20101: Invalid Access Token

The Access Token provided to the Twilio API was invalid.

Twilio Access Tokens are short-lived JWT credentials used to authenticate client-side SDKs for Voice, Conversations, Sync, and Video, with a maximum configurable lifetime of up to 24 hours.

• The value supplied is not a valid Twilio Access Token (for example, it is not a JWT with the required header and payload structure expected by Twilio Access Tokens).

• Regenerate a fresh Access Token on your server using your Account SID and an API Key/Secret, following the Access Token creation guide.
• Ensure the token header contains typ="JWT", alg="HS256", and cty="twilio-fpa;v=1".
• Verify the payload fields: iss must be the API Key SID used to sign the token and sub must be the Twilio Account SID the token is scoped to; include standard claims like jti, iat, and set exp within the allowed window.
• Keep tokens short-lived (maximum 24 hours) and generate them per-session as recommended.
• Include the product-specific grants required by your SDK. For example, Video requires an identity grant and a VideoGrant.
• Use the Twilio Console Debugger and Error Logs to inspect failing requests and review error details during troubleshooting.

• Access Tokens
• Debugging Your Twilio Application
• Debugging Tools