Skip to contentSkip to navigationSkip to topbar
Twilio Docs
Page tools
On this page
Looking for more inspiration?Visit the

Manage Regional API Credentials

Since each Twilio Region operates independently of other Regions, Twilio API credentials are a Region-specific resource. This means that any given Auth Token or API Key is only valid for the Twilio Region in which it was created. So, for example, in order to make API requests to the IE1 Region, the requests must use an Auth token or API Key that was created specifically for the IE1 region. Attempting to use credentials for another Region will result in an authentication failure.

This guide provides instructions for managing Region-specific API credentials using the Twilio Console or REST API.

Manage API credentials using Twilio Console

manage-api-credentials-using-twilio-console page anchor

To find your Auth Token and API Keys for a given Region in Twilio Console, navigate to the Keys & Credentials page:

  1. Log in to the Twilio Console(link takes you to an external page).
  2. Click the Account menu in the upper right corner of the screen.
  3. Click API keys & tokens , under the Keys & Credentials heading.

The page displays your credentials for one Region at a time. To select which Region is displayed, find the Region select menu in the upper right-hand corner of the page.

To find your account's Auth Token for the currently selected Region, click the eyeball-shaped icon at the bottom of the box labeled "Live Credentials," near the bottom of the page.

(warning)

Warning

API Keys are the preferred way to authenticate with Twilio APIs. You should only use your Auth Token for operations that cannot be accomplished with an API Key. Check out this blog post(link takes you to an external page) to learn more about authentication methods.

To create an API Key, click the Create API key button, enter a friendly name, and select a desired Region for the key.

(warning)

Warning

When creating an API Key, always be sure to record the new API Key's SID and secret. The secret is only displayed once, when you first create the Key, and cannot be reviewed later.

To change the friendly name of an API Key, click on the friendly name or SID of the Key to view the Key's details page. Update the Friendly Name field, and click Save .

To delete an API Key, click on the friendly name or SID of the Key to view the Key's details page. Click the link titled Delete this API Key , near the bottom of the page.

Manage API credentials using the Twilio CLI

manage-api-credentials-using-the-twilio-cli page anchor

The Twilio CLI provides a streamlined way to create profiles with region-specific credentials. When you create a regional profile, the CLI automatically generates an API Key using your region-specific Auth Token and stores both the region and edge location in the profile.

Creating a regional profile

creating-a-regional-profile page anchor

To create a regional profile with the CLI, use the twilio login command (or twilio profiles:create) with both --region and --edge flags:

Australia Region (AU1):

twilio login --region au1 --edge sydney

Ireland Region (IE1):

twilio login --region ie1 --edge dublin

Japan Region (JP1):

twilio login --region jp1 --edge tokyo
(warning)

Warning

When creating a regional profile, you must specify both --region and --edge flags together. The CLI will prompt you for your Account SID and region-specific Auth Token.

What happens during profile creation

what-happens-during-profile-creation page anchor

When you run twilio login with regional flags:

  1. The CLI prompts you for your Account SID and Auth Token.
  2. It validates that you're using the correct region-specific credentials.
  3. It creates an API Key in that region using your Auth Token.
  4. It stores the API Key SID, secret, region, and edge in your profile.
  5. Your Auth Token is discarded and not stored locally.

All subsequent CLI commands using this profile will automatically use the correct regional endpoint.

Using region-specific credentials

using-region-specific-credentials page anchor

Each Twilio Region has its own set of Auth Tokens that are different from your default (US1) Auth Token. When creating a regional profile, you must use the Auth Token specific to that region.

To find your region-specific Auth Token in the Console:

  1. Log in to the Twilio Console(link takes you to an external page) and navigate to API keys & tokens(link takes you to an external page).
  2. In the Region dropdown, select your target region.
  3. In the Live credentials section, click the eye icon to view the Auth Token for that region.
(information)

Info

Attempting to use a US1 Auth Token when creating an AU1, IE1, or JP1 profile will result in authentication failure with Error 20003. Always use the Auth Token from the correct region.

Switching between regional profiles

switching-between-regional-profiles page anchor

Once you've created regional profiles, you can easily switch between them:

1
# List all profiles (shows which is active)

2
twilio profiles:list

3


4
# Switch to Ireland profile

5
twilio profiles:use ireland-prod

6


7
# Or specify a profile for a single command

8
twilio api:core:accounts:fetch -p australia-prod

For more information on managing profiles, see Profiles.

Manage API credentials using the Twilio REST API

manage-api-credentials-using-the-twilio-rest-api page anchor

As an alternative to managing API credentials using the Console, you can use the REST API's Accounts and Keys resources.

Control which Region your API requests target by including the target Region name in your requests' hostnames, as described in our guide to using the REST API in non-US1 Regions.

For example, to create an API Key in the IE1 Region, first find your account's IE1 Auth Token, and use that credential to make a request to the Keys create endpoint in IE1:

1
curl -u $ACCOUNT_SID:$AUTH_TOKEN \

2
  https://api.dublin.ie1.twilio.com/2010-04-01/Accounts/$ACCOUNT_SID/Keys.json \

3
  --data-urlencode FriendlyName="ie1 API Key"