REST API | Mar. 05, 2025
Update in the supported cipher suites in Twilio REST API endpoints
Effective March 6, 2025, the list of supported cipher suites has been updated in all REST API endpoints except for the following domains:
- api.twilio.com
- bulkexports.twilio.com
- content.twilio.com
- frontline-api.twilio.com
- handler.twilio.com
- lookups.twilio.com
- lookups-upload.twilio.com
- supersim.twilio.com
- twimlets.com
- verify.twilio.com
- wireless.twilio.com
The list of supported cipher suites on the domains shown above are now scheduled to be deployed on June 2, 2025.
Supported TLSv1.3 ciphers
- TLS_AES_128_GCM_SHA256
- TLS_AES_256_GCM_SHA384
- TLS_CHACHA20_POLY1305_SHA256
Supported ECDSA ciphers (TLSv1.2)
- ECDHE-ECDSA-AES128-GCM-SHA256
- ECDHE-ECDSA-AES128-SHA256
- ECDHE-ECDSA-AES256-GCM-SHA384
- ECDHE-ECDSA-CHACHA20-POLY1305
- ECDHE-ECDSA-AES256-SHA384
Supported RSA ciphers (TLSv1.2)
- ECDHE-RSA-AES128-GCM-SHA256
- ECDHE-RSA-AES128-SHA256
- ECDHE-RSA-AES256-GCM-SHA384
- ECDHE-RSA-CHACHA20-POLY1305
- ECDHE-RSA-AES256-SHA384
Test your configuration
The new security configuration is available on the testing domain ( https://tls-test.twilio.com ).
For more information on how to test the updated cipher list, we advise you to read https://help.twilio.com/articles/226478767-Monitoring-Updates-to-Twilio-REST-API-Security-Settings
Twilio Platform