51117: Twilsock: Invalid access token signature
ERROR
Twilsock rejected the Access Token because the token signature is invalid. This usually means the token was not signed with the correct API Key Secret, the token was modified after it was created, or the token is malformed.
- The Access Token was signed with the wrong API Key Secret.
- The Access Token was generated with an API Key SID and Secret that do not belong to the same Twilio account or subaccount.
- The token payload or header was changed after the token was signed.
- The token is truncated, malformed, or otherwise not a valid JWT.
- Your application is sending an old token value, a copied partial token, or a token from a different environment such as test, staging, or production.
- Generate a new Access Token and sign it with the correct API Key Secret for the account or subaccount that issues the token.
- Verify that the API Key SID used to create the token matches the Secret used to sign it.
- Make sure your application sends the complete token string without trimming, reformatting, or modifying any characters.
- Confirm that the token was created for the same Twilio account context used by your client application.
- If you manage tokens in multiple environments, check that your client is using the current token for the correct environment.
- Decode the token to inspect its header and payload, then regenerate it from your server if the signature does not validate.
- Review how you create Access Tokens for your Twilio SDK client and update your server-side token generation flow as needed.