Skip to contentSkip to navigationSkip to topbar
Rate this page:

Media Security



This documentation is for reference only. We are no longer onboarding new customers to Programmable Video. Existing customers can continue to use the product until December 5, 2026(link takes you to an external page).

We recommend migrating your application to the API provided by our preferred video partner, Zoom. We've prepared this migration guide(link takes you to an external page) to assist you in minimizing any service disruption.

Twilio Programmable Video is based on the open standard WebRTC protocol. The security architecture is described here(link takes you to an external page) and the protocols used include TLS, DTLS and SRTP. All communication between a Programmable Video client and the Twilio cloud is encrypted.

In the case of Group Rooms each participant has its own private key exchanged with the media server using DTLS 1.2/SRTP. All media published to or subscribed from the Room is transported through this secure connection. The encryption key exchange uses a technique known as Perfect Forward Secrecy (PFS). In the case of P2P Rooms and WebRTC Go Rooms the private key is exchanged directly with the remote peer.

In cases where TLS is required to establish the media path only TLS 1.2 is supported. The following is the supported cipher suite:


Rate this page: