Skip to contentSkip to navigationSkip to topbar
Rate this page:
On this page

Encrypted Recordings


(warning)

Warning

This page is for reference only. We are no longer onboarding new customers to Programmable Video. Existing customers can continue to use the product until December 5, 2024(link takes you to an external page).
We recommend migrating your application to the API provided by our preferred video partner, Zoom. We've prepared this migration guide(link takes you to an external page) to assist you in minimizing any service disruption.

(information)

Overview

overview page anchor

The Twilio Recording Settings REST API lets you configure Twilio to store your recordings encrypted. Recording Settings work per-account (i.e. project). If you activate encryption, all Video Recordings in your account (or project) will get encrypted.

This document contains reference information about the Recording Settings REST API for encryption. For a step-by-step guide you can also read the Encrypting your Stored Media developer guide



These are the URI schemes for the Recording Settings REST API and the supported methods:

  • /v1/RecordingSettings/Default
    • GET : Retrieves current Recording Settings.
    • POST : Updates the Recording Settings.

Recording Settings instance resource

recording-settings-instance-resource page anchor

The Default RecordingSettings resource holds the default recording settings for the given Twilio account (or project). Its configuration will be applied to all Recordings created in such account (or project).

Base URL

base-url page anchor

The Recording Settings default resource is located at the following Base URL:


_10
https://video.twilio.com/v1/RecordingSettings/Default

A RecordingSettings resource has the following properties:

Resource properties
account_sidtype: SID<AC>Not PII

The SID of the Account(link takes you to an external page) that created the RecordingSettings resource.


friendly_nametype: stringNot PII

The string that you assigned to describe the resource and show the user in the console


aws_credentials_sidtype: SID<CR>Not PII

The SID of the stored Credential resource.


aws_s3_urltype: string<URI>Not PII

The URL of the AWS S3 bucket where the recordings are stored. We only support DNS-compliant URLs like https://documentation-example-twilio-bucket/recordings, where recordings is the path in which you want the recordings to be stored. This URL accepts only URI-valid characters, as described in the RFC 3986(link takes you to an external page).


aws_storage_enabledtype: booleanNot PII

Whether all recordings are written to the aws_s3_url. When false, all recordings are stored in our cloud.


encryption_key_sidtype: SID<CR>Not PII

The SID of the Public Key resource used for encryption.


encryption_enabledtype: booleanNot PII

Whether all recordings are stored in an encrypted form. The default is false.


urltype: string<URI>Not PII

The absolute URL of the resource.

In the table above, the following properties are reserved for the feature called External S3 Storage:

  • aws_credentials_sid
  • aws_s3_url
  • aws_storage_enabled

HTTP GET: Get Settings

http-get page anchor

Retrieves your account's default Recording Settings.

For example:

Fetch Recording Settings

fetch-recording-settings page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_10
// Download the helper library from https://www.twilio.com/docs/node/install
_10
// Find your Account SID and Auth Token at twilio.com/console
_10
// and set the environment variables. See http://twil.io/secure
_10
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_10
const authToken = process.env.TWILIO_AUTH_TOKEN;
_10
const client = require('twilio')(accountSid, authToken);
_10
_10
client.video.v1.recordingSettings()
_10
.fetch()
_10
.then(recording_settings => console.log(recording_settings.friendlyName));

Output

_10
{
_10
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"friendly_name": "string",
_10
"aws_credentials_sid": "CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"encryption_key_sid": "CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"aws_s3_url": "https://my-super-duper-bucket.s3.amazonaws.com/my/path/",
_10
"aws_storage_enabled": true,
_10
"encryption_enabled": true,
_10
"url": "https://video.twilio.com/v1/RecordingSettings/Default"
_10
}

HTTP POST: Set Settings

http-post page anchor

Sets your account's default Recording Settings. POST requests support the following parameters:

Request body parameters
FriendlyNametype: stringNot PII
Required

A descriptive string that you create to describe the resource and be shown to users in the console


AwsCredentialsSidtype: SID<CR>Not PII

The SID of the stored Credential resource.


EncryptionKeySidtype: SID<CR>Not PII

The SID of the Public Key resource to use for encryption.


AwsS3Urltype: string<URI>Not PII

The URL of the AWS S3 bucket where the recordings should be stored. We only support DNS-compliant URLs like https://documentation-example-twilio-bucket/recordings, where recordings is the path in which you want the recordings to be stored. This URL accepts only URI-valid characters, as described in the RFC 3986(link takes you to an external page).


AwsStorageEnabledtype: booleanNot PII

Whether all recordings should be written to the aws_s3_url. When false, all recordings are stored in our cloud.


EncryptionEnabledtype: booleanNot PII

Whether all recordings should be stored in an encrypted form. The default is false.

In the table above, the following parameters are reserved for the feature called External S3 Storage:

  • AwsCredentialsSid
  • AwsS3Url
  • AwsStorageEnabled

Enabling Encrypted Recordings

enable-encryption page anchor

The following code snippets illustrate how you can set Encryption in your Recordings settings:

Creates or updates the configuration to upload encrypted files

creates-or-updates-the-configuration-to-upload-encrypted-files page anchor
Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_14
// Download the helper library from https://www.twilio.com/docs/node/install
_14
// Find your Account SID and Auth Token at twilio.com/console
_14
// and set the environment variables. See http://twil.io/secure
_14
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_14
const authToken = process.env.TWILIO_AUTH_TOKEN;
_14
const client = require('twilio')(accountSid, authToken);
_14
_14
client.video.v1.recordingSettings()
_14
.create({
_14
encryptionEnabled: true,
_14
encryptionKeySid: 'CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX',
_14
friendlyName: 'Upload encrypted'
_14
})
_14
.then(recording_settings => console.log(recording_settings.friendlyName));

Output

_10
{
_10
"account_sid": "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"friendly_name": "Upload encrypted",
_10
"aws_credentials_sid": "CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"encryption_key_sid": "CRXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
_10
"aws_s3_url": "https://my-super-duper-bucket.s3.amazonaws.com/my/path/",
_10
"aws_storage_enabled": true,
_10
"encryption_enabled": true,
_10
"url": "https://video.twilio.com/v1/RecordingSettings/Default"
_10
}


Known Problems and Limitations

known-problems-and-limitations page anchor
  • If you activate Encryption in your account, you will not be able to use Compositions in such account given that Compositions require the source recordings to be stored unencrypted.

Rate this page: