This page describes the steps to perform the necessary checks since Twilio Endpoints are not secured.

By default, Twilio Endpoints are not secured.

Twilio is offering a signature-based method of validating that requests are indeed coming from Twilio. https://www.twilio.com/docs/usage/security#validating-requests

In order to implement these, you can access the request headers inside an Input Transformer and perform the necessary checks in there.

A working example can be found on our Github repository.


Comments

0 comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful