Use the Key resource to create and manage Standard and Restricted API keys.
API keys represent the required credentials that you'll use to authenticate to Twilio's REST API and to create and revoke Access Tokens.
If your API key requires access to the /Accounts or /Accounts/{SID}/Keys endpoints, then you'll need to use a Main key. You can create Main keys only in the Twilio Console.
The API key types are: Main, Standard, and Restricted (public beta, Key resource v1 only). The following table describes each type.
| Key type | Access permissions | Create in Console | Create with REST API |
|---|---|---|---|
| Main | Full access to all Twilio API resources. Equivalent to using your Account SID and Auth Token for API requests. | Yes | No |
| Standard | Access to all Twilio API resources, except for API key and Account resources. | Yes | Yes |
| Restricted | Customized, fine-grained access to specific Twilio API resources. Learn more about Restricted API keys. | Yes | Yes (v1 only) |
The unique string that we created to identify the Key resource.
^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34The date and time in GMT that the resource was created specified in RFC 2822 format.
POST https://iam.twilio.com/v1/KeysTo create Standard API keys with the API, you must use one of the following credentials: your Account SID and Auth Token, a Main API key, or a Restricted API key with the permission for /twilio/iam/api-keys/create.
application/x-www-form-urlencodedThe SID of the Account that created the Payments resource.
^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34A descriptive string that you create to describe the resource. It can be up to 64 characters long.
The `KeyType` form parameter is used to specify the type of key you want to create.
Default Behavior: If `KeyType` is not specified, the API will generate a standard key.
Restricted Key: If `KeyType` is set to `restricted`, the API will create a new restricted key. In this case, a policy object is required to define the permissions.
restrictedThe `Policy` object is a collection that specifies the allowed Twilio permissions for the restricted key. For more information on the permissions available with restricted API keys, refer to the Twilio documentation.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function createNewKey() {11const newApiKey = await client.iam.v1.newApiKey.create({12accountSid: "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",13friendlyName: "Mario's API key",14});1516console.log(newApiKey.sid);17}1819createNewKey();
1{2"sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",3"friendly_name": "Mario's API key",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"secret": "foobar",7"policy": null8}
The response contains a sid property and a secret property. Store the secret in a secure location, because you won't be able to retrieve it again. Twilio uses the Key resource's sid and the secret as the credentials when making API requests.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function createNewKey() {11const newApiKey = await client.iam.v1.newApiKey.create({12accountSid: "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",13friendlyName: "Mario's API key",14keyType: "restricted",15policy: {16allow: ["/twilio/messaging/messages/read"],17},18});1920console.log(newApiKey.sid);21}2223createNewKey();
1{2"sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",3"friendly_name": "Mario's API key",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"secret": "foobar",7"policy": {8"allow": [9"/twilio/messaging/messages/read"10]11}12}
GET https://iam.twilio.com/v1/Keys/{Sid}Returns a representation of the API key.
For security reasons, Twilio returns the secret field only when the API key is first created and never includes the secret field when you fetch the resource. Your application should store the API key's SID and secret in a secure location to authenticate to the API.
The Twilio-provided string that uniquely identifies the Key resource to fetch.
^SK[0-9a-fA-F]{32}$Min length: 34Max length: 341// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function fetchKey() {11const apiKey = await client.iam.v112.apiKey("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1")13.fetch();1415console.log(apiKey.sid);16}1718fetchKey();
1{2"sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX1",3"friendly_name": "foo",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"policy": null7}
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function fetchKey() {11const apiKey = await client.iam.v112.apiKey("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2")13.fetch();1415console.log(apiKey.sid);16}1718fetchKey();
1{2"sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX2",3"friendly_name": "foo",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"policy": {7"allow": [8"/twilio/messaging/messages/read"9]10}11}
GET https://iam.twilio.com/v1/KeysReturns a list of API keys associated with a given Account, sorted by DateUpdated.
The list includes all API keys and paging information.
The SID of the Account that created the Payments resource.
^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34How many resources to return in each list page. The default is 50, and the maximum is 1000.
1Maximum: 1000The page token. This is provided by the API.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function listGetKeys() {11const getApiKeys = await client.iam.v1.getApiKeys.list({12accountSid: "ACXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",13limit: 20,14});1516getApiKeys.forEach((g) => console.log(g.sid));17}1819listGetKeys();
1{2"keys": [3{4"sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",5"friendly_name": "foo",6"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",7"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000"8},9{10"sid": "SKaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaab",11"friendly_name": "bar",12"date_created": "Mon, 13 Jun 2016 20:50:08 +0000",13"date_updated": "Mon, 13 Jun 2016 20:50:08 +0000"14}15],16"meta": {17"page": 0,18"page_size": 50,19"first_page_url": "https://iam.twilio.com/v1/Keys?AccountSid=ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&PageSize=50&Page=0",20"previous_page_url": null,21"url": "https://iam.twilio.com/v1/Keys?AccountSid=ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&PageSize=50&Page=0",22"next_page_url": null,23"key": "keys"24}25}
POST https://iam.twilio.com/v1/Keys/{Sid}The Twilio-provided string that uniquely identifies the Key resource to update.
^SK[0-9a-fA-F]{32}$Min length: 34Max length: 34application/x-www-form-urlencodedA descriptive string that you create to describe the resource. It can be up to 64 characters long.
The `Policy` object is a collection that specifies the allowed Twilio permissions for the restricted key. For more information on the permissions available with restricted API keys, refer to the Twilio documentation.
Attempts to update the fields of an API Key resource.
If successful, Twilio returns the updated resource representation. The response is identical to that of the fetch a Key resource endpoint.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function updateKey() {11const apiKey = await client.iam.v112.apiKey("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")13.update({ friendlyName: "friendly_name" });1415console.log(apiKey.sid);16}1718updateKey();
1{2"sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",3"friendly_name": "friendly_name",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"policy": null7}
The update request completely overwrites the existing policy associated with the original API key. You must include all the required permissions in the Policy object of an update request. To remove a specific permission while retaining others, include only the permissions that should be kept.
1// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function updateKey() {11const apiKey = await client.iam.v112.apiKey("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX")13.update({14friendlyName: "friendly_name",15policy: {16allow: [17"/twilio/messaging/messages/read",18"/twilio/messaging/messages/update",19],20},21});2223console.log(apiKey.sid);24}2526updateKey();
1{2"sid": "SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",3"friendly_name": "friendly_name",4"date_created": "Mon, 13 Jun 2016 22:50:08 +0000",5"date_updated": "Mon, 13 Jun 2016 22:50:08 +0000",6"policy": {7"allow": [8"/twilio/messaging/messages/read",9"/twilio/messaging/messages/update"10]11}12}
DELETE https://iam.twilio.com/v1/Keys/{Sid}Deletes an API key. Deleting an API key revokes the authorization to authenticate to the REST API and invalidates all Access Tokens generated using the API key's secret.
If the deletion is successful, Twilio returns an HTTP 204 response with no body.
The Twilio-provided string that uniquely identifies the Key resource to delete.
^SK[0-9a-fA-F]{32}$Min length: 34Max length: 341// Download the helper library from https://www.twilio.com/docs/node/install2const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";34// Find your Account SID and Auth Token at twilio.com/console5// and set the environment variables. See http://twil.io/secure6const accountSid = process.env.TWILIO_ACCOUNT_SID;7const authToken = process.env.TWILIO_AUTH_TOKEN;8const client = twilio(accountSid, authToken);910async function deleteKey() {11await client.iam.v1.apiKey("SKXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX").remove();12}1314deleteKey();