Skip to contentSkip to navigationSkip to topbar
Twilio Docs
Rate this page:
On this page

REST API: Secondary Auth Token

(warning)

Warning

If you are using Services or Functions(Classic) and have included your auth token directly instead of using a variable, you must wait for 1 minute for the update of your auth token to propagate. Otherwise, those functions and services will fail with a 403 Forbidden error.

Twilio uses the Account SID and Auth Token to authenticate API requests. The Auth Token can be rotated in the Console or with this API. There are two related endpoints, one to promote the secondary Auth Token and this one to create or delete the secondary Auth Token.

Secondary Auth Token properties

Property nameTypePIIDescription
account_sidSID<AC>
Not PII

The SID of the Account that the secondary Auth Token was created for.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34
date_createdstring<date-time>
Not PII

The date and time in UTC when the resource was created specified in ISO 8601 format.

date_updatedstring<date-time>
Not PII

The date and time in UTC when the resource was last updated specified in ISO 8601 format.

secondary_auth_tokenstring
PII MTL: 0 days

The generated secondary Auth Token that can be used to authenticate future API requests.

urlstring<uri>
Not PII

The URI for this resource, relative to https://accounts.twilio.com

Create a SecondaryAuthToken resource

POST https://accounts.twilio.com/v1/AuthTokens/Secondary

Create a Secondary Auth Token

Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_18
// Download the helper library from https://www.twilio.com/docs/node/install
_18
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
_18
_18
// Find your Account SID and Auth Token at twilio.com/console
_18
// and set the environment variables. See http://twil.io/secure
_18
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_18
const authToken = process.env.TWILIO_AUTH_TOKEN;
_18
const client = twilio(accountSid, authToken);
_18
_18
async function createSecondaryAuthToken() {
_18
const secondaryAuthToken = await client.accounts.v1
_18
.secondaryAuthToken()
_18
.create();
_18
_18
console.log(secondaryAuthToken.accountSid);
_18
}
_18
_18
createSecondaryAuthToken();

Output

_10
{
_10
"account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
_10
"date_created": "2015-07-31T04:00:00Z",
_10
"date_updated": "2015-07-31T04:00:00Z",
_10
"secondary_auth_token": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",
_10
"url": "https://accounts.twilio.com/v1/AuthTokens/Secondary"
_10
}

Delete a SecondaryAuthToken resource

DELETE https://accounts.twilio.com/v1/AuthTokens/Secondary

Delete the Secondary Auth Token

Node.js
Python
C#
Java
Go
PHP
Ruby
twilio-cli
curl

_14
// Download the helper library from https://www.twilio.com/docs/node/install
_14
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";
_14
_14
// Find your Account SID and Auth Token at twilio.com/console
_14
// and set the environment variables. See http://twil.io/secure
_14
const accountSid = process.env.TWILIO_ACCOUNT_SID;
_14
const authToken = process.env.TWILIO_AUTH_TOKEN;
_14
const client = twilio(accountSid, authToken);
_14
_14
async function deleteSecondaryAuthToken() {
_14
await client.accounts.v1.secondaryAuthToken().remove();
_14
}
_14
_14
deleteSecondaryAuthToken();

Rate this page: