Menu

Expand
Rate this page:

Thanks for rating this page!

We are always striving to improve our documentation quality, and your feedback is valuable to us. How could this documentation serve you better?

REST API: API Keys

You access the Twilio API using API keys that represent the required credentials. These keys:

  • Authenticate to the REST API
  • Create and revoke Access Tokens

See this document for more information about your request to Twilio's REST API, or read our article on Access Tokens to learn more.

API Keys can be provisioned and revoked through the REST API or the Twilio Console. This provides a powerful and flexible primitive for managing access to the Twilio API.

For example, you might issue separate API Keys to different developers or to different subsystems within your application.

Since API Keys can be independently revoked, you have complete control of the lifecycle of your API credentials.

If your use case requires API Keys to access the /Accounts or /Keys endpoint, a Master Key needs to be used. This can be created in the Console.

Key properties

Names in PHP format
sid
sid<SK> Not PII

The unique string that that we created to identify the Key resource.

friendlyName

The string that you assigned to describe the resource.

dateCreated
date_time<rfc2822> Not PII

The date and time in GMT that the resource was created specified in RFC 2822 format.

dateUpdated
date_time<rfc2822> Not PII

The date and time in GMT that the resource was last updated specified in RFC 2822 format.

Fetch a Key resource

get
https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

Returns a representation of the API Key, including the properties below.

For security reasons the Secret field is ONLY returned when the API Key is first created – never when fetching the resource.

Parameters
Names in None format
account_sid
Required
get sid<AC> Not PII

The SID of the Account that created the Key resource to fetch.

sid
Required
get sid<SK> Not PII

The Twilio-provided string that uniquely identifies the Key resource to fetch.

Example 1
        
        
        
        
        Note that the API Key's Secret field is redacted in the output of this example. As noted above, Secret fields are only returned when the API Key is first created.

        Fetch an API Key

        Note that the API Key's Secret field is redacted in the output of this example. As noted above, Secret fields are only returned when the API Key is first created.
        Example 2
              
              
              
              
              An example fetching of an API Key.

              Fetch an API Key

              An example fetching of an API Key.

              Read a Key resource

              get
              https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys.json

              Returns a list of API Keys in this account, sorted by DateUpdated.

              The list includes all API Keys. It also includes paging information.

              Parameters
              Names in None format
              account_sid
              Required
              get sid<AC> Not PII

              The SID of the Account that created the Key resources to read.

              Example 1
                    
                    
                    
                    
                    Retrieve all the API Keys in an account

                    Read a Key resource

                    Retrieve all the API Keys in an account

                    Update a Key resource

                    post
                    https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

                    Attempts to update the fields of an API Key instance.

                    If successful, it returns the updated resource representation. The response will be identical to that of the HTTP GET (fetch).

                    Parameters
                    Names in None format
                    account_sid
                    Required
                    post sid<AC> Not PII

                    The SID of the Account that created the Key resources to update.

                    sid
                    Required
                    post sid<SK> Not PII

                    The Twilio-provided string that uniquely identifies the Key resource to update.

                    friendly_name
                    Optional
                    post string PII MTL: 30 DAYS

                    A descriptive string that you create to describe the resource. It can be up to 64 characters long.

                    Example 1
                          
                          
                          
                          

                          Delete a Key Resource

                          delete
                          https://api.twilio.com/2010-04-01/Accounts/{AccountSid}/Keys/{Sid}.json

                          Deletes an API Key. This revokes its authorization to authenticate to the REST API and invalidates all Access Tokens generated using its secret.

                          If the delete is successful, Twilio will return an HTTP 204 response with no body.

                          You may only delete Keys by authenticating with the account's AccountSid and AuthToken or API Keys that have the master key flag set in the console.

                          Parameters
                          Names in None format
                          account_sid
                          Required
                          delete sid<AC> Not PII

                          The SID of the Account that created the Key resources to delete.

                          sid
                          Required
                          delete sid<SK> Not PII

                          The Twilio-provided string that uniquely identifies the Key resource to delete.

                          Example 1
                                
                                
                                
                                
                                Rate this page:

                                Need some help?

                                We all do sometimes; code is hard. Get help now from our support team, or lean on the wisdom of the crowd browsing the Twilio tag on Stack Overflow.