fetchKey() {

11
  const key = await client.keys("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").fetch();

12


13
  console.log(key.sid);

14
}

15


16
fetchKey();

Response

1
{

2
  "sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",

3
  "friendly_name": "foo",

4
  "date_created": "Mon, 13 Jun 2016 22:50:08 +0000",

5
  "date_updated": "Mon, 13 Jun 2016 22:50:08 +0000"

6
}

List Key resources

list-key-resources page anchor

GET https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys.json

Returns a list of API keys associated with a given Account, sorted by DateUpdated.

The list includes all API keys and paging information.

Path parameters

path-parameters-2 page anchor
Property nameTypeRequiredPIIDescription
accountSidSID<AC>
required
Not PII

The SID of the Account that created the Key resources to read.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34

Query parameters

query-parameters page anchor
Property nameTypeRequiredPIIDescription
pageSizeinteger<int64>

Optional

Not PII

How many resources to return in each list page. The default is 50, and the maximum is 1000.

Minimum: 1Maximum: 1000
pageinteger

Optional

Not PII

The page index. This value is simply for client state.

Minimum: 0
pageTokenstring

Optional

Not PII

The page token. This is provided by the API.

Read a Key resourceLink to code sample: Read a Key resource
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function listKey() {

11
  const keys = await client.keys.list({ limit: 20 });

12


13
  keys.forEach((k) => console.log(k.sid));

14
}

15


16
listKey();

Response

1
{

2
  "keys": [

3
    {

4
      "sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",

5
      "friendly_name": "foo",

6
      "date_created": "Mon, 13 Jun 2016 22:50:08 +0000",

7
      "date_updated": "Mon, 13 Jun 2016 22:50:08 +0000"

8
    }

9
  ],

10
  "first_page_uri": "/2010-04-01/Accounts/ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Keys.json?PageSize=50&Page=0",

11
  "end": 0,

12
  "previous_page_uri": null,

13
  "uri": "/2010-04-01/Accounts/ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/Keys.json?PageSize=50&Page=0",

14
  "page_size": 50,

15
  "start": 0,

16
  "next_page_uri": null,

17
  "page": 0

18
}

Update a Key resource

update-a-key-resource page anchor

POST https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

Attempts to update the fields of an API Key resource.

If successful, Twilio returns the updated resource representation. The response is identical to that of the fetch a Key resource endpoint.

Path parameters

path-parameters-3 page anchor
Property nameTypeRequiredPIIDescription
accountSidSID<AC>
required
Not PII

The SID of the Account that created the Key resources to update.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34
sidSID<SK>
required
Not PII

The Twilio-provided string that uniquely identifies the Key resource to update.

Pattern: ^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34

Request body parameters

request-body-parameters-1 page anchor
Encoding type:application/x-www-form-urlencoded
SchemaExample
Property nameTypeRequiredDescriptionChild properties
friendlyNamestring

Optional

PII MTL: 30 days

A descriptive string that you create to describe the resource. It can be up to 64 characters long.

Update a Key resourceLink to code sample: Update a Key resource
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function updateKey() {

11
  const key = await client

12
    .keys("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")

13
    .update({ friendlyName: "friendly_name" });

14


15
  console.log(key.sid);

16
}

17


18
updateKey();

Response

1
{

2
  "sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",

3
  "friendly_name": "friendly_name",

4
  "date_created": "Mon, 13 Jun 2016 22:50:08 +0000",

5
  "date_updated": "Mon, 13 Jun 2016 22:50:08 +0000"

6
}

Delete a Key Resource

delete-a-key-resource page anchor

DELETE https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

Deletes an API key. Deleting an API key revokes the authorization to authenticate to the REST API and invalidates all Access Tokens generated using the API key's secret.

If the deletion is successful, Twilio returns an HTTP 204 response with no body.

(warning)

Warning

You may only delete keys by authenticating with the account's AccountSid and AuthToken or API keys that have the Main key flag set in the console.

Path parameters

path-parameters-4 page anchor
Property nameTypeRequiredPIIDescription
accountSidSID<AC>
required
Not PII

The SID of the Account that created the Key resources to delete.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34
sidSID<SK>
required
Not PII

The Twilio-provided string that uniquely identifies the Key resource to delete.

Pattern: ^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34
Delete a Key resourceLink to code sample: Delete a Key resource
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function deleteKey() {

11
  await client.keys("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").remove();

12
}

13


14
deleteKey();