On this page

Create API keys in the Twilio Console

You can create and manage all of your API keys in the Twilio Console. To create and manage API keys using the REST API, refer to Key resource v1.

API keys represent the required credentials that you'll use to authenticate to Twilio's REST API and to create and revoke Access Tokens.

(information)

Info

If your API key requires access to the /Accounts or /Accounts/{SID}/Keys endpoints, then you'll need to use a Main key. You can create Main keys only in the Twilio Console.

Types of keys

The API key types are: Main, Standard, and Restricted (public beta, Key resource v1 only). The following table describes each type.

Key type	Access permissions	Create in Console	Create with REST API
Main	Full access to all Twilio API resources. Equivalent to using your Account SID and Auth Token for API requests.	Yes	No
Standard	Access to all Twilio API resources, except for API key and Account resources.	Yes	Yes
Restricted	Customized, fine-grained access to specific Twilio API resources. Learn more about Restricted API keys.	Yes	Yes (v1 only)

Create an API key in the Twilio Console

Click Admin > Account management in the top right corner.
Under Keys & credentials, click API keys & tokens (or go directly to the Console).
On the API keys & tokens page, click Create API key.
On the Create new API key page, enter a Friendly name for the API key.
Select the Region and the key type: Standard, Main, or Restricted. Restricted API keys are only available in the United States Region.
For Restricted keys, select the Permissions to grant.
Click Create.
On the Copy secret key page, Copy the secret and store it somewhere secure.
Select the Got it! checkbox and click Done.

Duplicate a Restricted API key in the Twilio Console

Restricted API keys can have complex permissions. You can save time by duplicating a Restricted API key as a starting point for a new key.

Click Admin > Account management in the top right corner.
Under Keys & credentials, click API keys & tokens (or go directly to the Console).
On the API keys & tokens page, find the key to duplicate and then in the Actions column, click Duplicate key.
Make changes to the fields and Permissions as needed.
Click Create.
On the Copy secret key page, Copy the secret and store it somewhere secure.
Select the Got it! checkbox and click Done.

Update an API key in the Twilio Console

For Standard and Main API keys, you can update only the Friendly name. For Restricted keys, you can update the Friendly name and the Permissions.

Click Admin > Account management in the top right corner.
Under Keys & credentials, click API keys & tokens (or follow this link to the Console).
On the API keys & tokens page, click the name of the API key to update.
On the API key's page, update the Friendly name or the Permissions to grant (Restricted keys only).
Click Save, then click Save again on the confirmation pop-up.

Delete an API key in the Twilio Console

If you no longer use an API key or if a key has been compromised, then you can revoke the key's permissions by deleting the API key.

Click Admin > Account management in the top right corner.
Under Keys & credentials, click API keys & tokens (or follow this link to the Console).
On the API keys & tokens page, click the name of the API key to delete.
On the API key's page, click Delete this API key at the bottom of the page.
In the pop-up, click Delete this API key to confirm deletion.