An icon of a right arrow Back

REST API | Mar. 05, 2025

Update in the supported cipher suites in Twilio REST API endpoints

Effective March 6, 2025, the list of supported cipher suites has been updated in all REST API endpoints except for the following domains:

  • api.twilio.com
  • bulkexports.twilio.com
  • content.twilio.com
  • frontline-api.twilio.com
  • handler.twilio.com
  • lookups.twilio.com
  • lookups-upload.twilio.com
  • supersim.twilio.com
  • twimlets.com
  • verify.twilio.com
  • wireless.twilio.com

The list of supported cipher suites on the domains shown above are now scheduled to be deployed on June 2, 2025.

Supported TLSv1.3 ciphers

  • TLS_AES_128_GCM_SHA256
  • TLS_AES_256_GCM_SHA384
  • TLS_CHACHA20_POLY1305_SHA256

Supported ECDSA ciphers (TLSv1.2)

  • ECDHE-ECDSA-AES128-GCM-SHA256
  • ECDHE-ECDSA-AES128-SHA256
  • ECDHE-ECDSA-AES256-GCM-SHA384
  • ECDHE-ECDSA-CHACHA20-POLY1305
  • ECDHE-ECDSA-AES256-SHA384

Supported RSA ciphers (TLSv1.2)

  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-RSA-AES128-SHA256
  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-RSA-CHACHA20-POLY1305
  • ECDHE-RSA-AES256-SHA384

Test your configuration

The new security configuration is available on the testing domain ( https://tls-test.twilio.com ). 

For more information on how to test the updated cipher list, we advise you to read https://help.twilio.com/articles/226478767-Monitoring-Updates-to-Twilio-REST-API-Security-Settings

 

Twilio Platform