Skip to contentSkip to navigationSkip to topbar
Twilio Docs
On this page

REST API: Secondary Auth Token

(warning)

Warning

If you are using Services or Functions(Classic) and have included your auth token directly instead of using a variable, you must wait for 1 minute for the update of your auth token to propagate. Otherwise, those functions and services will fail with a 403 Forbidden error.

Twilio uses the Account SID and Auth Token to authenticate API requests. The Auth Token can be rotated in the Console(link takes you to an external page) or with this API. There are two related endpoints, one to promote the secondary Auth Token and this one to create or delete the secondary Auth Token.

Secondary Auth Token properties

secondary-auth-token-properties page anchor
Property nameTypeRequiredDescriptionChild properties
account_sidSID<AC>Optional
Not PII

The SID of the Account that the secondary Auth Token was created for.

Pattern: ^AC[0-9a-fA-F]{32}$Min length: 34Max length: 34
date_createdstring<date-time>Optional
Not PII

The date and time in UTC when the resource was created specified in ISO 8601(link takes you to an external page) format.

date_updatedstring<date-time>Optional
Not PII

The date and time in UTC when the resource was last updated specified in ISO 8601(link takes you to an external page) format.

secondary_auth_tokenstringOptional
PII MTL: 0 days

The generated secondary Auth Token that can be used to authenticate future API requests.

urlstring<uri>Optional
Not PII

The URI for this resource, relative to https://accounts.twilio.com

Create a SecondaryAuthToken resource

create-a-secondaryauthtoken-resource page anchor
POST https://accounts.twilio.com/v1/AuthTokens/Secondary

Create a Secondary Auth TokenLink to code sample: Create a Secondary Auth Token
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function createSecondaryAuthToken() {

11
  const secondaryAuthToken = await client.accounts.v1

12
    .secondaryAuthToken()

13
    .create();

14


15
  console.log(secondaryAuthToken.accountSid);

16
}

17


18
createSecondaryAuthToken();

Output

1
{

2
  "account_sid": "ACaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",

3
  "date_created": "2015-07-31T04:00:00Z",

4
  "date_updated": "2015-07-31T04:00:00Z",

5
  "secondary_auth_token": "bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb",

6
  "url": "https://accounts.twilio.com/v1/AuthTokens/Secondary"

7
}

Delete a SecondaryAuthToken resource

delete-a-secondaryauthtoken-resource page anchor
DELETE https://accounts.twilio.com/v1/AuthTokens/Secondary

Delete the Secondary Auth TokenLink to code sample: Delete the Secondary Auth Token
1
// Download the helper library from https://www.twilio.com/docs/node/install

2
const twilio = require("twilio"); // Or, for ESM: import twilio from "twilio";

3


4
// Find your Account SID and Auth Token at twilio.com/console

5
// and set the environment variables. See http://twil.io/secure

6
const accountSid = process.env.TWILIO_ACCOUNT_SID;

7
const authToken = process.env.TWILIO_AUTH_TOKEN;

8
const client = twilio(accountSid, authToken);

9


10
async function deleteSecondaryAuthToken() {

11
  await client.accounts.v1.secondaryAuthToken().remove();

12
}

13


14
deleteSecondaryAuthToken();